style: eliminate duplicate keys

2025-12-06 09:07:21 +01:00 · 2025-03-21 20:16:37 +01:00 · 2025-03-21 20:16:37 +01:00 · c997e9174e
commit c997e9174e
parent 658d2bb7ba
15 changed files with 1314 additions and 1249 deletions
--- a/hosts/nixos/chaostheatre/hardware-configuration.nix
+++ b/hosts/nixos/chaostheatre/hardware-configuration.nix
@ -9,20 +9,24 @@
      (modulesPath + "/profiles/qemu-guest.nix")
    ];

-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" = {
-    device = "/dev/disk-by-uuid/d2a8fad0-373e-4bcf-8e75-d9b5ef94199c";
-    fsType = "ext4";
+  boot = {
+    initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+    initrd.kernelModules = [ ];
+    kernelModules = [ "kvm-amd" ];
+    extraModulePackages = [ ];
  };

-  fileSystems."/boot" = {
-    device = "/dev/disk-by-uuid/5CF0-A66E";
-    fsType = "vfat";
-    options = [ "fmask=0077" "dmask=0077" ];
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk-by-uuid/d2a8fad0-373e-4bcf-8e75-d9b5ef94199c";
+      fsType = "ext4";
+    };
+
+    "/boot" = {
+      device = "/dev/disk-by-uuid/5CF0-A66E";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
  };

  swapDevices = [ ];
--- a/hosts/nixos/nbl-imba-2/hardware-configuration.nix
+++ b/hosts/nixos/nbl-imba-2/hardware-configuration.nix
@ -21,28 +21,32 @@
      esac
    '';

-  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "cryptd" "usbhid" "sd_mod" "r8152" ];
-  boot.initrd.kernelModules = [ "sg" ];
-  boot.kernelModules = [ "kvm-amd" ];
+  boot = {
+    initrd = {
+      availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "cryptd" "usbhid" "sd_mod" "r8152" ];
+      kernelModules = [ "sg" ];
+      luks.devices."cryptroot" = {
+        # improve performance on ssds
+        bypassWorkqueues = true;
+        preLVM = true;
+      };
+    };

-  boot.kernelParams = [
-    "mem_sleep_default=deep"
-    "amd_pstate=passive"
-    # Fix screen flickering issue at the cost of battery life (disable PSR and PSR-SU, keep PR enabled)
-    # TODO: figure out if this is worth it
-    # test PSR/PR state with 'sudo grep '' /sys/kernel/debug/dri/0000*/eDP-2/*_capability'
-    # ref:
-    # https://old.reddit.com/r/framework/comments/1goh7hc/anyone_else_get_this_screen_flickering_issue/
-    # https://www.reddit.com/r/NixOS/comments/1hjruq1/graphics_corruption_on_kernel_6125_and_up/
-    # https://gitlab.freedesktop.org/drm/amd/-/issues/3797
-    "amdgpu.dcdebugmask=0x410"
-  ];
+    kernelModules = [ "kvm-amd" ];
+    kernelParams = [
+      "mem_sleep_default=deep"
+      "amd_pstate=passive"
+      # Fix screen flickering issue at the cost of battery life (disable PSR and PSR-SU, keep PR enabled)
+      # TODO: figure out if this is worth it
+      # test PSR/PR state with 'sudo grep '' /sys/kernel/debug/dri/0000*/eDP-2/*_capability'
+      # ref:
+      # https://old.reddit.com/r/framework/comments/1goh7hc/anyone_else_get_this_screen_flickering_issue/
+      # https://www.reddit.com/r/NixOS/comments/1hjruq1/graphics_corruption_on_kernel_6125_and_up/
+      # https://gitlab.freedesktop.org/drm/amd/-/issues/3797
+      "amdgpu.dcdebugmask=0x410"
+    ];

-  boot.extraModulePackages = [ ];
-  boot.initrd.luks.devices."cryptroot" = {
-    # improve performance on ssds
-    bypassWorkqueues = true;
-    preLVM = true;
+    extraModulePackages = [ ];
  };

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
--- a/hosts/nixos/sync/default.nix
+++ b/hosts/nixos/sync/default.nix
@ -20,24 +20,6 @@ in
    defaultSopsFile = lib.mkForce "/root/.dotfiles/secrets/sync/secrets.yaml";
  };

-  services.nginx = {
-    virtualHosts = {
-      "sync.swarsel.win" = {
-        enableACME = true;
-        forceSSL = true;
-        acmeRoot = null;
-        locations = {
-          "/" = {
-            proxyPass = "http://localhost:8384/";
-            extraConfig = ''
-              client_max_body_size 0;
-            '';
-          };
-        };
-      };
-    };
-  };
-
  boot = {
    tmp.cleanOnBoot = true;
    loader.grub.device = "nodev";
@ -46,31 +28,53 @@ in

  networking = {
    nftables.enable = lib.mkForce false;
-    firewall.allowedTCPPorts = [ 8384 22000 ];
-    firewall.allowedUDPPorts = [ 21027 22000 ];
    hostName = "sync";
    enableIPv6 = false;
    domain = "subnet03112148.vcn03112148.oraclevcn.com";
-    firewall.extraCommands = ''
-      iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 27701 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 8384 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 3000 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 22000 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p udp --dport 22000 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p udp --dport 21027 -j ACCEPT
-      iptables -I INPUT -m state --state NEW -p tcp --dport 9812 -j ACCEPT
-    '';
+    firewall = {
+      allowedTCPPorts = [ 8384 22000 ];
+      allowedUDPPorts = [ 21027 22000 ];
+      extraCommands = ''
+        iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
+        iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
+        iptables -I INPUT -m state --state NEW -p tcp --dport 27701 -j ACCEPT
+        iptables -I INPUT -m state --state NEW -p tcp --dport 8384 -j ACCEPT
+        iptables -I INPUT -m state --state NEW -p tcp --dport 3000 -j ACCEPT
+        iptables -I INPUT -m state --state NEW -p tcp --dport 22000 -j ACCEPT
+        iptables -I INPUT -m state --state NEW -p udp --dport 22000 -j ACCEPT
+        iptables -I INPUT -m state --state NEW -p udp --dport 21027 -j ACCEPT
+        iptables -I INPUT -m state --state NEW -p tcp --dport 9812 -j ACCEPT
+      '';
+    };
  };

  # system.stateVersion = "23.11"; # TEMPLATE - but probably no need to change

-  # do not manage OCI syncthing through nix config
-  services.syncthing = {
-    enable = true;
-    guiAddress = "0.0.0.0:8384";
-    openDefaultPorts = true;
+  services = {
+    nginx = {
+      virtualHosts = {
+        "sync.swarsel.win" = {
+          enableACME = true;
+          forceSSL = true;
+          acmeRoot = null;
+          locations = {
+            "/" = {
+              proxyPass = "http://localhost:8384/";
+              extraConfig = ''
+                client_max_body_size 0;
+              '';
+            };
+          };
+        };
+      };
+    };
+
+    # do not manage OCI syncthing through nix config
+    syncthing = {
+      enable = true;
+      guiAddress = "0.0.0.0:8384";
+      openDefaultPorts = true;
+    };
  };


--- a/hosts/nixos/sync/hardware-configuration.nix
+++ b/hosts/nixos/sync/hardware-configuration.nix
@ -7,19 +7,23 @@
    (modulesPath + "/profiles/qemu-guest.nix")
  ];

-  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/4b47378a-02eb-4548-bab8-59cbf379252a";
-    fsType = "xfs";
+  boot = {
+    initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
+    initrd.kernelModules = [ ];
+    kernelModules = [ "kvm-amd" ];
+    extraModulePackages = [ ];
  };

-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/2B75-2AD5";
-    fsType = "vfat";
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/4b47378a-02eb-4548-bab8-59cbf379252a";
+      fsType = "xfs";
+    };
+
+    "/boot" = {
+      device = "/dev/disk/by-uuid/2B75-2AD5";
+      fsType = "vfat";
+    };
  };

  swapDevices = [
--- a/hosts/nixos/toto/hardware-configuration.nix
+++ b/hosts/nixos/toto/hardware-configuration.nix
@ -9,10 +9,12 @@
      (modulesPath + "/profiles/qemu-guest.nix")
    ];

-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
+  boot = {
+    initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+    initrd.kernelModules = [ ];
+    kernelModules = [ "kvm-amd" ];
+    extraModulePackages = [ ];
+  };

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
--- a/hosts/nixos/winters/hardware-configuration.nix
+++ b/hosts/nixos/winters/hardware-configuration.nix
@ -6,25 +6,29 @@
      (modulesPath + "/installer/scan/not-detected.nix")
    ];

-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
+  boot = {
+    initrd.availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
+    initrd.kernelModules = [ ];
+    kernelModules = [ "kvm-intel" ];
+    extraModulePackages = [ ];

-  boot.supportedFilesystems = [ "zfs" ];
-  boot.zfs.extraPools = [ "Vault" ];
+    supportedFilesystems = [ "zfs" ];
+    zfs.extraPools = [ "Vault" ];
+  };

-  fileSystems."/" =
-    {
-      device = "/dev/disk/by-uuid/30e2f96a-b01d-4c27-9ebb-d5d7e9f0031f";
-      fsType = "ext4";
-    };
+  fileSystems = {
+    "/" =
+      {
+        device = "/dev/disk/by-uuid/30e2f96a-b01d-4c27-9ebb-d5d7e9f0031f";
+        fsType = "ext4";
+      };

-  fileSystems."/boot" =
-    {
-      device = "/dev/disk/by-uuid/F0D8-8BD1";
-      fsType = "vfat";
-    };
+    "/boot" =
+      {
+        device = "/dev/disk/by-uuid/F0D8-8BD1";
+        fsType = "vfat";
+      };
+  };

  swapDevices =
    [{ device = "/dev/disk/by-uuid/a8eb6f3b-69bf-4160-90aa-9247abc108e0"; }];