swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2026-04-15 05:39:11 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

style: fix formatting

Browse source
This commit is contained in:
Leon Schwarzäugl 2026-03-05 23:36:19 +01:00
parent b1b2fc68a3
commit 80c08a6d19
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
4 changed files with 1169 additions and 1177 deletions
Download patch file Download diff file Expand all files Collapse all files

84
SwarselSystems.org
View file

@ -2487,12 +2487,15 @@ The rest of the functions are used to build full NixOS systems as well as halfCo
// config.guestConfigurations; // config.guestConfigurations;
guestResources = lib.mapAttrs guestResources = lib.mapAttrs
(name: _: let (name: _:
let
f = arg: lib.foldr (base: acc: base + acc) 0 (map (node: nodes."${name}-${node}".config.microvm.${arg}) (builtins.attrNames nodes.${name}.config.guests)); f = arg: lib.foldr (base: acc: base + acc) 0 (map (node: nodes."${name}-${node}".config.microvm.${arg}) (builtins.attrNames nodes.${name}.config.guests));
in { in
{
mem = f "mem"; mem = f "mem";
vcpu = f "vcpu"; vcpu = f "vcpu";
}) nodes; })
nodes;
"@" = lib.mapAttrs (_: v: v.config.system.build.toplevel) config.nodes; "@" = lib.mapAttrs (_: v: v.config.system.build.toplevel) config.nodes;
}; };
@ -2854,7 +2857,8 @@ Aside from the =default= devShell which is the one that should usually be called
deploy = deploy =
let let
nix-version = "2_28"; nix-version = "2_28";
in { in
{
packages = [ packages = [
(builtins.trace "alarm: pinned nix_${nix-version}" pkgs.stable25_05.nixVersions."nix_${nix-version}") (builtins.trace "alarm: pinned nix_${nix-version}" pkgs.stable25_05.nixVersions."nix_${nix-version}")
pkgs.git pkgs.git
@ -3199,7 +3203,8 @@ On the structure of overlays: as you notice, all of the attributes within overla
{ {
flake = _: flake = _:
{ {
overlays = let overlays =
let
nixpkgs-stable-versions = final: _: nixpkgs-stable-versions = final: _:
let let
nixpkgsInputs = nixpkgsInputs =
@ -3222,7 +3227,8 @@ On the structure of overlays: as you notice, all of the attributes within overla
}) })
(builtins.attrNames nixpkgsInputs)); (builtins.attrNames nixpkgsInputs));
in rec { in
rec {
default = additions; default = additions;
additions = final: prev: additions = final: prev:
let let
@ -3259,9 +3265,11 @@ On the structure of overlays: as you notice, all of the attributes within overla
}) })
names); names);
from = let from =
let
stablePackages = nixpkgs-stable-versions final prev; stablePackages = nixpkgs-stable-versions final prev;
in key: in
key:
stablePackages.${key} or (throw "Missing nixpkgs input nixpkgs-${key}"); stablePackages.${key} or (throw "Missing nixpkgs input nixpkgs-${key}");
in in
@ -6143,7 +6151,6 @@ A Mac notebook that I have received from work. I use this machine for getting ac
My phone. I use only a minimal config for remote debugging here. My phone. I use only a minimal config for remote debugging here.
#+begin_src nix-ts :tangle hosts/android/aarch64-linux/magicant/default.nix #+begin_src nix-ts :tangle hosts/android/aarch64-linux/magicant/default.nix
{ pkgs, ... }: { { pkgs, ... }: {
environment = { environment = {
packages = with pkgs; [ packages = with pkgs; [
@ -6188,8 +6195,6 @@ My phone. I use only a minimal config for remote debugging here.
experimental-features = nix-command flakes experimental-features = nix-command flakes
''; '';
} }
#+end_src #+end_src
**** Treehouse (DGX Spark) **** Treehouse (DGX Spark)
@ -12012,7 +12017,7 @@ Restricts access to the system by the nix build user as per https://discourse.ni
"nix-store --serve --write") "nix-store --serve --write")
exec env NIX_SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt ${config.nix.package}/bin/nix-store --serve --write exec env NIX_SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt ${config.nix.package}/bin/nix-store --serve --write
;; ;;
,*) *)
echo "Access only allowed for using the nix remote builder" 1>&2 echo "Access only allowed for using the nix remote builder" 1>&2
exit exit
esac esac
@ -12154,14 +12159,8 @@ systemd-initrd provides a lightweight SSH server in form of dropbear - in order
I also take some precautions in how I get networking information during stage 1. For the most part, I just use [[#h:12370671-7892-4a74-a804-84f871acde06][systemd-networkd (server)]], however, for hosts in my local network, I take another step to define the network in the =kernelParams=, to make extra sure I can reach it. I also take some precautions in how I get networking information during stage 1. For the most part, I just use [[#h:12370671-7892-4a74-a804-84f871acde06][systemd-networkd (server)]], however, for hosts in my local network, I take another step to define the network in the =kernelParams=, to make extra sure I can reach it.
#+begin_src nix-ts :tangle modules/nixos/server/disk-encrypt.nix #+begin_src nix-ts :tangle modules/nixos/server/disk-encrypt.nix
{ self, pkgs, lib, config, globals, minimal, ... }: { self, pkgs, lib, config, minimal, ... }:
let let
localIp = globals.networks.${config.swarselsystems.server.netConfigName}.hosts.${config.node.name}.ipv4;
subnetMask = globals.networks.${config.swarselsystems.server.netConfigName}.subnetMask4;
gatewayIp = globals.hosts.${config.node.name}.defaultGateway4;
inherit (globals.general) routerServer;
isRouter = config.node.name == routerServer;
hostKeyPathBase = "/etc/secrets/initrd/ssh_host_ed25519_key"; hostKeyPathBase = "/etc/secrets/initrd/ssh_host_ed25519_key";
hostKeyPath = hostKeyPath =
@ -12275,9 +12274,11 @@ By default, attic only provides a cli client to authenticate to caches. I want a
config.sops.templates.attic-env.path config.sops.templates.attic-env.path
]; ];
}; };
script = let script =
let
attic = lib.getExe pkgs.attic-client; attic = lib.getExe pkgs.attic-client;
in '' in
''
set -eu set -eu
if ${attic} cache info ${config.swarselsystems.mainUser} >/dev/null 2>&1; then if ${attic} cache info ${config.swarselsystems.mainUser} >/dev/null 2>&1; then
echo "cache already authenticated" echo "cache already authenticated"
@ -12337,9 +12338,11 @@ In order to define a new wireguard interface, I have to:
lib.mkEnableOption "enable ${serviceName} settings"; lib.mkEnableOption "enable ${serviceName} settings";
swarselsystems.server.wireguard = { swarselsystems.server.wireguard = {
interfaces = let interfaces =
let
topConfig = config; topConfig = config;
in lib.mkOption { in
lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({ config, name, ... }: { type = lib.types.attrsOf (lib.types.submodule ({ config, name, ... }: {
options = { options = {
isServer = lib.mkEnableOption "set this interface as a wireguard server"; isServer = lib.mkEnableOption "set this interface as a wireguard server";
@ -13470,7 +13473,7 @@ Needed for audio and stuff.
Many services require a databasee, and I like to go with full postgres when giving the chance. Each host will usually run its own instance instead of maintaining a centralised one. Many services require a databasee, and I like to go with full postgres when giving the chance. Each host will usually run its own instance instead of maintaining a centralised one.
#+begin_src nix-ts :tangle modules/nixos/server/postgresql.nix #+begin_src nix-ts :tangle modules/nixos/server/postgresql.nix
{ self, config, lib, pkgs, confLib, ... }: { config, lib, pkgs, confLib, ... }:
let let
inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName; inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName;
postgresVersion = 14; postgresVersion = 14;
@ -13546,7 +13549,7 @@ Allows me to spin up containers for services that do not provide NixOS options.
}; };
local-to-podman = { local-to-podman = {
from = [ "local" "wgProxy" "wgHome"]; from = [ "local" "wgProxy" "wgHome" ];
to = [ "podman" ]; to = [ "podman" ];
before = [ "drop" ]; before = [ "drop" ];
verdict = "accept"; verdict = "accept";
@ -14547,7 +14550,6 @@ I use this configuration for sailing.
}; };
}; };
} }
#+end_src #+end_src
**** syncthing **** syncthing
@ -14861,7 +14863,7 @@ This section exposes several metrics that I use to check the health of my server
node-exporter = confLib.mkIds 987; node-exporter = confLib.mkIds 987;
grafana = confLib.mkIds 974; grafana = confLib.mkIds 974;
}; };
groups.nextcloud-exporter = {}; groups.nextcloud-exporter = { };
users = { users = {
nextcloud-exporter = { nextcloud-exporter = {
group = "nextcloud-exporter"; group = "nextcloud-exporter";
@ -16021,12 +16023,14 @@ kanidm person credential create-reset-token <user>
}; };
nodes = let nodes =
let
extraConfig = '' extraConfig = ''
allow ${globals.networks.home-lan.vlans.services.cidrv4}; allow ${globals.networks.home-lan.vlans.services.cidrv4};
allow ${globals.networks.home-lan.vlans.services.cidrv6}; allow ${globals.networks.home-lan.vlans.services.cidrv6};
''; '';
in { in
{
${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = { ${dnsServer}.swarselsystems.server.dns.${globals.services.${serviceName}.baseDomain}.subdomainRecords = {
"${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6; "${globals.services.${serviceName}.subDomain}" = dns.lib.combinators.host proxyAddress4 proxyAddress6;
}; };
@ -20268,7 +20272,7 @@ Some standard options that should be set for every microvm guest. We set the def
Some standard options that should be set for every microvm guest. We set the default Some standard options that should be set for every microvm guest. We set the default
#+begin_src nix-ts :tangle modules/nixos/optional/microvm-guest-shares.nix #+begin_src nix-ts :tangle modules/nixos/optional/microvm-guest-shares.nix
{ self, lib, config, inputs, microVMParent, nodes, ... }: { lib, config, microVMParent, nodes, ... }:
{ {
config = { config = {
microvm = { microvm = {
@ -20283,7 +20287,6 @@ Some standard options that should be set for every microvm guest. We set the def
}; };
}; };
} }
#+end_src #+end_src
**** systemd-networkd (base) **** systemd-networkd (base)
@ -20598,7 +20601,6 @@ The general structure here is the same as in the [[#h:6da812f5-358c-49cb-aff2-0a
{ {
imports = lib.swarselsystems.mkImports importNames "modules/home"; imports = lib.swarselsystems.mkImports importNames "modules/home";
} }
#+end_src #+end_src
*** Steps to setup/upgrade home-manager only *** Steps to setup/upgrade home-manager only
@ -25503,7 +25505,7 @@ Currently, I am too lazy to explain every option here, but most of it is very se
"s=AU11806002320" "s=AU11806002320"
"v=Philips Consumer Electronics Company" "v=Philips Consumer Electronics Company"
]; ];
exec = ["notify-send shikane \"Profile $SHIKANE_PROFILE_NAME has been applied\""]; exec = [ "notify-send shikane \"Profile $SHIKANE_PROFILE_NAME has been applied\"" ];
in in
{ {
profile = [ profile = [
@ -27768,7 +27770,7 @@ When setting up a new machine:
"s=CNC4080YL5" "s=CNC4080YL5"
"v=HP Inc." "v=HP Inc."
]; ];
exec = ["notify-send shikane \"Profile $SHIKANE_PROFILE_NAME has been applied\""]; exec = [ "notify-send shikane \"Profile $SHIKANE_PROFILE_NAME has been applied\"" ];
in in
{ {
profile = [ profile = [
@ -28824,7 +28826,8 @@ In short, the options defined here are passed to the modules systems using =_mod
lib.nameValuePair "/storage/${eternorPath}" { lib.nameValuePair "/storage/${eternorPath}" {
pool = "Vault"; pool = "Vault";
dataset = "Eternor/${eternorPath}"; dataset = "Eternor/${eternorPath}";
}) eternorPaths))); })
eternorPaths)));
modules = [ modules = [
(config.node.configDir + /guests/${guestName}/default.nix) (config.node.configDir + /guests/${guestName}/default.nix)
{ {
@ -29459,7 +29462,7 @@ This app checks for different apps that I keep around in the scratchpad for quic
cmd=(sh -c 'kitty --add-id spotifytui -T spotifytui -o confirm_os_window_close=0 spotify_player' '&') cmd=(sh -c 'kitty --add-id spotifytui -T spotifytui -o confirm_os_window_close=0 spotify_player' '&')
searchapp="spotifytui" searchapp="spotifytui"
;; ;;
,*) break ;; *) break ;;
esac esac
shift shift
done done
@ -29475,7 +29478,6 @@ This app checks for different apps that I keep around in the scratchpad for quic
''; '';
} }
#+end_src #+end_src
***** swarselzellij ***** swarselzellij
@ -30826,7 +30828,7 @@ AppImage version of mgba in which the lua scripting works.
;; ;;
-*) OPTIONS+=("$1") ;; -*) OPTIONS+=("$1") ;;
,*) POSITIONAL_ARGS+=("$1") ;; *) POSITIONAL_ARGS+=("$1") ;;
esac esac
shift shift
done done
@ -30892,7 +30894,6 @@ AppImage version of mgba in which the lua scripting works.
done done
''; '';
} }
#+end_src #+end_src
***** swarsel-build ***** swarsel-build
@ -31035,7 +31036,7 @@ This script allows for quick git replace of a string.
target_dirs=rue target_dirs=rue
;; ;;
-h | --help) help_and_exit ;; -h | --help) help_and_exit ;;
,*) *)
echo "Invalid option detected." echo "Invalid option detected."
help_and_exit help_and_exit
;; ;;
@ -31059,8 +31060,6 @@ This script allows for quick git replace of a string.
fi fi
''; '';
} }
#+end_src #+end_src
***** gen-sops-guest ***** gen-sops-guest
@ -31435,7 +31434,6 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
}; };
} }
#+end_src #+end_src
**** MicroVM **** MicroVM
:PROPERTIES: :PROPERTIES:

2
modules/nixos/optional/microvm-guest-shares.nix
View file

@ -1,4 +1,4 @@
{ self, lib, config, inputs, microVMParent, nodes, ... }: { lib, config, microVMParent, nodes, ... }:
{ {
config = { config = {
microvm = { microvm = {

8
modules/nixos/server/disk-encrypt.nix
View file

@ -1,11 +1,5 @@
{ self, pkgs, lib, config, globals, minimal, ... }: { self, pkgs, lib, config, minimal, ... }:
let let
localIp = globals.networks.${config.swarselsystems.server.netConfigName}.hosts.${config.node.name}.ipv4;
subnetMask = globals.networks.${config.swarselsystems.server.netConfigName}.subnetMask4;
gatewayIp = globals.hosts.${config.node.name}.defaultGateway4;
inherit (globals.general) routerServer;
isRouter = config.node.name == routerServer;
hostKeyPathBase = "/etc/secrets/initrd/ssh_host_ed25519_key"; hostKeyPathBase = "/etc/secrets/initrd/ssh_host_ed25519_key";
hostKeyPath = hostKeyPath =

2
modules/nixos/server/postgresql.nix
View file

@ -1,4 +1,4 @@
{ self, config, lib, pkgs, confLib, ... }: { config, lib, pkgs, confLib, ... }:
let let
inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName; inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName;
postgresVersion = 14; postgresVersion = 14;