youthlic/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: Change nix formatter to alejandra

Browse source
This commit is contained in:
ulic-youthlic 2025-11-09 06:25:03 +08:00
parent 0b8b647f05
commit b4c3dfec42
Signed by: youthlic
GPG key ID: 63E86C3C14A0D721
229 changed files with 2528 additions and 2884 deletions
Download patch file Download diff file Expand all files Collapse all files

7
nixos/configurations/Akun/default.nix
View file

@ -4,8 +4,7 @@
lib,
outputs,
...
}:
{
}: {
imports =
(with inputs.nixos-hardware.nixosModules; [
common-cpu-intel
@ -76,11 +75,11 @@
kernelPackages = pkgs.linuxPackages_cachyos;
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
kernelParams = [ "i915.enable_guc=2" ];
kernelParams = ["i915.enable_guc=2"];
};
nix = {
settings = {
system-features = [ "gccarch-skylake" ];
system-features = ["gccarch-skylake"];
};
};
hardware = {

2
nixos/configurations/Akun/disk-config.nix
View file

@ -49,7 +49,7 @@
];
content = {
type = "btrfs";
extraArgs = [ "-f" ];
extraArgs = ["-f"];
subvolumes = {
"@root" = {
mountpoint = "/";

3
nixos/configurations/Akun/gui.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
youthlic.gui = {
enabled = "niri";
};

9
nixos/configurations/Akun/hardware-configuration.nix
View file

@ -7,8 +7,7 @@
pkgs,
modulesPath,
...
}:
{
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
@ -21,9 +20,9 @@
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

3
nixos/configurations/Akun/networking.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
systemd.network = {
enable = true;
wait-online.enable = false;

3
nixos/configurations/Akun/stylix.nix
View file

@ -2,8 +2,7 @@
pkgs,
rootPath,
...
}:
{
}: {
stylix = {
enable = true;
image = rootPath + "/assets/wallpaper/01.png";

3
nixos/configurations/Akun/users/default.nix
View file

@ -2,8 +2,7 @@
lib,
pkgs,
...
}:
{
}: {
users = {
mutableUsers = true;
users.david = {

14
nixos/configurations/Cape/default.nix
View file

@ -3,12 +3,12 @@
lib,
outputs,
...
}:
{
imports = [
outputs.nixosModules.default
]
++ (lib.youthlic.loadImports ./.);
}: {
imports =
[
outputs.nixosModules.default
]
++ (lib.youthlic.loadImports ./.);
youthlic = {
home-manager = {
@ -72,7 +72,7 @@
};
nix = {
settings = {
system-features = [ "gccarch-ivybridge" ];
system-features = ["gccarch-ivybridge"];
};
};

2
nixos/configurations/Cape/disko-config.nix
View file

@ -15,7 +15,7 @@
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
extraArgs = ["-f"];
subvolumes = {
"@root" = {
mountpoint = "/";

5
nixos/configurations/Cape/forgejo.nix
View file

@ -1,12 +1,11 @@
{ config, ... }:
{
{config, ...}: {
youthlic.containers.forgejo = {
enable = true;
domain = "forgejo.youthlic.social";
sshPort = 2222;
httpPort = 8480;
};
networking.firewall.allowedTCPPorts = [ 2222 ];
networking.firewall.allowedTCPPorts = [2222];
services.caddy.virtualHosts = {
"forgejo.${config.youthlic.programs.caddy.baseDomain}" = {
extraConfig = ''

9
nixos/configurations/Cape/hardware-configuration.nix
View file

@ -7,8 +7,7 @@
pkgs,
modulesPath,
...
}:
{
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
@ -20,9 +19,9 @@
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

3
nixos/configurations/Cape/miniflux.nix
View file

@ -1,5 +1,4 @@
{ config, ... }:
{
{config, ...}: {
sops.secrets."miniflux" = {
};
youthlic.containers.miniflux = {

3
nixos/configurations/Cape/networking.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
systemd.network = {
enable = true;
wait-online.enable = true;

5
nixos/configurations/Cape/radicle.nix
View file

@ -1,6 +1,5 @@
{ config, ... }:
{
sops.secrets."ssh-private-key/radicle/Cape" = { };
{config, ...}: {
sops.secrets."ssh-private-key/radicle/Cape" = {};
youthlic.programs.radicle = {
enable = true;
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbQrJNWcWsFncTX4w/hkhz6zPNwHrTjA+6lnq5dmu/s radicle";

3
nixos/configurations/Cape/stylix.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
stylix = {
enable = false;
};

3
nixos/configurations/Cape/users/default.nix
View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
users.users.alice = {
initialHashedPassword = "$y$j9T$eS5zCi4W.4IPpf3P8Tb/o1$xhumXY1.PJKmTguNi/zlljLbLemNGiubWoUEc878S36";
isNormalUser = true;

5
nixos/configurations/Tytonidae/default.nix
View file

@ -4,8 +4,7 @@
inputs,
outputs,
...
}:
{
}: {
imports =
(with inputs.nixos-hardware.nixosModules; [
common-hidpi
@ -18,7 +17,7 @@
++ (with outputs; [
nixosModules.gui
])
++ [ inputs.lanzaboote.nixosModules.lanzaboote ]
++ [inputs.lanzaboote.nixosModules.lanzaboote]
++ (lib.youthlic.loadImports ./.);
youthlic = {

3
nixos/configurations/Tytonidae/disk-config.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
disko.devices = {
disk = {
disk1 = {

3
nixos/configurations/Tytonidae/gui.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
youthlic.gui = {
enabled = "niri";
};

9
nixos/configurations/Tytonidae/hardware-configuration.nix
View file

@ -7,8 +7,7 @@
pkgs,
modulesPath,
...
}:
{
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
@ -20,9 +19,9 @@
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

65
nixos/configurations/Tytonidae/hardware.nix
View file

@ -3,8 +3,7 @@
lib,
config,
...
}:
{
}: {
nixpkgs.config.cudaSupport = true;
services = {
hardware.bolt.enable = true;
@ -16,13 +15,13 @@
};
nix = {
settings = {
system-features = [ "gccarch-alderlake" ];
system-features = ["gccarch-alderlake"];
};
};
hardware = {
openrazer = {
enable = true;
users = [ "david" ];
users = ["david"];
};
graphics.package = pkgs.mesa_git;
intelgpu = {
@ -40,7 +39,7 @@
};
};
boot = {
extraModulePackages = with config.boot.kernelPackages; [ ddcci-driver ];
extraModulePackages = with config.boot.kernelPackages; [ddcci-driver];
kernelModules = [
"ddcci"
"ddcci-backlight"
@ -56,38 +55,36 @@
};
systemd.services."ddcci@" = {
description = "ddcci handler";
after = [ "graphical.target" ];
before = [ "shutdown.target" ];
conflicts = [ "shutdown.target" ];
after = ["graphical.target"];
before = ["shutdown.target"];
conflicts = ["shutdown.target"];
serviceConfig = {
Type = "oneshot";
ExecStart =
let
script = pkgs.writeShellApplication {
name = "ddcci-handler";
runtimeInputs = with pkgs; [
coreutils
ddcutil
];
text = ''
echo Trying to attach ddcci to "$1"
success=0
i=0
id=$(echo "$1" | cut -d "-" -f 2)
while ((success < 1)) && ((i++ < 5)); do
if ddcutil getvcp 10 -b "$id"; then
if echo ddcci 0x37 > "/sys/bus/i2c/devices/$1/new_device"; then
success=1
echo ddcci attached to "$1"
fi
ExecStart = let
script = pkgs.writeShellApplication {
name = "ddcci-handler";
runtimeInputs = with pkgs; [
coreutils
ddcutil
];
text = ''
echo Trying to attach ddcci to "$1"
success=0
i=0
id=$(echo "$1" | cut -d "-" -f 2)
while ((success < 1)) && ((i++ < 5)); do
if ddcutil getvcp 10 -b "$id"; then
if echo ddcci 0x37 > "/sys/bus/i2c/devices/$1/new_device"; then
success=1
echo ddcci attached to "$1"
fi
echo "Try $i"
sleep 1;
done
'';
};
in
"${lib.getExe' script "ddcci-handler"} %i";
fi
echo "Try $i"
sleep 1;
done
'';
};
in "${lib.getExe' script "ddcci-handler"} %i";
};
};
services.udev.extraRules = ''

3
nixos/configurations/Tytonidae/networking.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
systemd.network = {
enable = true;
wait-online.enable = false;

3
nixos/configurations/Tytonidae/specialisation/cosmic.nix
View file

@ -1,5 +1,4 @@
{ lib, ... }:
{
{lib, ...}: {
config.specialisation.cosmic = {
inheritParentConfig = true;
configuration = {

3
nixos/configurations/Tytonidae/specialisation/kde.nix
View file

@ -1,5 +1,4 @@
{ lib, ... }:
{
{lib, ...}: {
config.specialisation.kde = {
inheritParentConfig = true;
configuration = {

5
nixos/configurations/Tytonidae/specialisation/niri-hybrid.nix
View file

@ -2,12 +2,11 @@
inputs,
lib,
...
}:
{
}: {
config.specialisation.niri-hybrid = {
inheritParentConfig = true;
configuration = {
imports = [ inputs.nixos-hardware.nixosModules.common-gpu-nvidia ];
imports = [inputs.nixos-hardware.nixosModules.common-gpu-nvidia];
hardware.nvidia.prime.reverseSync.enable = lib.mkForce false;
};
};

3
nixos/configurations/Tytonidae/stylix.nix
View file

@ -2,8 +2,7 @@
pkgs,
rootPath,
...
}:
{
}: {
stylix = {
enable = true;
image = rootPath + "/assets/wallpaper/01.png";

3
nixos/configurations/Tytonidae/users/default.nix
View file

@ -2,8 +2,7 @@
lib,
pkgs,
...
}:
{
}: {
users.users.david = {
initialHashedPassword = "$y$j9T$eS5zCi4W.4IPpf3P8Tb/o1$xhumXY1.PJKmTguNi/zlljLbLemNGiubWoUEc878S36";
isNormalUser = true;

6
nixos/modules/containers/default.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.containers;
in
{
in {
imports = lib.youthlic.loadImports ./.;
options = {
youthlic.containers = {

106
nixos/modules/containers/forgejo.nix
View file

@ -3,11 +3,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.containers.forgejo;
in
{
in {
options = {
youthlic.containers.forgejo = {
enable = lib.mkEnableOption "forgejo container";
@ -56,64 +54,62 @@ in
}
];
config =
{ lib, ... }:
{
imports = [
./../programs/forgejo.nix
./../programs/postgresql.nix
];
config = {lib, ...}: {
imports = [
./../programs/forgejo.nix
./../programs/postgresql.nix
];
nixpkgs.pkgs = pkgs;
nixpkgs.pkgs = pkgs;
systemd.tmpfiles.rules = [
"d /var/lib/forgejo 770 forgejo forgejo -"
"d /var/lib/postgresql 770 postgres postgres -"
];
systemd.tmpfiles.rules = [
"d /var/lib/forgejo 770 forgejo forgejo -"
"d /var/lib/postgresql 770 postgres postgres -"
];
youthlic.programs = {
forgejo = {
enable = true;
domain = cfg.domain;
sshPort = cfg.sshPort;
httpPort = cfg.httpPort;
database = {
user = "forgejo";
};
};
postgresql = {
enable = true;
database = "forgejo";
auth_method = "peer";
version = "17";
youthlic.programs = {
forgejo = {
enable = true;
domain = cfg.domain;
sshPort = cfg.sshPort;
httpPort = cfg.httpPort;
database = {
user = "forgejo";
};
};
systemd.services.forgejo = {
wants = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
wantedBy = [ "default.target" ];
postgresql = {
enable = true;
database = "forgejo";
auth_method = "peer";
version = "17";
};
networking = {
defaultGateway = "192.168.111.1";
firewall = {
enable = true;
allowedTCPPorts = [
cfg.httpPort
cfg.sshPort
];
allowedUDPPorts = [
cfg.httpPort
cfg.sshPort
];
};
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
system.stateVersion = "24.11";
};
systemd.services.forgejo = {
wants = ["postgresql.service"];
requires = ["postgresql.service"];
after = ["postgresql.service"];
wantedBy = ["default.target"];
};
networking = {
defaultGateway = "192.168.111.1";
firewall = {
enable = true;
allowedTCPPorts = [
cfg.httpPort
cfg.sshPort
];
allowedUDPPorts = [
cfg.httpPort
cfg.sshPort
];
};
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
system.stateVersion = "24.11";
};
};
};
}

92
nixos/modules/containers/miniflux.nix
View file

@ -3,11 +3,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.containers.miniflux;
in
{
in {
options = {
youthlic.containers.miniflux = {
enable = lib.mkEnableOption "miniflux container";
@ -38,57 +36,55 @@ in
};
};
config =
{ lib, ... }:
{
imports = [
./../programs/miniflux.nix
./../programs/postgresql.nix
];
config = {lib, ...}: {
imports = [
./../programs/miniflux.nix
./../programs/postgresql.nix
];
nixpkgs.pkgs = pkgs;
nixpkgs.pkgs = pkgs;
systemd.tmpfiles.rules = [
"d /var/lib/miniflux 770 miniflux miniflux -"
"d /var/lib/postgresql 770 postgres postgres -"
"d /run/secrets 770 root miniflux -"
];
systemd.tmpfiles.rules = [
"d /var/lib/miniflux 770 miniflux miniflux -"
"d /var/lib/postgresql 770 postgres postgres -"
"d /run/secrets 770 root miniflux -"
];
youthlic.programs = {
miniflux = {
enable = true;
database = {
user = "miniflux";
};
adminCredentialsFile = cfg.adminCredentialsFile;
};
postgresql = {
enable = true;
database = "miniflux";
auth_method = "peer";
version = "17";
youthlic.programs = {
miniflux = {
enable = true;
database = {
user = "miniflux";
};
adminCredentialsFile = cfg.adminCredentialsFile;
};
systemd.services.miniflux = {
wants = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
wantedBy = [ "default.target" ];
postgresql = {
enable = true;
database = "miniflux";
auth_method = "peer";
version = "17";
};
networking = {
defaultGateway = "192.168.111.1";
firewall = {
enable = true;
allowedTCPPorts = [ 8485 ];
allowedUDPPorts = [ 8485 ];
};
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
system.stateVersion = "24.11";
};
systemd.services.miniflux = {
wants = ["postgresql.service"];
requires = ["postgresql.service"];
after = ["postgresql.service"];
wantedBy = ["default.target"];
};
networking = {
defaultGateway = "192.168.111.1";
firewall = {
enable = true;
allowedTCPPorts = [8485];
allowedUDPPorts = [8485];
};
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
system.stateVersion = "24.11";
};
};
};
}

6
nixos/modules/default.nix
View file

@ -1,6 +1,4 @@
{ lib, ... }:
{
imports =
with lib;
{lib, ...}: {
imports = with lib;
youthlic.loadImports' ./. (filter (name: !hasSuffix "/top-level" (toString name)));
}

6
nixos/modules/deploy/default.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.users.deploy;
in
{
in {
options = {
youthlic.users.deploy = {
enable = lib.mkEnableOption "deploy";

141
nixos/modules/documentation.nix
View file

@ -21,15 +21,14 @@ lib.mkMerge [
inherit (pkgs.writers) writeFish;
cfg = config.documentation.man.man-db;
cachePath = "/var/cache/man/nixos";
in
{
in {
documentation.man.generateCaches = false;
systemd.services."man-db" = {
requires = [ "sysinit-reactivation.target" ];
after = [ "sysinit-reactivation.target" ];
partOf = [ "sysinit-reactivation.target" ];
wantedBy = [ "default.target" ];
requires = ["sysinit-reactivation.target"];
after = ["sysinit-reactivation.target"];
partOf = ["sysinit-reactivation.target"];
wantedBy = ["default.target"];
path = [
cfg.package
pkgs.gawk
@ -41,77 +40,77 @@ lib.mkMerge [
IOSchedulingPrioriry = 7;
ExecStart =
writeFish "mandbsvc" # fish
''
set -l SystemManLoc "/run/current-system/sw/share/man"
set -l ContentRecord "${cachePath}/man-db-state"
''
set -l SystemManLoc "/run/current-system/sw/share/man"
set -l ContentRecord "${cachePath}/man-db-state"
if [ ! -d "${cachePath}" ]
mkdir -pv "${cachePath}" || exit 1
end
if [ ! -d "${cachePath}" ]
mkdir -pv "${cachePath}" || exit 1
end
if [ ! -f "$ContentRecord" ]
touch "$ContentRecord" || exit 1
end
# 1) Collect list of all manpage files and calculate hashes
# of them
#
# man1/ls.1.gz
# man3/func.3.gz
#
# hash ->
#
# bbbbbbbbbbbb (man1/ls.1.gz)
# aaaaaaaaaaaa (man3/func.3.gz)
set -l hashes "$(
find -L "$SystemManLoc" -type f -iname "*.gz" \
-exec sha256sum "{}" "+" \
| awk '{ print $1 }'
or exit 1
)"
if [ ! -f "$ContentRecord" ]
touch "$ContentRecord" || exit 1
end
# 1) Collect list of all manpage files and calculate hashes
# of them
#
# man1/ls.1.gz
# man3/func.3.gz
#
# hash ->
#
# bbbbbbbbbbbb (man1/ls.1.gz)
# aaaaaaaaaaaa (man3/func.3.gz)
set -l hashes "$(
find -L "$SystemManLoc" -type f -iname "*.gz" \
-exec sha256sum "{}" "+" \
| awk '{ print $1 }'
or exit 1
)"
# 2) Sort the hashes to make them "stable",
# and then join them toghther into a big long string,
# and then hash this big string to get the hash of the directory
#
# bbbbbbbbbbbb
# aaaaaaaaaaaa
#
# sort ->
#
# aaaaaaaaaaaa
# bbbbbbbbbbbb
#
# join ->
#
# aaaaaaaaaaaabbbbbbbbbbbb
#
# hash ->
#
# cccccccccccc
set -l ultimate_hash (
echo $hashes \
| sort \
| string join "" \
| sha256sum - \
| awk '{ print $1 }'
or exit 1
)
# 2) Sort the hashes to make them "stable",
# and then join them toghther into a big long string,
# and then hash this big string to get the hash of the directory
#
# bbbbbbbbbbbb
# aaaaaaaaaaaa
#
# sort ->
#
# aaaaaaaaaaaa
# bbbbbbbbbbbb
#
# join ->
#
# aaaaaaaaaaaabbbbbbbbbbbb
#
# hash ->
#
# cccccccccccc
set -l ultimate_hash (
echo $hashes \
| sort \
| string join "" \
| sha256sum - \
| awk '{ print $1 }'
or exit 1
)
set -l old_hash "$( string collect < "$ContentRecord" )"
set -l old_hash "$( string collect < "$ContentRecord" )"
echo "Old hash: $old_hash"
echo "New hash: $ultimate_hash"
echo "Old hash: $old_hash"
echo "New hash: $ultimate_hash"
if [ "$old_hash" != "$ultimate_hash" ]
echo "Hash changed, do a full man-db rebuild"
mandb -psc || exit 1
echo "Write new hash"
echo "$ultimate_hash" > "$ContentRecord"
else
echo "Hash not changed, skip"
end
'';
if [ "$old_hash" != "$ultimate_hash" ]
echo "Hash changed, do a full man-db rebuild"
mandb -psc || exit 1
echo "Write new hash"
echo "$ultimate_hash" > "$ContentRecord"
else
echo "Hash not changed, skip"
end
'';
};
};

6
nixos/modules/gui/cosmic.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.gui;
in
{
in {
config = lib.mkIf (cfg.enabled == "cosmic") {
services = {
desktopManager.cosmic = {

6
nixos/modules/gui/default.nix
View file

@ -3,11 +3,9 @@
lib,
pkgs,
...
}:
let
}: let
cfg = config.youthlic.gui;
in
{
in {
imports = with lib; youthlic.loadImports ./.;
options = {
youthlic.gui = {

6
nixos/modules/gui/kde.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.gui;
in
{
in {
config = lib.mkIf (cfg.enabled == "kde") {
# Fix stylix bug
qt.platformTheme = lib.mkForce "kde";

12
nixos/modules/gui/niri.nix
View file

@ -3,11 +3,9 @@
lib,
pkgs,
...
}:
let
}: let
cfg = config.youthlic.gui;
in
{
in {
options = {
youthlic.gui.niri = {
};
@ -20,7 +18,7 @@ in
# Enabled to support trash of nautilus
services.gvfs.enable = true;
environment = {
pathsToLink = [ "share/thumbnailers" ];
pathsToLink = ["share/thumbnailers"];
systemPackages = with pkgs; [
nautilus
nautilus-open-any-terminal
@ -38,7 +36,7 @@ in
terminal-exec = {
enable = true;
settings = {
default = [ "com.mitchellh.ghostty.desktop" ];
default = ["com.mitchellh.ghostty.desktop"];
};
};
mime = {
@ -70,7 +68,7 @@ in
"firefox-beta.desktop"
"chromium-browser.desktop"
];
"x-scheme-handler/tg" = [ "telegramdesktop.desktop" ];
"x-scheme-handler/tg" = ["telegramdesktop.desktop"];
"x-scheme-handler/unknown" = [
"firefox-beta.desktop"
"chromium-browser.desktop"

6
nixos/modules/hardware.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.hardware;
in
{
in {
options = {
youthlic.hardware = {
asus = {

19
nixos/modules/home.nix
View file

@ -6,8 +6,7 @@
pkgs,
rootPath,
...
}:
{
}: {
options.youthlic.home-manager = {
enable = lib.mkOption {
type = lib.types.bool;
@ -33,19 +32,17 @@
'';
};
};
config =
let
cfg = config.youthlic.home-manager;
unixName = cfg.unixName;
hostName = cfg.hostName;
in
config = let
cfg = config.youthlic.home-manager;
unixName = cfg.unixName;
hostName = cfg.hostName;
in
lib.mkIf cfg.enable {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users."${cfg.unixName}" = (
{ ... }:
{
{...}: {
imports = [
outputs.homeModules."${unixName}"
(rootPath + "/home/${unixName}/configurations/${hostName}")
@ -58,7 +55,7 @@
inherit (pkgs) system;
};
backupFileExtension = "backup";
sharedModules = [ outputs.homeModules.default ];
sharedModules = [outputs.homeModules.default];
};
};
}

6
nixos/modules/i18n.nix
View file

@ -3,11 +3,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.i18n;
in
{
in {
options = {
youthlic.i18n = {
enable = lib.mkEnableOption "zh env";

55
nixos/modules/nix.nix
View file

@ -5,24 +5,21 @@
pkgs,
lib,
...
}:
{
}: {
config = {
environment.etc =
with lib;
environment.etc = with lib;
pipe inputs [
(mapAttrs' (
name: value:
lib.nameValuePair "nix/inputs/${name}" {
source = value;
}
lib.nameValuePair "nix/inputs/${name}" {
source = value;
}
))
];
nixpkgs = {
config = {
allowUnfree = true;
allowInsecurePredicate =
p:
allowInsecurePredicate = p:
builtins.elem (lib.getName p) [
# for neochat
"olm"
@ -30,22 +27,25 @@
"immersive-translate"
];
packageOverrides = p: {
kdePackages = p.kdePackages // {
inherit
((import inputs.nixpkgs-455083 {
localSystem = {
inherit (pkgs.stdenv.hostPlatform) system;
};
config = {
allowUnfree = true;
allowInsecurePredicate = p: builtins.elem (lib.getName p) [ "olm" ];
};
}).kdePackages
)
neochat
;
};
intel-vaapi-driver = p.intel-vaapi-driver.override { enableHybridCodec = true; };
kdePackages =
p.kdePackages
// {
inherit
(
(import inputs.nixpkgs-455083 {
localSystem = {
inherit (pkgs.stdenv.hostPlatform) system;
};
config = {
allowUnfree = true;
allowInsecurePredicate = p: builtins.elem (lib.getName p) ["olm"];
};
}).kdePackages
)
neochat
;
};
intel-vaapi-driver = p.intel-vaapi-driver.override {enableHybridCodec = true;};
onnxruntime = p.onnxruntime.override {
cudaSupport = false;
ncclSupport = false;
@ -57,7 +57,7 @@
mode = "0444";
};
nix = {
nixPath = [ "/etc/nix/inputs" ];
nixPath = ["/etc/nix/inputs"];
extraOptions = ''
!include ${config.sops.secrets."access-tokens".path}
'';
@ -84,8 +84,7 @@
builders-use-substitutes = true;
};
package = pkgs.nix;
registry =
with lib;
registry = with lib;
pipe inputs [
(filterAttrs (name: _value: name != "nixpkgs"))
(mapAttrs (

6
nixos/modules/programs/asusd.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.asusd;
in
{
in {
options = {
youthlic.programs.asusd = {
enable = lib.mkEnableOption "asusd";

6
nixos/modules/programs/bash.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.bash;
in
{
in {
options = {
youthlic.programs.bash = {
enable = lib.mkEnableOption "bash";

6
nixos/modules/programs/caddy/OuterWildsTextAdventure.nix
View file

@ -3,12 +3,10 @@
lib,
pkgs,
...
}:
let
}: let
cfg = config.youthlic.programs.caddy.outer-wilds-text-adventure;
caddy-cfg = config.youthlic.programs.caddy;
in
{
in {
options = {
youthlic.programs.caddy.outer-wilds-text-adventure = {
enable = lib.mkEnableOption "caddy.OuterWildsTextAdventure";

8
nixos/modules/programs/caddy/default.nix
View file

@ -2,11 +2,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.caddy;
in
{
in {
imports = lib.youthlic.loadImports ./.;
options = {
youthlic.programs.caddy = {
@ -22,7 +20,7 @@ in
enable = true;
};
networking.firewall = {
allowedTCPPorts = [ 443 ];
allowedTCPPorts = [443];
};
};
}

6
nixos/modules/programs/caddy/garage.nix
View file

@ -2,12 +2,10 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.caddy.garage;
caddy-cfg = config.youthlic.programs.caddy;
in
{
in {
options = {
youthlic.programs.caddy.garage = {
enable = lib.mkEnableOption "caddy.garage";

6
nixos/modules/programs/caddy/radicle-explorer.nix
View file

@ -3,12 +3,10 @@
lib,
pkgs,
...
}:
let
}: let
cfg = config.youthlic.programs.caddy.radicle-explorer;
caddy-cfg = config.youthlic.programs.caddy;
in
{
in {
options = {
youthlic.programs.caddy.radicle-explorer = {
enable = lib.mkEnableOption "caddy.radicle-explorer";

196
nixos/modules/programs/dae/default.nix
View file

@ -4,11 +4,9 @@
pkgs,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.dae;
in
{
in {
options = {
youthlic.programs.dae = {
enable = lib.mkEnableOption "dae";
@ -29,108 +27,106 @@ in
mode = "0444";
sopsFile = rootPath + "/secrets/general.yaml";
};
systemd.services =
let
update = ''
head="user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36"
new_proxy=/etc/dae/proxy.d.new
num=0
check=1
urls="$(cat ${config.sops.secrets.url.path})"
mkdir -p ''${new_proxy}
for url in ''${urls}; do
txt=''${new_proxy}/''${num}.txt
config="''${new_proxy}/''${num}.dae"
echo \'curl -LH \""''${head}"\" \""''${url}"\" -o \""''${txt}"\"\'
curl -LH "''${head}" "''${url}" -o "''${txt}"
echo End curl
echo "" > ''${config}
{
echo 'subscription {'
echo \ \ wget:\ \"file://proxy.d_''${num}.txt\"
echo "}"
} >> ''${config}
if [[ ! -s ''${txt} ]]; then
check=0
fi
chmod 0640 ''${txt}
chmod 0640 ''${config}
num=$((num+1))
if [[ ''${check} -eq 0 ]]; then
echo "''${txt}" is empty
exit 103
fi
done
if [[ -d /etc/dae/proxy.d ]]; then
rm -rf /etc/proxy.d.old
mv /etc/dae/proxy.d /etc/dae/proxy.d.old
systemd.services = let
update = ''
head="user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36"
new_proxy=/etc/dae/proxy.d.new
num=0
check=1
urls="$(cat ${config.sops.secrets.url.path})"
mkdir -p ''${new_proxy}
for url in ''${urls}; do
txt=''${new_proxy}/''${num}.txt
config="''${new_proxy}/''${num}.dae"
echo \'curl -LH \""''${head}"\" \""''${url}"\" -o \""''${txt}"\"\'
curl -LH "''${head}" "''${url}" -o "''${txt}"
echo End curl
echo "" > ''${config}
{
echo 'subscription {'
echo \ \ wget:\ \"file://proxy.d_''${num}.txt\"
echo "}"
} >> ''${config}
if [[ ! -s ''${txt} ]]; then
check=0
fi
mv ''${new_proxy} /etc/dae/proxy.d
'';
updateScript = pkgs.writeShellApplication {
name = "update.sh";
runtimeInputs = with pkgs; [
coreutils
curl
];
text = ''
mkdir -p /etc/proxy.d
if [ -z "$(ls -A /etc/dae/proxy.d 2>/dev/null)" ]; then
echo "No subscription file found in /etc/dae/proxy.d. Update now..."
${update}
else
echo "Found existing subscription files. Skipping immediate update."
fi
'';
};
updateForceScript = pkgs.writeShellApplication {
name = "update-force.sh";
runtimeInputs = with pkgs; [
coreutils
curl
];
text = ''
chmod 0640 ''${txt}
chmod 0640 ''${config}
num=$((num+1))
if [[ ''${check} -eq 0 ]]; then
echo "''${txt}" is empty
exit 103
fi
done
if [[ -d /etc/dae/proxy.d ]]; then
rm -rf /etc/proxy.d.old
mv /etc/dae/proxy.d /etc/dae/proxy.d.old
fi
mv ''${new_proxy} /etc/dae/proxy.d
'';
updateScript = pkgs.writeShellApplication {
name = "update.sh";
runtimeInputs = with pkgs; [
coreutils
curl
];
text = ''
mkdir -p /etc/proxy.d
if [ -z "$(ls -A /etc/dae/proxy.d 2>/dev/null)" ]; then
echo "No subscription file found in /etc/dae/proxy.d. Update now..."
${update}
'';
else
echo "Found existing subscription files. Skipping immediate update."
fi
'';
};
updateForceScript = pkgs.writeShellApplication {
name = "update-force.sh";
runtimeInputs = with pkgs; [
coreutils
curl
];
text = ''
${update}
'';
};
in {
"update-dae-subscription-immediate" = {
after = ["network-online.target"];
wants = ["network-online.target"];
before = ["dae.service"];
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStart = [
"${updateScript}/bin/update.sh"
];
};
in
{
"update-dae-subscription-immediate" = {
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
before = [ "dae.service" ];
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStart = [
"${updateScript}/bin/update.sh"
];
};
wantedBy = [ "multi-user.target" ];
};
"update-dae-subscription-force" = {
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStartPre = [
"-${pkgs.systemd}/bin/systemctl stop dae.service"
];
ExecStartPost = [
"-${pkgs.systemd}/bin/systemctl start dae.service"
];
ExecStart = [
"${updateForceScript}/bin/update-force.sh"
];
};
};
dae = {
serviceConfig.LoadCredential = [
"proxy.d:/etc/dae/proxy.d"
"local.d:/etc/dae/local.d"
wantedBy = ["multi-user.target"];
};
"update-dae-subscription-force" = {
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStartPre = [
"-${pkgs.systemd}/bin/systemctl stop dae.service"
];
ExecStartPost = [
"-${pkgs.systemd}/bin/systemctl start dae.service"
];
ExecStart = [
"${updateForceScript}/bin/update-force.sh"
];
};
};
dae = {
serviceConfig.LoadCredential = [
"proxy.d:/etc/dae/proxy.d"
"local.d:/etc/dae/local.d"
];
};
};
})
(lib.mkIf (cfg.enable && config.youthlic.programs.juicity.client.enable) {
environment.etc."dae/local.d/0.dae" = {

20
nixos/modules/programs/emacs.nix
View file

@ -3,11 +3,9 @@
lib,
pkgs,
...
}:
let
}: let
cfg = config.youthlic.programs.emacs;
in
{
in {
options = {
youthlic.programs.emacs = {
enable = lib.mkEnableOption "emacs";
@ -17,14 +15,14 @@ in
services.emacs = {
enable = true;
install = true;
package =
with pkgs;
package = with pkgs;
(emacsPackagesFor emacs-pgtk).emacsWithPackages (
p: with p; [
vterm
evil
gruvbox-theme
]
p:
with p; [
vterm
evil
gruvbox-theme
]
);
};
};

22
nixos/modules/programs/forgejo.nix
View file

@ -3,11 +3,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.forgejo;
in
{
in {
options = {
youthlic.programs.forgejo = {
enable = lib.mkEnableOption "forgejo";
@ -93,15 +91,15 @@ in
let
caddy-cfg = config.youthlic.programs.caddy;
in
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"forgejo.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:${cfg.httpPort}
'';
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"forgejo.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:${cfg.httpPort}
'';
};
};
};
}
}
)
];
}

6
nixos/modules/programs/garage.nix
View file

@ -3,11 +3,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.garage;
in
{
in {
options = {
youthlic.programs.garage = {
enable = lib.mkEnableOption "garage";

15
nixos/modules/programs/guix.nix
View file

@ -3,11 +3,9 @@
config,
options,
...
}:
let
}: let
cfg = config.youthlic.programs.guix;
in
{
in {
options = {
youthlic.programs.guix = {
enable = lib.mkEnableOption "guix";
@ -20,10 +18,11 @@ in
enable = true;
dates = "weekly";
};
substituters.urls = [
"https://mirror.sjtu.edu.cn/guix/"
]
++ options.services.guix.substituters.urls.default;
substituters.urls =
[
"https://mirror.sjtu.edu.cn/guix/"
]
++ options.services.guix.substituters.urls.default;
};
};
}

20
nixos/modules/programs/juicity/default.nix
View file

@ -3,11 +3,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.juicity;
in
{
in {
imports = lib.youthlic.loadImports ./.;
options = {
youthlic.programs.juicity = {
@ -21,12 +19,12 @@ in
};
config = lib.mkMerge [
(lib.mkIf cfg.client.enable {
users.groups.juicity.members = [ "root" ];
users.groups.juicity.members = ["root"];
sops = {
secrets = {
"juicity/serverIp" = { };
"juicity/sni" = { };
"juicity/certchainSha256" = { };
"juicity/serverIp" = {};
"juicity/sni" = {};
"juicity/certchainSha256" = {};
};
templates."juicity-client-config.json" = {
group = "juicity";
@ -56,7 +54,7 @@ in
};
})
(lib.mkIf cfg.server.enable {
users.groups.juicity.members = [ "root" ];
users.groups.juicity.members = ["root"];
sops = {
secrets = {
"juicity/certificate" = {
@ -96,8 +94,8 @@ in
})
(lib.mkIf (cfg.server.enable || cfg.client.enable) {
sops.secrets = {
"juicity/uuid" = { };
"juicity/password" = { };
"juicity/uuid" = {};
"juicity/password" = {};
};
})
];

34
nixos/modules/programs/juicity/template.nix
View file

@ -3,27 +3,23 @@
lib,
pkgs,
...
}:
let
}: let
cfg = config.services.juicity;
settingsFormat = pkgs.formats.json { };
settingsFormat = pkgs.formats.json {};
clientConfigFile =
if (cfg.client.configFile != null) then
cfg.client.configFile
else
settingsFormat cfg.client.settings;
if (cfg.client.configFile != null)
then cfg.client.configFile
else settingsFormat cfg.client.settings;
serverConfigFile =
if (cfg.server.configFile != null) then
cfg.server.configFile
else
settingsFormat cfg.server.settings;
in
{
if (cfg.server.configFile != null)
then cfg.server.configFile
else settingsFormat cfg.server.settings;
in {
options = {
services.juicity = {
client = {
enable = lib.mkEnableOption "juicity-client";
package = lib.mkPackageOption pkgs "juicity" { };
package = lib.mkPackageOption pkgs "juicity" {};
group = lib.mkOption {
type = lib.types.nullOr lib.types.str;
example = "juicity";
@ -31,7 +27,7 @@ in
};
settings = lib.mkOption {
type = settingsFormat.type;
default = { };
default = {};
example = {
listen = ":1000";
server = "112.32.62.11:23182";
@ -59,7 +55,7 @@ in
};
allowedOpenFirewallPorts = lib.mkOption {
type = lib.types.nullOr (lib.types.listOf lib.types.port);
example = [ 23182 ];
example = [23182];
default = null;
description = ''
the ports should be open
@ -68,7 +64,7 @@ in
};
server = {
enable = lib.mkEnableOption "juicity-server";
package = lib.mkPackageOption pkgs "juicity" { };
package = lib.mkPackageOption pkgs "juicity" {};
group = lib.mkOption {
type = lib.types.nullOr lib.types.str;
example = "juicity";
@ -76,7 +72,7 @@ in
};
settings = lib.mkOption {
type = settingsFormat.type;
default = { };
default = {};
description = ''
Juicity server configuration, for configuration options
see example of [server](https://github.com/juicity/juicity/blob/main/install/example-server.json) on github.
@ -104,7 +100,7 @@ in
};
allowedOpenFirewallPorts = lib.mkOption {
type = lib.types.nullOr (lib.types.listOf lib.types.port);
example = [ 23182 ];
example = [23182];
default = null;
description = ''
the ports should be open

8
nixos/modules/programs/kanata/default.nix
View file

@ -3,18 +3,16 @@
lib,
pkgs,
...
}:
let
}: let
cfg = config.youthlic.programs.kanata;
in
{
in {
options = {
youthlic.programs.kanata = {
enable = lib.mkEnableOption "kanata";
};
};
config = lib.mkIf cfg.enable {
boot.kernelModules = [ "uinput" ];
boot.kernelModules = ["uinput"];
hardware.uinput.enable = true;
services.kanata = {
enable = true;

8
nixos/modules/programs/matrix-tuwunel.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.matrix-tuwunel;
in
{
in {
options = {
youthlic.programs.matrix-tuwunel = {
enable = lib.mkEnableOption "tuwunel";
@ -28,7 +26,7 @@ in
enable = true;
settings = {
global = {
port = [ 8481 ];
port = [8481];
address = [
"0.0.0.0"
"::"

10
nixos/modules/programs/mautrix-telegram.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.mautrix-telegram;
in
{
in {
options = {
youthlic.programs.mautrix-telegram = {
enable = lib.mkEnableOption "mautrix-telegram";
@ -21,11 +19,11 @@ in
'';
}
];
sops.secrets.matrix-telegram-bot = { };
sops.secrets.matrix-telegram-bot = {};
services.mautrix-telegram = {
enable = true;
environmentFile = "${config.sops.secrets.matrix-telegram-bot.path}";
serviceDependencies = [ "tuwunel.service" ];
serviceDependencies = ["tuwunel.service"];
settings = {
bridge = {
displayname_template = "{displayname} | Telegram";

6
nixos/modules/programs/miniflux.nix
View file

@ -2,11 +2,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.miniflux;
in
{
in {
options = {
youthlic.programs.miniflux = {
enable = lib.mkEnableOption "miniflux";

6
nixos/modules/programs/minio.nix
View file

@ -2,11 +2,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.minio;
in
{
in {
options = {
youthlic.programs.minio = {
enable = lib.mkEnableOption "minio";

3
nixos/modules/programs/nh.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
config = {
programs.nh = {
enable = true;

6
nixos/modules/programs/nix-ld.nix
View file

@ -3,11 +3,9 @@
lib,
pkgs,
...
}:
let
}: let
cfg = config.youthlic.programs.nix-ld;
in
{
in {
options = {
youthlic.programs.nix-ld = {
enable = lib.mkEnableOption "nix-ld";

6
nixos/modules/programs/obs.nix
View file

@ -3,11 +3,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.obs;
in
{
in {
options = {
youthlic.programs.obs = {
enable = lib.mkEnableOption "obs";

22
nixos/modules/programs/open-webui.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.open-webui;
in
{
in {
options = {
youthlic.programs.open-webui = {
enable = lib.mkEnableOption "open-webui";
@ -27,15 +25,15 @@ in
let
caddy-cfg = config.youthlic.programs.caddy;
in
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"open-webui.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:8083
'';
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"open-webui.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:8083
'';
};
};
};
}
}
)
];
}

8
nixos/modules/programs/openssh.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.openssh;
in
{
in {
options = {
youthlic.programs.openssh = {
enable = lib.mkEnableOption "openssh";
@ -46,7 +44,7 @@ in
"diffie-hellman-group-exchange-sha256"
];
};
ports = [ 3022 ];
ports = [3022];
};
};
}

6
nixos/modules/programs/owncast.nix
View file

@ -2,11 +2,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.owncast;
in
{
in {
options = {
youthlic.programs.owncast = {
enable = lib.mkEnableOption "owncast";

8
nixos/modules/programs/postgresql.nix
View file

@ -3,11 +3,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.postgresql;
in
{
in {
options = {
youthlic.programs.postgresql = {
enable = lib.mkEnableOption "postgresql";
@ -29,7 +27,7 @@ in
# default socket: /var/lib/postgresql
services.postgresql = {
enable = true;
ensureDatabases = [ cfg.database ];
ensureDatabases = [cfg.database];
ensureUsers = [
{
name = "${cfg.database}";

12
nixos/modules/programs/radicle.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.radicle;
in
{
in {
options = {
youthlic.programs.radicle = {
enable = lib.mkEnableOption "radicle";
@ -54,7 +52,7 @@ in
filters = [
{
And = [
{ HasFile = ".radicle/native.yaml"; }
{HasFile = ".radicle/native.yaml";}
{
Or = [
"DefaultBranch"
@ -96,11 +94,11 @@ in
};
node = {
alias = cfg.domain;
listen = [ ];
listen = [];
peers = {
type = "dynamic";
};
connect = [ ];
connect = [];
externalAddresses = [
"${cfg.domain}:8776"
];

6
nixos/modules/programs/rustypaste/default.nix
View file

@ -2,11 +2,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.rustypaste;
in
{
in {
imports = lib.youthlic.loadImports ./.;
options = {

18
nixos/modules/programs/rustypaste/template.nix
View file

@ -3,20 +3,18 @@
lib,
config,
...
}:
let
}: let
cfg = config.services.rustypaste;
settingsFormat = pkgs.formats.toml { };
settingsFormat = pkgs.formats.toml {};
configFile = settingsFormat.generate "rustypaste-config.toml" cfg.settings;
in
{
in {
options = {
services.rustypaste = {
enable = lib.mkEnableOption "rustypaste";
package = lib.mkPackageOption pkgs "rustypaste" { };
package = lib.mkPackageOption pkgs "rustypaste" {};
settings = lib.mkOption {
type = settingsFormat.type;
default = { };
default = {};
description = ''
Rustypaste configuration
'';
@ -63,7 +61,7 @@ in
isSystemUser = true;
};
groups = lib.optionalAttrs (cfg.group == "rustypaste") {
rustypaste = { };
rustypaste = {};
};
};
systemd.services.rustypaste = {
@ -88,8 +86,8 @@ in
Type = "simple";
Restart = "on-failure";
Home = "/var/lib/rustypaste";
ReadWritePaths = [ "/var/lib/rustypaste" ];
StateDirectory = [ "rustypaste" ];
ReadWritePaths = ["/var/lib/rustypaste"];
StateDirectory = ["rustypaste"];
ExecStart = ''
${lib.getExe cfg.package}
'';

6
nixos/modules/programs/steam.nix
View file

@ -3,11 +3,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.steam;
in
{
in {
options = {
youthlic.programs.steam = {
enable = lib.mkEnableOption "steam";

6
nixos/modules/programs/supergfxd.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.supergfxd;
in
{
in {
options = {
youthlic.programs.supergfxd = {
enable = lib.mkEnableOption "supergfxd";

6
nixos/modules/programs/tailscale.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.tailscale;
in
{
in {
options = {
youthlic.programs.tailscale = {
enable = lib.mkEnableOption "tailscale";

6
nixos/modules/programs/transfer-sh.nix
View file

@ -2,11 +2,9 @@
lib,
config,
...
}:
let
}: let
cfg = config.youthlic.programs.transfer-sh;
in
{
in {
options = {
youthlic.programs.transfer-sh = {
enable = lib.mkEnableOption "transfer.sh";

32
nixos/modules/programs/transmission.nix
View file

@ -4,11 +4,9 @@
lib,
rootPath,
...
}:
let
}: let
cfg = config.youthlic.programs.transmission;
in
{
in {
options = {
youthlic.programs.transmission = {
enable = lib.mkEnableOption "transmission";
@ -42,21 +40,21 @@ in
let
caddy-cfg = config.youthlic.programs.caddy;
in
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.transmission = {
openRPCPort = lib.mkForce false;
settings = {
rpc-bind-address = lib.mkForce "127.0.0.1";
lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.transmission = {
openRPCPort = lib.mkForce false;
settings = {
rpc-bind-address = lib.mkForce "127.0.0.1";
};
};
};
services.caddy.virtualHosts = {
"transmission.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:9091
'';
services.caddy.virtualHosts = {
"transmission.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy 127.0.0.1:9091
'';
};
};
};
}
}
)
];
}

6
nixos/modules/programs/wshowkeys.nix
View file

@ -2,11 +2,9 @@
config,
lib,
...
}:
let
}: let
cfg = config.youthlic.programs.wshowkeys;
in
{
in {
options = {
youthlic.programs.wshowkeys = {
enable = lib.mkEnableOption "wshowkeys";

5
nixos/modules/sops.nix
View file

@ -1,10 +1,9 @@
{ rootPath, ... }:
{
{rootPath, ...}: {
config = {
sops.defaultSopsFile = rootPath + "/secrets/general.yaml";
sops.age = {
keyFile = "/var/sops/key.txt";
sshKeyPaths = [ ];
sshKeyPaths = [];
generateKey = false;
};
};

3
nixos/modules/top-level/default.nix
View file

@ -3,8 +3,7 @@
inputs,
outputs,
...
}:
{
}: {
imports = with inputs; [
home-manager.nixosModules.home-manager
sops-nix.nixosModules.sops

16
nixos/modules/top-level/gui.nix
View file

@ -1,9 +1,9 @@
{ inputs, ... }:
{
imports = [
./.
]
++ (with inputs; [
niri-flake.nixosModules.niri
]);
{inputs, ...}: {
imports =
[
./.
]
++ (with inputs; [
niri-flake.nixosModules.niri
]);
}

10
nixos/modules/virtualisation/kvm.nix
View file

@ -3,11 +3,9 @@
lib,
pkgs,
...
}:
let
}: let
cfg = config.youthlic.virtualisation.kvm;
in
{
in {
options = {
youthlic.virtualisation.kvm = {
enable = lib.mkEnableOption "kvm";
@ -24,11 +22,11 @@ in
programs.virt-manager = {
enable = true;
};
users.groups.libvirtd.members = [ cfg.unixName ];
users.groups.libvirtd.members = [cfg.unixName];
virtualisation = {
libvirtd = {
enable = true;
qemu.vhostUserPackages = with pkgs; [ virtiofsd ];
qemu.vhostUserPackages = with pkgs; [virtiofsd];
};
spiceUSBRedirection = {
enable = true;

8
nixos/modules/virtualisation/waydroid.nix
View file

@ -3,11 +3,9 @@
config,
pkgs,
...
}:
let
}: let
cfg = config.youthlic.virtualisation.waydroid;
in
{
in {
options = {
youthlic.virtualisation.waydroid = {
enable = lib.mkEnableOption "waydroid";
@ -17,6 +15,6 @@ in
virtualisation.waydroid = {
enable = true;
};
environment.systemPackages = [ pkgs.nur.repos.ataraxiasjel.waydroid-script ];
environment.systemPackages = [pkgs.nur.repos.ataraxiasjel.waydroid-script];
};
}