diff --git a/flake.nix b/flake.nix index 95584a4..96c3c79 100644 --- a/flake.nix +++ b/flake.nix @@ -45,11 +45,6 @@ "x86_64-darwin" "aarch64-darwin" ]; - perSystem = - { pkgs, ... }: - { - formatter = pkgs.nixfmt-tree; - }; imports = [ (inputs.import-tree ./modules/top) (inputs.import-tree ./modules/hosts) diff --git a/modules/features/editor-neovim-package.nix b/modules/features/editor-neovim-package.nix index 16e9daa..169db28 100644 --- a/modules/features/editor-neovim-package.nix +++ b/modules/features/editor-neovim-package.nix @@ -1,11 +1,8 @@ { ... }: { config.dendritic.features.editor-neovim.homeModules = [ - ( - { pkgs, ... }: - { - home.packages = with pkgs; [ neovim ]; - } - ) + ({ pkgs, ... }: { + home.packages = with pkgs; [ neovim ]; + }) ]; } diff --git a/modules/features/nvim.nix b/modules/features/nvim.nix index 115a4de..3a63c58 100644 --- a/modules/features/nvim.nix +++ b/modules/features/nvim.nix @@ -1,98 +1,95 @@ { inputs, ... }: { config.dendritic.features.editor-neovim.homeModules = [ - ( - { pkgs, lib, ... }: - { - imports = [ - inputs.nvf.homeManagerModules.default - ../home/programs/neovim/options.nix - ../home/programs/neovim/languages.nix - ../home/programs/neovim/picker.nix - ../home/programs/neovim/snacks.nix - ../home/programs/neovim/keymaps.nix - ../home/programs/neovim/utils.nix - ../home/programs/neovim/mini.nix + ({ pkgs, lib, ... }: { + imports = [ + inputs.nvf.homeManagerModules.default + ../home/programs/neovim/options.nix + ../home/programs/neovim/languages.nix + ../home/programs/neovim/picker.nix + ../home/programs/neovim/snacks.nix + ../home/programs/neovim/keymaps.nix + ../home/programs/neovim/utils.nix + ../home/programs/neovim/mini.nix + ]; + + programs.nvf = { + enable = true; + + settings.vim = { + startPlugins = with pkgs; [ + vimPlugins.grug-far-nvim + vimPlugins.image-nvim + vimPlugins.vim-hoogle + vimPlugins.telescope_hoogle + vimPlugins.zk-nvim + vimPlugins.cyberdream-nvim + vimPlugins.octo-nvim + ]; + + luaConfigRC.colorscheme = '' + vim.cmd.colorscheme("cyberdream-light") + ''; + + luaConfigRC.zk_nvim = '' + local ok, zk = pcall(require, "zk") + if not ok then return end + + zk.setup({ + picker = "select", + lsp = { + config = { + name = "zk", + cmd = { "zk", "lsp" }, + filetypes = { "markdown" }, + }, + auto_attach = { enabled = true }, + }, + }) + ''; + }; + + settings.vim.augroups = [ + { name = "SwiftSetup"; } ]; - programs.nvf = { - enable = true; - - settings.vim = { - startPlugins = with pkgs; [ - vimPlugins.grug-far-nvim - vimPlugins.image-nvim - vimPlugins.vim-hoogle - vimPlugins.telescope_hoogle - vimPlugins.zk-nvim - vimPlugins.cyberdream-nvim - vimPlugins.octo-nvim - ]; - - luaConfigRC.colorscheme = '' - vim.cmd.colorscheme("cyberdream-light") - ''; - - luaConfigRC.zk_nvim = '' - local ok, zk = pcall(require, "zk") - if not ok then return end - - zk.setup({ - picker = "select", - lsp = { - config = { - name = "zk", - cmd = { "zk", "lsp" }, - filetypes = { "markdown" }, - }, - auto_attach = { enabled = true }, - }, - }) - ''; - }; - - settings.vim.augroups = [ - { name = "SwiftSetup"; } - ]; - - settings.vim.autocmds = [ - { - event = [ "FileType" ]; - pattern = [ "swift" ]; - group = "SwiftSetup"; - desc = "Start sourcekit-lsp for Swift files"; - callback = lib.generators.mkLuaInline '' - function() - local lspconfig = require("lspconfig") - for _, client in pairs(vim.lsp.get_active_clients()) do - if client.name == "sourcekit" then return end - end - lspconfig.sourcekit.setup({ - cmd = { "sourcekit-lsp" }, - filetypes = { "swift", "swiftpm" }, - root_dir = lspconfig.util.root_pattern("Package.swift", ".git"), - }) + settings.vim.autocmds = [ + { + event = [ "FileType" ]; + pattern = [ "swift" ]; + group = "SwiftSetup"; + desc = "Start sourcekit-lsp for Swift files"; + callback = lib.generators.mkLuaInline '' + function() + local lspconfig = require("lspconfig") + for _, client in pairs(vim.lsp.get_active_clients()) do + if client.name == "sourcekit" then return end end - ''; - } + lspconfig.sourcekit.setup({ + cmd = { "sourcekit-lsp" }, + filetypes = { "swift", "swiftpm" }, + root_dir = lspconfig.util.root_pattern("Package.swift", ".git"), + }) + end + ''; + } - { - event = [ "BufWritePost" ]; - pattern = [ "*.swift" ]; - group = "SwiftSetup"; - desc = "Format Swift files on save"; - callback = lib.generators.mkLuaInline '' - function() - if vim.fn.executable("swift-format") == 1 then - vim.cmd("silent! noautocmd !swift-format -i %") - vim.cmd("checktime") - end + { + event = [ "BufWritePost" ]; + pattern = [ "*.swift" ]; + group = "SwiftSetup"; + desc = "Format Swift files on save"; + callback = lib.generators.mkLuaInline '' + function() + if vim.fn.executable("swift-format") == 1 then + vim.cmd("silent! noautocmd !swift-format -i %") + vim.cmd("checktime") end - ''; - } - ]; - }; - } - ) + end + ''; + } + ]; + }; + }) ]; } diff --git a/modules/features/programs/cli/cli-programs.nix b/modules/features/programs/cli/cli-programs.nix index 0194424..3ba36b3 100644 --- a/modules/features/programs/cli/cli-programs.nix +++ b/modules/features/programs/cli/cli-programs.nix @@ -11,7 +11,6 @@ home.packages = with pkgs; [ vhs - libqalculate ]; } ) diff --git a/modules/features/programs/cli/cli-tmux.nix b/modules/features/programs/cli/cli-tmux.nix index e581091..57fbf40 100644 --- a/modules/features/programs/cli/cli-tmux.nix +++ b/modules/features/programs/cli/cli-tmux.nix @@ -79,7 +79,7 @@ bind -N "⌘+^+t join pane" J join-pane -t 1 bind -N "⌘+e editor" E new-window -S -n 'πŸ“' 'nvim +GoToFile' - bind -N "⌘+g jjui" g new-window -S -n '🌳' 'jjui' + bind -N "⌘+g lazyjj" g new-window -S -n '🌳' 'lazyjj' bind -N "⌘+⇧+Q kill current session" Q kill-session bind -N "⌘+⇧+T break pane" B break-pane @@ -116,7 +116,7 @@ fzf fd zoxide - jjui + lazyjj ]; programs.zsh = { diff --git a/modules/features/secrets-sops.nix b/modules/features/secrets-sops.nix index a2938f9..8850b21 100644 --- a/modules/features/secrets-sops.nix +++ b/modules/features/secrets-sops.nix @@ -2,39 +2,33 @@ { config.dendritic.features = { secrets-home-sops.homeModules = [ - ( - { inputs, config, ... }: - { - imports = [ - inputs.sops-nix.homeModules.sops - ]; + ({ inputs, config, ... }: { + imports = [ + inputs.sops-nix.homeModules.sops + ]; - sops.defaultSopsFile = ../../secrets/users/${config.dendritic.current.primaryUser}.yaml; - sops.defaultSopsFormat = "yaml"; - sops.age.keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt"; + sops.defaultSopsFile = ../../secrets/users/${config.dendritic.current.primaryUser}.yaml; + sops.defaultSopsFormat = "yaml"; + sops.age.keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt"; - sops.secrets."user/test" = { - path = ".config/secrets/test"; - }; - } - ) + sops.secrets."user/test" = { + path = ".config/secrets/test"; + }; + }) ]; secrets-system-sops.nixosModules = [ - ( - { inputs, config, ... }: - { - imports = [ - inputs.sops-nix.nixosModules.sops - ]; + ({ inputs, config, ... }: { + imports = [ + inputs.sops-nix.nixosModules.sops + ]; - sops.defaultSopsFile = ../../secrets/hosts/${config.dendritic.current.hostName}.yaml; - sops.defaultSopsFormat = "yaml"; - sops.age.keyFile = "/home/${config.dendritic.current.primaryUser}/.config/sops/age/keys.txt"; + sops.defaultSopsFile = ../../secrets/hosts/${config.dendritic.current.hostName}.yaml; + sops.defaultSopsFormat = "yaml"; + sops.age.keyFile = "/home/${config.dendritic.current.primaryUser}/.config/sops/age/keys.txt"; - sops.secrets."system/example" = { }; - } - ) + sops.secrets."system/example" = { }; + }) ]; }; } diff --git a/modules/home/devenv.nix b/modules/home/devenv.nix index d47ae74..d0f8e6f 100644 --- a/modules/home/devenv.nix +++ b/modules/home/devenv.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { home.packages = with pkgs; [ cachix devenv diff --git a/modules/home/programs/atuin.nix b/modules/home/programs/atuin.nix index b959c36..0ade0ff 100644 --- a/modules/home/programs/atuin.nix +++ b/modules/home/programs/atuin.nix @@ -1,6 +1,5 @@ # ✨ Magical shell history -{ ... }: -{ +{...}: { programs.atuin = { enable = true; flags = [ diff --git a/modules/home/programs/bat.nix b/modules/home/programs/bat.nix index 5b9e4b4..f53b995 100644 --- a/modules/home/programs/bat.nix +++ b/modules/home/programs/bat.nix @@ -1,6 +1,5 @@ # A cat clone with syntax highlighting and Git integration. -{ ... }: -{ +{...}: { programs.bat = { enable = true; }; diff --git a/modules/home/programs/broot.nix b/modules/home/programs/broot.nix index ebf9f39..bc473a5 100644 --- a/modules/home/programs/broot.nix +++ b/modules/home/programs/broot.nix @@ -1,6 +1,5 @@ # An interactive treeview directory navigator -{ ... }: -{ +{...}: { programs.broot = { enable = true; enableZshIntegration = true; diff --git a/modules/home/programs/btop.nix b/modules/home/programs/btop.nix index dcd59ed..4857256 100644 --- a/modules/home/programs/btop.nix +++ b/modules/home/programs/btop.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{...}: { programs.btop = { enable = true; }; diff --git a/modules/home/programs/eza.nix b/modules/home/programs/eza.nix index 302ae90..5435300 100644 --- a/modules/home/programs/eza.nix +++ b/modules/home/programs/eza.nix @@ -1,6 +1,5 @@ # A modern replacement for 'ls'. -{ ... }: -{ +{...}: { programs.eza = { enable = true; enableZshIntegration = true; diff --git a/modules/home/programs/fzf.nix b/modules/home/programs/fzf.nix index 41568ba..9ad8965 100644 --- a/modules/home/programs/fzf.nix +++ b/modules/home/programs/fzf.nix @@ -3,13 +3,11 @@ config, lib, ... -}: -let +}: let accent = "#" + config.lib.stylix.colors.base0D; foreground = "#" + config.lib.stylix.colors.base05; muted = "#" + config.lib.stylix.colors.base03; -in -{ +in { programs.fzf = { enable = true; enableZshIntegration = true; diff --git a/modules/home/programs/ghostty.nix b/modules/home/programs/ghostty.nix index 310ae00..b5513c2 100644 --- a/modules/home/programs/ghostty.nix +++ b/modules/home/programs/ghostty.nix @@ -2,8 +2,7 @@ pkgs, lib, ... -}: -{ +}: { programs.ghostty = { enable = true; enableZshIntegration = true; @@ -14,7 +13,7 @@ auto-update = "off"; working-directory = "home"; window-inherit-working-directory = false; # avoid inheritance - keybinds = [ ]; + keybinds = []; # background-opacity = 0.8; background-opacity = 1; confirm-close-surface = false; diff --git a/modules/home/programs/k9s.nix b/modules/home/programs/k9s.nix index e4d27d6..85427ac 100644 --- a/modules/home/programs/k9s.nix +++ b/modules/home/programs/k9s.nix @@ -1,6 +1,5 @@ # A terminal-based Kubernetes CLI. -{ ... }: -{ +{...}: { programs.k9s = { enable = true; }; diff --git a/modules/home/programs/niri/applications.nix b/modules/home/programs/niri/applications.nix index 828c1ab..a179ecf 100644 --- a/modules/home/programs/niri/applications.nix +++ b/modules/home/programs/niri/applications.nix @@ -1,5 +1,4 @@ -{ pkgs }: -{ +{pkgs}: { browser = "${pkgs.firefox}/bin/firefox"; terminal = "${pkgs.ghostty}/bin/ghostty"; fileManager = "${pkgs.thunar}/bin/thunar"; diff --git a/modules/home/programs/niri/settings.nix b/modules/home/programs/niri/settings.nix index c2b4a30..b36bbea 100644 --- a/modules/home/programs/niri/settings.nix +++ b/modules/home/programs/niri/settings.nix @@ -2,8 +2,7 @@ config, pkgs, ... -}: -{ +}: { home.sessionVariables = { XDG_ICON_DIR = "${pkgs.whitesur-icon-theme}/share/icons/WhiteSur"; GSETTINGS_SCHEMA_DIR = "${pkgs.gsettings-desktop-schemas}/share/gsettings-schemas/${pkgs.gsettings-desktop-schemas.name}/glib-2.0/schemas"; @@ -53,18 +52,18 @@ layout = { preset-column-widths = [ - { proportion = 1. / 3.; } - { proportion = 1. / 2.; } - { proportion = 2. / 3.; } + {proportion = 1. / 3.;} + {proportion = 1. / 2.;} + {proportion = 2. / 3.;} ]; default-column-width = { proportion = 0.5; }; preset-window-heights = [ - { proportion = 1. / 3.; } - { proportion = 1. / 2.; } - { proportion = 2. / 3.; } + {proportion = 1. / 3.;} + {proportion = 1. / 2.;} + {proportion = 2. / 3.;} ]; background-color = "#00000000"; diff --git a/modules/home/programs/pass.nix b/modules/home/programs/pass.nix index bc42172..3d373ea 100644 --- a/modules/home/programs/pass.nix +++ b/modules/home/programs/pass.nix @@ -1,9 +1,8 @@ # ✨ password manager -{ pkgs, ... }: -{ +{pkgs, ...}: { programs.password-store = { enable = true; - package = pkgs.pass.withExtensions (exts: [ exts.pass-otp ]); + package = pkgs.pass.withExtensions (exts: [exts.pass-otp]); }; home.packages = with pkgs; [ diff --git a/modules/home/programs/starship.nix b/modules/home/programs/starship.nix index 5f28e5a..3651512 100644 --- a/modules/home/programs/starship.nix +++ b/modules/home/programs/starship.nix @@ -3,12 +3,10 @@ config, lib, ... -}: -let +}: let accent = "#${config.lib.stylix.colors.base0D}"; background-alt = "#${config.lib.stylix.colors.base01}"; -in -{ +in { programs.starship = { enable = true; enableZshIntegration = true; diff --git a/modules/hosts/grymforge.nix b/modules/hosts/grymforge.nix deleted file mode 100644 index 21cff5e..0000000 --- a/modules/hosts/grymforge.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - config.dendritic.hosts.grymforge = { - system = "x86_64-linux"; - type = "desktop"; - roles = [ - "workstation" - ]; - primaryUser = "gwg313"; - primaryUserExtraGroups = [ - "wheel" - "networkmanager" - "audio" - ]; - - nixosModules = [ - ../nixos/hardware/grymforge.nix - ../nixos/hosts/candlekeep/ssh.nix - ../nixos/hosts/candlekeep/nfs.nix - ../nixos/hosts/candlekeep/networking.nix - ]; - }; -} diff --git a/modules/nixos/bluetooth.nix b/modules/nixos/bluetooth.nix index 7fe400a..c1b1f3a 100644 --- a/modules/nixos/bluetooth.nix +++ b/modules/nixos/bluetooth.nix @@ -2,8 +2,7 @@ lib, config, ... -}: -{ +}: { config = lib.mkIf config.bluetooth.enable { services.blueman.enable = true; hardware.bluetooth = { diff --git a/modules/nixos/comma.nix b/modules/nixos/comma.nix index 8731e91..481a279 100644 --- a/modules/nixos/comma.nix +++ b/modules/nixos/comma.nix @@ -1,5 +1,4 @@ -{ _ }: -{ +{_}: { # Disable so comma can be installed programs.command-not-found.enable = false; programs.nix-index-database.comma.enable = true; diff --git a/modules/nixos/gui/dbus.nix b/modules/nixos/gui/dbus.nix index 5134043..d433ad5 100644 --- a/modules/nixos/gui/dbus.nix +++ b/modules/nixos/gui/dbus.nix @@ -2,11 +2,10 @@ config, pkgs, ... -}: -{ +}: { services.dbus = { enable = true; - packages = [ pkgs.dconf ]; + packages = [pkgs.dconf]; }; programs.dconf = { diff --git a/modules/nixos/gui/gnupg.nix b/modules/nixos/gui/gnupg.nix index 791ad05..237da40 100644 --- a/modules/nixos/gui/gnupg.nix +++ b/modules/nixos/gui/gnupg.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { programs.gnupg.agent = { enable = true; enableSSHSupport = true; diff --git a/modules/nixos/gui/wayland.nix b/modules/nixos/gui/wayland.nix index 0604196..ee4a70a 100644 --- a/modules/nixos/gui/wayland.nix +++ b/modules/nixos/gui/wayland.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { environment.systemPackages = with pkgs; [ wlr-randr wl-clipboard diff --git a/modules/nixos/hardware/candlekeep.nix b/modules/nixos/hardware/candlekeep.nix index 0c31f7c..ccdad03 100644 --- a/modules/nixos/hardware/candlekeep.nix +++ b/modules/nixos/hardware/candlekeep.nix @@ -7,8 +7,7 @@ pkgs, modulesPath, ... -}: -{ +}: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") # ../../common/nixos/nfs.nix @@ -21,25 +20,23 @@ "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; boot = { loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; - initrd.luks.devices."luks-1dbfdeb6-8537-41b2-abf0-09373af3eeee".device = - "/dev/disk/by-uuid/1dbfdeb6-8537-41b2-abf0-09373af3eeee"; + initrd.luks.devices."luks-1dbfdeb6-8537-41b2-abf0-09373af3eeee".device = "/dev/disk/by-uuid/1dbfdeb6-8537-41b2-abf0-09373af3eeee"; }; fileSystems."/" = { device = "/dev/disk/by-uuid/c79b630a-d130-42ed-8cdc-3f8545fe2993"; fsType = "ext4"; }; - boot.initrd.luks.devices."luks-96e3b309-ca79-4b42-aca5-3f098b123758".device = - "/dev/disk/by-uuid/96e3b309-ca79-4b42-aca5-3f098b123758"; + boot.initrd.luks.devices."luks-96e3b309-ca79-4b42-aca5-3f098b123758".device = "/dev/disk/by-uuid/96e3b309-ca79-4b42-aca5-3f098b123758"; fileSystems."/boot" = { device = "/dev/disk/by-uuid/1FBA-8B80"; fsType = "vfat"; @@ -49,7 +46,7 @@ ]; }; swapDevices = [ - { device = "/dev/disk/by-uuid/17eec89e-2381-4a25-8935-63cbcc67d07c"; } + {device = "/dev/disk/by-uuid/17eec89e-2381-4a25-8935-63cbcc67d07c";} ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/modules/nixos/hardware/grymforge.nix b/modules/nixos/hardware/grymforge.nix deleted file mode 100644 index 518aa93..0000000 --- a/modules/nixos/hardware/grymforge.nix +++ /dev/null @@ -1,68 +0,0 @@ -# Do not modify this file! It was generated by β€˜nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ - "nvme" - "xhci_pci" - "usbhid" - "usb_storage" - "sd_mod" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - boot = { - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - - initrd.luks.devices."luks-ab8d2b18-14de-44ff-a7b5-91d5f5d0e937".device = - "/dev/disk/by-uuid/ab8d2b18-14de-44ff-a7b5-91d5f5d0e937"; - }; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/95565731-9a95-4fcc-857d-1f066f4e4acf"; - fsType = "ext4"; - }; - - boot.initrd.luks.devices."luks-c140b0df-2cce-4710-a2fa-94dd3016a7e6".device = - "/dev/disk/by-uuid/c140b0df-2cce-4710-a2fa-94dd3016a7e6"; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/34C4-ECCE"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" - ]; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/2fea88dc-b9a8-40d6-a87d-f7383548e60d"; } - ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/modules/nixos/locale.nix b/modules/nixos/locale.nix index fc4d85d..0628300 100644 --- a/modules/nixos/locale.nix +++ b/modules/nixos/locale.nix @@ -1,5 +1,4 @@ -{ _ }: -{ +{_}: { # Set your time zone. time.timeZone = "America/Toronto"; diff --git a/modules/nixos/pipewire.nix b/modules/nixos/pipewire.nix index 5eeb566..d5eb8d8 100644 --- a/modules/nixos/pipewire.nix +++ b/modules/nixos/pipewire.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { # Enable sound with pipewire. hardware.pulseaudio.enable = false; # hardware.alsa.enablePersistence = true; @@ -19,7 +18,7 @@ "context.properties" = { "default.clock.rate" = 192000; #"defautlt.allowed-rates" = [ 192000 48000 44100 ]; - "defautlt.allowed-rates" = [ 192000 ]; + "defautlt.allowed-rates" = [192000]; #"default.clock.quantum" = 32; #"default.clock.min-quantum" = 32; #"default.clock.max-quantum" = 32; diff --git a/modules/nixos/ssh/ssh_guard.nix b/modules/nixos/ssh/ssh_guard.nix index 6c7423c..7c67345 100644 --- a/modules/nixos/ssh/ssh_guard.nix +++ b/modules/nixos/ssh/ssh_guard.nix @@ -2,8 +2,7 @@ config, lib, ... -}: -{ +}: { services.sshguard = { enable = true; services = [ diff --git a/modules/nixos/sysctl/file_system.nix b/modules/nixos/sysctl/file_system.nix index efb205d..2cc0586 100644 --- a/modules/nixos/sysctl/file_system.nix +++ b/modules/nixos/sysctl/file_system.nix @@ -2,8 +2,7 @@ config, pkgs, ... -}: -{ +}: { boot.kernel.sysctl = { # disallow core dumping by SUID/SGID programs "fs.suid_dumpable" = 0; diff --git a/modules/nixos/sysctl/network.nix b/modules/nixos/sysctl/network.nix index 1bddcea..1f13683 100644 --- a/modules/nixos/sysctl/network.nix +++ b/modules/nixos/sysctl/network.nix @@ -2,8 +2,7 @@ config, pkgs, ... -}: -{ +}: { boot.kernel.sysctl = { }; } diff --git a/modules/nixos/sysctl/networking/ipv4.nix b/modules/nixos/sysctl/networking/ipv4.nix index 79a717c..7f50248 100644 --- a/modules/nixos/sysctl/networking/ipv4.nix +++ b/modules/nixos/sysctl/networking/ipv4.nix @@ -2,8 +2,7 @@ config, pkgs, ... -}: -{ +}: { boot.kernel.sysctl = { # enable BBR congestion control "net.ipv4.tcp_congestion_control" = "bbr"; diff --git a/modules/nixos/sysctl/networking/ipv6.nix b/modules/nixos/sysctl/networking/ipv6.nix index a6c71a6..693f774 100644 --- a/modules/nixos/sysctl/networking/ipv6.nix +++ b/modules/nixos/sysctl/networking/ipv6.nix @@ -2,8 +2,7 @@ config, pkgs, ... -}: -{ +}: { boot.kernel.sysctl = { # disallow IPv6 packet forwarding "net.ipv6.conf.default.forwarding" = 0; diff --git a/modules/nixos/sysctl/virtualization.nix b/modules/nixos/sysctl/virtualization.nix index 4a4a5a8..073ca9b 100644 --- a/modules/nixos/sysctl/virtualization.nix +++ b/modules/nixos/sysctl/virtualization.nix @@ -2,8 +2,7 @@ config, pkgs, ... -}: -{ +}: { boot.kernel.sysctl = { # do not allow mmap in lower addresses "vm.mmap_min_addr" = 65536; diff --git a/modules/top/inventory/features.nix b/modules/top/inventory/features.nix index bed9293..c3d531b 100644 --- a/modules/top/inventory/features.nix +++ b/modules/top/inventory/features.nix @@ -2,37 +2,34 @@ { options.dendritic.features = lib.mkOption { type = lib.types.attrsOf ( - lib.types.submodule ( - { name, ... }: - { - options = { - name = lib.mkOption { - type = lib.types.str; - default = name; - }; - - features = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ ]; - }; - - nixosModules = lib.mkOption { - type = lib.types.listOf lib.types.deferredModule; - default = [ ]; - }; - - homeModules = lib.mkOption { - type = lib.types.listOf lib.types.deferredModule; - default = [ ]; - }; - - includeInEmbeddedHomeManager = lib.mkOption { - type = lib.types.bool; - default = true; - }; + lib.types.submodule ({ name, ... }: { + options = { + name = lib.mkOption { + type = lib.types.str; + default = name; }; - } - ) + + features = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + }; + + nixosModules = lib.mkOption { + type = lib.types.listOf lib.types.deferredModule; + default = [ ]; + }; + + homeModules = lib.mkOption { + type = lib.types.listOf lib.types.deferredModule; + default = [ ]; + }; + + includeInEmbeddedHomeManager = lib.mkOption { + type = lib.types.bool; + default = true; + }; + }; + }) ); default = { }; }; diff --git a/modules/top/inventory/hosts.nix b/modules/top/inventory/hosts.nix index 8679ce1..5f5a63b 100644 --- a/modules/top/inventory/hosts.nix +++ b/modules/top/inventory/hosts.nix @@ -1,54 +1,43 @@ -{ lib, ... }: -{ +{lib, ...}: { options.dendritic.hosts = lib.mkOption { type = lib.types.attrsOf ( - lib.types.submodule ( - { name, ... }: - { - options = { - name = lib.mkOption { - type = lib.types.str; - default = name; - }; - - system = lib.mkOption { - type = lib.types.str; - }; - - type = lib.mkOption { - type = lib.types.enum [ - "laptop" - "desktop" - "server" - ]; - }; - - roles = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ ]; - }; - - primaryUser = lib.mkOption { - type = lib.types.nullOr lib.types.str; - default = null; - }; - - primaryUserExtraGroups = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ - "wheel" - "networkmanager" - ]; - }; - - nixosModules = lib.mkOption { - type = lib.types.listOf lib.types.deferredModule; - default = [ ]; - }; + lib.types.submodule ({name, ...}: { + options = { + name = lib.mkOption { + type = lib.types.str; + default = name; }; - } - ) + + system = lib.mkOption { + type = lib.types.str; + }; + + type = lib.mkOption { + type = lib.types.enum ["laptop" "desktop" "server"]; + }; + + roles = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = []; + }; + + primaryUser = lib.mkOption { + type = lib.types.nullOr lib.types.str; + default = null; + }; + + primaryUserExtraGroups = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = ["wheel" "networkmanager"]; + }; + + nixosModules = lib.mkOption { + type = lib.types.listOf lib.types.deferredModule; + default = []; + }; + }; + }) ); - default = { }; + default = {}; }; } diff --git a/modules/top/inventory/users.nix b/modules/top/inventory/users.nix index f95f627..5689820 100644 --- a/modules/top/inventory/users.nix +++ b/modules/top/inventory/users.nix @@ -1,70 +1,63 @@ -{ lib, ... }: -{ +{lib, ...}: { options.dendritic.users = lib.mkOption { type = lib.types.attrsOf ( - lib.types.submodule ( - { name, ... }: - { - options = { - name = lib.mkOption { - type = lib.types.str; - default = name; - }; - - username = lib.mkOption { - type = lib.types.str; - default = name; - }; - - nixosModules = lib.mkOption { - type = lib.types.listOf lib.types.deferredModule; - default = [ ]; - }; - - homeModules = lib.mkOption { - type = lib.types.listOf lib.types.deferredModule; - default = [ ]; - }; - - homes = lib.mkOption { - type = lib.types.attrsOf ( - lib.types.submodule ( - { name, ... }: - { - options = { - host = lib.mkOption { - type = lib.types.str; - default = name; - }; - - system = lib.mkOption { - type = lib.types.str; - }; - - stateVersion = lib.mkOption { - type = lib.types.str; - default = "25.05"; - }; - - roles = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ ]; - }; - - extraModules = lib.mkOption { - type = lib.types.listOf lib.types.deferredModule; - default = [ ]; - }; - }; - } - ) - ); - default = { }; - }; + lib.types.submodule ({name, ...}: { + options = { + name = lib.mkOption { + type = lib.types.str; + default = name; }; - } - ) + + username = lib.mkOption { + type = lib.types.str; + default = name; + }; + + nixosModules = lib.mkOption { + type = lib.types.listOf lib.types.deferredModule; + default = []; + }; + + homeModules = lib.mkOption { + type = lib.types.listOf lib.types.deferredModule; + default = []; + }; + + homes = lib.mkOption { + type = lib.types.attrsOf ( + lib.types.submodule ({name, ...}: { + options = { + host = lib.mkOption { + type = lib.types.str; + default = name; + }; + + system = lib.mkOption { + type = lib.types.str; + }; + + stateVersion = lib.mkOption { + type = lib.types.str; + default = "25.05"; + }; + + roles = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = []; + }; + + extraModules = lib.mkOption { + type = lib.types.listOf lib.types.deferredModule; + default = []; + }; + }; + }) + ); + default = {}; + }; + }; + }) ); - default = { }; + default = {}; }; } diff --git a/modules/users/gwg313.nix b/modules/users/gwg313.nix index 45705a7..1f626f6 100644 --- a/modules/users/gwg313.nix +++ b/modules/users/gwg313.nix @@ -17,12 +17,5 @@ roles = [ "workstation" ]; extraModules = [ ]; }; - - homes.grymforge = { - system = "x86_64-linux"; - stateVersion = "25.11"; - roles = [ "workstation" ]; - extraModules = [ ]; - }; }; } diff --git a/secrets/hosts/grymforge.yaml b/secrets/hosts/grymforge.yaml deleted file mode 100644 index d01e47a..0000000 --- a/secrets/hosts/grymforge.yaml +++ /dev/null @@ -1,17 +0,0 @@ -system: - example: ENC[AES256_GCM,data:HGduc8uq6YhzDBM=,iv:IDdNjIjWAhTEzHiGrsuSpHSjidpeFnGdzkiBCjBv5H4=,tag:pm2IGSy3siDAhn2E7lMUhA==,type:str] -sops: - age: - - recipient: age1k3hs0gyzrmsdyqh9lpret46q3xaayxxntruzc4euy6h3slqn4u6q36h7rg - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0R1VYMmEvdWk5UzBQLzds - Q2JzSC9zZFJVWldHbTlkdTIrSXNFLzZqdjBFClJqZmxTSCtjeGwxNjA3VFVscEtP - NEhOcU9la2MzNWNEK1NwU0dNTHlPNFUKLS0tIHVWVlRkRHlwb21IemRFS3FTT1kz - U21XTEVjNWgzVHVYQ2dDQmIrV21EdGMKw14LaWlK9WbBXxnNvKfNgg44K9/Y7p5H - +3QeahQRu8OYn/tFyaMiRxIzLWOhBhtdqAH8k2GN2X5TxzGA1vxGXg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-04-14T00:22:17Z" - mac: ENC[AES256_GCM,data:bPSDTqcfnnUcj80y+9qUfWkX9NcBWdQETMC3qyZYB3FWrJryepWn4bMUEb5IBfwcZXiKWmvyOTXjFYEkx4F4YGZA0qz3usuq6EjeZDSFrpf9Itr9wdc400mc7cf5YFtNOkf+BuE3nsYQDj1KViBKReEgMjZe9bHjvmi1f+utvjM=,iv:DcvjgVAUTily7Xm1+3NCA7/P3+qE05WlQkkqKggm27g=,tag:47TIh6ybU4Cu8QybMxuz/g==,type:str] - unencrypted_suffix: _unencrypted - version: 3.12.2