diff --git a/clan.nix b/clan.nix index 1140fa9..2524ad2 100644 --- a/clan.nix +++ b/clan.nix @@ -1,4 +1,7 @@ { + baseNixosModules, + lib, +}: { meta = { name = "arda"; domain = "arda"; @@ -8,60 +11,60 @@ directory = ./.; inventory.machines = { - # aule = { - # name = "aule"; - # description = "Planned build server."; - # machineClass = "nixos"; - # tags = ["planned" "build"]; - # }; - # mandos = { - # name = "mandos"; - # description = "Living room Steam box."; - # machineClass = "nixos"; - # tags = ["gaming" "living-room"]; - # }; - # manwe = { - # name = "manwe"; - # description = "Main desktop."; - # machineClass = "nixos"; - # tags = ["desktop"]; - # }; - # melkor = { - # name = "melkor"; - # description = "Planned machine with no defined role yet."; - # machineClass = "nixos"; - # tags = []; - # }; - # orome = { - # name = "orome"; - # description = "Work laptop."; - # machineClass = "nixos"; - # tags = ["laptop" "work"]; - # }; - # tulkas = { - # name = "tulkas"; - # description = "Steam Deck."; - # machineClass = "nixos"; - # tags = ["gaming" "handheld"]; - # }; + aule = { + name = "aule"; + description = "Planned build server."; + machineClass = "nixos"; + tags = ["planned" "build"]; + }; + mandos = { + name = "mandos"; + description = "Living room Steam box."; + machineClass = "nixos"; + tags = ["gaming" "living-room"]; + }; + manwe = { + name = "manwe"; + description = "Main desktop."; + machineClass = "nixos"; + tags = ["desktop"]; + }; + melkor = { + name = "melkor"; + description = "Planned machine with no defined role yet."; + machineClass = "nixos"; + tags = []; + }; + orome = { + name = "orome"; + description = "Work laptop."; + machineClass = "nixos"; + tags = ["laptop" "work"]; + }; + tulkas = { + name = "tulkas"; + description = "Steam Deck."; + machineClass = "nixos"; + tags = ["gaming" "handheld"]; + }; ulmo = { name = "ulmo"; description = "Primary self-hosted services machine."; machineClass = "nixos"; tags = ["server" "services"]; }; - # varda = { - # name = "varda"; - # description = "Planned machine with no defined role yet."; - # machineClass = "nixos"; - # tags = []; - # }; - # yavanna = { - # name = "yavanna"; - # description = "Planned machine with no defined role yet."; - # machineClass = "nixos"; - # tags = []; - # }; + varda = { + name = "varda"; + description = "Planned machine with no defined role yet."; + machineClass = "nixos"; + tags = []; + }; + yavanna = { + name = "yavanna"; + description = "Planned machine with no defined role yet."; + machineClass = "nixos"; + tags = []; + }; }; inventory.instances = { @@ -76,7 +79,7 @@ roles.default.settings = { user = "chris"; - groups = ["wheel"]; + groups = [ "wheel" ]; prompt = true; share = true; }; @@ -84,10 +87,53 @@ }; machines = { - # mandos = {}; - # manwe = {}; - # orome = {}; - # tulkas = {}; - ulmo = {}; + mandos = { + imports = baseNixosModules ++ [ + { + networking.hostName = lib.mkDefault "mandos"; + } + ./machines/mandos/configuration.nix + ./users/chris/mandos.nix + ]; + }; + + manwe = { + imports = baseNixosModules ++ [ + { + networking.hostName = lib.mkDefault "manwe"; + } + ./machines/manwe/configuration.nix + ./users/chris/manwe.nix + ]; + }; + + orome = { + imports = baseNixosModules ++ [ + { + networking.hostName = lib.mkDefault "orome"; + } + ./machines/orome/configuration.nix + ./users/chris/orome.nix + ]; + }; + + tulkas = { + imports = baseNixosModules ++ [ + { + networking.hostName = lib.mkDefault "tulkas"; + } + ./machines/tulkas/configuration.nix + ./users/chris/tulkas.nix + ]; + }; + + ulmo = { + imports = baseNixosModules ++ [ + { + networking.hostName = lib.mkDefault "ulmo"; + } + ./machines/ulmo/configuration.nix + ]; + }; }; } diff --git a/flake.lock b/flake.lock index 95c27cc..24acfef 100644 --- a/flake.lock +++ b/flake.lock @@ -184,11 +184,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1774423251, - "narHash": "sha256-g/PP8G9WcP4vtZVOBNYwfGxLnwLQoTERHnef8irAMeQ=", + "lastModified": 1774250935, + "narHash": "sha256-mWID0WFgTnd9hbEeaPNX+YYWF70JN3r7zBouEqERJOE=", "owner": "nix-community", "repo": "fenix", - "rev": "b70d7535088cd8a9e4322c372a475f66ffa18adf", + "rev": "64d7705e8c37d650cfb1aa99c24a8ce46597f29e", "type": "github" }, "original": { @@ -445,11 +445,11 @@ ] }, "locked": { - "lastModified": 1774387289, - "narHash": "sha256-Z/0IfVHrb0lEdv1WcHEe/ni4utBMR2GXZIktzYcTDSU=", + "lastModified": 1773992301, + "narHash": "sha256-lm1qy9P463cblBAFC2g8VaALR1Gje1oyYXCPtiEumus=", "owner": "himmelblau-idm", "repo": "himmelblau", - "rev": "b2eccc7cb188253e49bffdddd743d01f52ab9625", + "rev": "fcb8966990c24f97fe224fa0c8977fe730d4cf50", "type": "github" }, "original": { @@ -465,11 +465,11 @@ ] }, "locked": { - "lastModified": 1774379316, - "narHash": "sha256-0nGNxWDUH2Hzlj/R3Zf4FEK6fsFNB/dvewuboSRZqiI=", + "lastModified": 1774210133, + "narHash": "sha256-yeiWCY9aAUUJ3ebMVjs0UZXRnT5x90MCtpbpOWiXrvM=", "owner": "nix-community", "repo": "home-manager", - "rev": "1eb0549a1ab3fe3f5acf86668249be15fa0e64f7", + "rev": "c6fe2944ad9f2444b2d767c4a5edee7c166e8a95", "type": "github" }, "original": { @@ -499,21 +499,6 @@ "type": "github" } }, - "import-tree": { - "locked": { - "lastModified": 1773693634, - "narHash": "sha256-BtZ2dtkBdSUnFPPFc+n0kcMbgaTxzFNPv2iaO326Ffg=", - "owner": "vic", - "repo": "import-tree", - "rev": "c41e7d58045f9057880b0d85e1152d6a4430dbf1", - "type": "github" - }, - "original": { - "owner": "vic", - "repo": "import-tree", - "type": "github" - } - }, "jovian": { "inputs": { "nix-github-actions": "nix-github-actions", @@ -522,11 +507,11 @@ ] }, "locked": { - "lastModified": 1774333446, - "narHash": "sha256-jeAUd4mfLle7Zw8F3lDdXvw2cmeP3FgVphHq2XuEKbs=", + "lastModified": 1774168156, + "narHash": "sha256-+pwZSARdlM2RQQ6V0q76+WMKW9aNIcxkSOIThcz/f0A=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "79b45622eff2ae0437d7a712610044bbc7b87fa2", + "rev": "939caad56508542d0f19cab963e2bc693f5f2831", "type": "github" }, "original": { @@ -660,11 +645,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1774407052, - "narHash": "sha256-rUkn7Bo3PAlpcZl8+0FDsTwFyDwvS4xwMT9+RJ+XJoE=", + "lastModified": 1774060651, + "narHash": "sha256-sZiam+rmNcOZGnlbnqDD9oTwfMdQUM+uQmFqqSoe194=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "70daf1f48885f0b4a70797076cd2ff5d9139b46e", + "rev": "46727bd27d32d63069ed26a690554373ae2b4702", "type": "github" }, "original": { @@ -767,11 +752,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1774449288, - "narHash": "sha256-ukB6NS45Oi62fQM4RpZfx3dpqxIu66ADCCFl6h72Fjo=", + "lastModified": 1774259547, + "narHash": "sha256-5EQ1TL+R/tcsoGas1oALp5Tj2ACfSul+pfrrxP72xC0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cd0256cd8c537170cf24827fa821efb57aed9f40", + "rev": "b3f8d82c4c685fb6f3080745dab8f07606ae50d3", "type": "github" }, "original": { @@ -831,11 +816,11 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1773840656, - "narHash": "sha256-9tpvMGFteZnd3gRQZFlRCohVpqooygFuy9yjuyRL2C0=", + "lastModified": 1774273680, + "narHash": "sha256-a++tZ1RQsDb1I0NHrFwdGuRlR5TORvCEUksM459wKUA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9cf7092bdd603554bd8b63c216e8943cf9b12512", + "rev": "fdc7b8f7b30fdbedec91b71ed82f36e1637483ed", "type": "github" }, "original": { @@ -880,11 +865,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1774375131, - "narHash": "sha256-d22VIgsDXagQQWnAnebYeQWGHlmF81YRwuGCzAgNZAQ=", + "lastModified": 1774224548, + "narHash": "sha256-g45WZAZHNc7wJBkK4IdB5dq0Bh0JE7G0gcY2H5DFi44=", "owner": "notashelf", "repo": "nvf", - "rev": "d847d401bea4dcb1478d02a61a3209fa8512f71d", + "rev": "edfb73fa4ced576f587d259a70a513b4152f8cea", "type": "github" }, "original": { @@ -926,7 +911,6 @@ "grub2-themes": "grub2-themes", "himmelblau": "himmelblau", "home-manager": "home-manager", - "import-tree": "import-tree", "jovian": "jovian", "mydia": "mydia", "nix-minecraft": "nix-minecraft", @@ -938,7 +922,6 @@ "plasma-manager": "plasma-manager", "sops-nix": "sops-nix_2", "stylix": "stylix", - "systems": "systems_5", "terranix": "terranix", "zen-browser": "zen-browser" } @@ -946,11 +929,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1774376228, - "narHash": "sha256-7oA0u4aghFjjIcIDKZ26NUpXH7hVXGPC0sI1OfK7NUk=", + "lastModified": 1774221325, + "narHash": "sha256-aEIdkqB8gtQZtEbogdUb5iyfcZpKIlD3FkG8ANu73/I=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "eabb84b771420b8396ab4bb4747694302d9be277", + "rev": "b42b63f390a4dab14e6efa34a70e67f5b087cc62", "type": "github" }, "original": { @@ -986,11 +969,11 @@ "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1774303811, - "narHash": "sha256-fhG4JAcLgjKwt+XHbjs8brpWnyKUfU4LikLm3s0Q/ic=", + "lastModified": 1774154798, + "narHash": "sha256-zsTuloDSdKf+PrI1MsWx5z/cyGEJ8P3eERtAfdP8Bmg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "614e256310e0a4f8a9ccae3fa80c11844fba7042", + "rev": "3e0d543e6ba6c0c48117a81614e90c6d8c425170", "type": "github" }, "original": { @@ -1106,28 +1089,13 @@ "type": "github" } }, - "systems_6": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "terranix": { "inputs": { "flake-parts": "flake-parts_5", "nixpkgs": [ "nixpkgs" ], - "systems": "systems_6" + "systems": "systems_5" }, "locked": { "lastModified": 1773700838, @@ -1253,11 +1221,11 @@ ] }, "locked": { - "lastModified": 1774352774, - "narHash": "sha256-gibUM0pSnLxEeuFrYA8T1oEaixk+fjQpqXbYaxcEX/4=", + "lastModified": 1774242250, + "narHash": "sha256-pchbnY7KVnH26g4O3LZO8vpshInqNj937gAqlPob1Mk=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "a0f3d47dbd8f8618a1920d5a5ca09b7993415895", + "rev": "f19c3e6683c2d2f3fcfcb88fb691931a104bc47c", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0dd4189..1225179 100644 --- a/flake.nix +++ b/flake.nix @@ -1,17 +1,11 @@ { description = "Nixos config flake"; - nixConfig = { - warn-dirty = false; - extra-experimental-features = ["nix-command" "flakes" "pipe-operators"]; - }; - inputs = { flake-parts = { url = "github:hercules-ci/flake-parts"; inputs.nixpkgs-lib.follows = "clan-core/nixpkgs"; }; - import-tree.url = "github:vic/import-tree"; clan-core = { url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; @@ -19,7 +13,6 @@ }; nixpkgs.follows = "clan-core/nixpkgs"; - systems.url = "github:nix-systems/default"; home-manager = { url = "github:nix-community/home-manager"; @@ -32,9 +25,21 @@ inputs.home-manager.follows = "home-manager"; }; + # Legacy ISO flow removed in favor of Clan install workflows. + # nixos-generators = { + # url = "github:nix-community/nixos-generators"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; + # neovim nvf.url = "github:notashelf/nvf"; + # Unused input retained as a comment for easy recovery. + # nixos-boot.url = "github:Melkor333/nixos-boot"; + + # Unused input retained as a comment for easy recovery. + # firefox.url = "github:nix-community/flake-firefox-nightly"; + stylix.url = "github:nix-community/stylix"; # Rust toolchain @@ -73,6 +78,15 @@ url = "github:vinceliuice/grub2-themes"; }; + # Unused input retained as a comment for easy recovery. + # nixos-wsl = { + # url = "github:nix-community/nixos-wsl"; + # inputs = { + # nixpkgs.follows = "nixpkgs"; + # flake-compat.follows = ""; + # }; + # }; + terranix = { url = "github:terranix/terranix"; inputs.nixpkgs.follows = "nixpkgs"; @@ -84,42 +98,23 @@ }; }; - outputs = inputs @ { - flake-parts, - nixpkgs, - systems, - ... - }: + outputs = inputs@{flake-parts, ...}: flake-parts.lib.mkFlake {inherit inputs;} { - systems = import systems; - clan = import ./clan.nix; - - imports = with inputs; [ - flake-parts.flakeModules.modules - clan-core.flakeModules.default - home-manager.flakeModules.default + systems = [ + "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" ]; - perSystem = {system, ...}: { - _module.args = { - pkgs = import nixpkgs { - inherit system; - - overlays = with inputs; [ - fenix.overlays.default - nix-minecraft.overlay - flux.overlays.default - ]; - - config = { - allowUnfree = true; - permittedInsecurePackages = [ - # I think this is because of zen - "qtwebengine-5.15.19" - ]; - }; - }; - }; - }; + imports = [ + inputs.clan-core.flakeModules.default + inputs.home-manager.flakeModules.home-manager + ./lib/default.nix + ./machines/default.nix + ./packages/default.nix + ./shells/default/default.nix + ./users/default.nix + ]; }; } diff --git a/lib/default.nix b/lib/default.nix index c59ca61..c89e6cf 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -7,6 +7,34 @@ inherit (lib) mkOption types; namespace = "sneeuwvlok"; + channelConfig = { + allowUnfree = true; + permittedInsecurePackages = [ + # Due to *arr stack + "dotnet-sdk-6.0.428" + "aspnetcore-runtime-6.0.36" + + # I think this is because of zen + "qtwebengine-5.15.19" + + # For Nheko, the matrix client + "olm-3.2.16" + ]; + }; + + systemOverlays = with inputs; [ + fenix.overlays.default + nix-minecraft.overlay + flux.overlays.default + ]; + + mkPkgs = system: + import inputs.nixpkgs { + inherit system; + overlays = systemOverlays; + config = channelConfig; + }; + sharedContext = { inherit inputs namespace; erosanixLib = inputs.erosanix.lib; @@ -26,6 +54,11 @@ inputs.nvf.nixosModules.default inputs.sops-nix.nixosModules.sops { + nixpkgs = { + config = channelConfig; + overlays = systemOverlays; + }; + home-manager = { useGlobalPkgs = true; useUserPackages = true; @@ -34,7 +67,7 @@ }; } ] - ++ [../modules/nixos]; + ++ [ ../modules/nixos ]; in { imports = [ ./options diff --git a/machines/ulmo/configuration.nix b/machines/ulmo/configuration.nix index 4c9ebbb..b79d25e 100644 --- a/machines/ulmo/configuration.nix +++ b/machines/ulmo/configuration.nix @@ -1,301 +1,276 @@ -{ - pkgs, - inputs, - ... -}: { +{...}: { imports = [ ./disks.nix ./hardware.nix - ../../modules/nixos ]; - sneeuwvlok.application.steam.enable = true; - nixpkgs.hostPlatform = "x86_64-linux"; - system.stateVersion = "23.11"; - boot = { - kernelPackages = pkgs.linuxPackages_latest; + networking = { + interfaces.enp2s0 = { + ipv6.addresses = [ + { + address = "2a0d:6e00:1dc9:0::dead:beef"; + prefixLength = 64; + } + ]; - loader = { - systemd-boot.enable = false; - efi.canTouchEfiVariables = true; - grub = { - enable = true; - efiSupport = true; - efiInstallAsRemovable = false; - device = "nodev"; # INFO: https://discourse.nixos.org/t/question-about-grub-and-nodev - }; + useDHCP = true; }; - supportedFilesystems = ["nfs"]; + defaultGateway = { + address = "192.168.1.1"; + interface = "enp2s0"; + }; + + defaultGateway6 = { + address = "fe80::1"; + interface = "enp2s0"; + }; }; - # sneeuwvlok.application.steam.enable = true; - - # networking = { - # interfaces.enp2s0 = { - # ipv6.addresses = [ - # { - # address = "2a0d:6e00:1dc9:0::dead:beef"; - # prefixLength = 64; - # } - # ]; - - # useDHCP = true; + # virtualisation = { + # containers.enable = true; + # podman = { + # enable = true; + # dockerCompat = true; # }; - # defaultGateway = { - # address = "192.168.1.1"; - # interface = "enp2s0"; - # }; - - # defaultGateway6 = { - # address = "fe80::1"; - # interface = "enp2s0"; + # oci-containers = { + # backend = "podman"; + # containers = { + # homey = { + # image = "ghcr.io/athombv/homey-shs:latest"; + # autoStart = true; + # privileged = true; + # volumes = [ + # "/home/chris/.homey-shs:/homey/user" + # ]; + # ports = [ + # "4859:4859" + # ]; + # }; + # }; # }; # }; - # # virtualisation = { - # # containers.enable = true; - # # podman = { - # # enable = true; - # # dockerCompat = true; - # # }; + sneeuwvlok = { + services = { + backup.borg.enable = true; - # # oci-containers = { - # # backend = "podman"; - # # containers = { - # # homey = { - # # image = "ghcr.io/athombv/homey-shs:latest"; - # # autoStart = true; - # # privileged = true; - # # volumes = [ - # # "/home/chris/.homey-shs:/homey/user" - # # ]; - # # ports = [ - # # "4859:4859" - # # ]; - # # }; - # # }; - # # }; - # # }; + authentication.zitadel = { + enable = true; - # # sneeuwvlok = { - # # services = { - # # backup.borg.enable = true; + organization = { + nix = { + user = { + chris = { + email = "chris@kruining.eu"; + firstName = "Chris"; + lastName = "Kruining"; - # # authentication.zitadel = { - # # enable = true; + roles = ["ORG_OWNER"]; + instanceRoles = ["IAM_OWNER"]; + }; - # # organization = { - # # nix = { - # # user = { - # # chris = { - # # email = "chris@kruining.eu"; - # # firstName = "Chris"; - # # lastName = "Kruining"; + kaas = { + email = "chris+kaas@kruining.eu"; + firstName = "Kaas"; + lastName = "Kruining"; + }; + }; - # # roles = ["ORG_OWNER"]; - # # instanceRoles = ["IAM_OWNER"]; - # # }; + project = { + ulmo = { + projectRoleCheck = true; + projectRoleAssertion = true; + hasProjectCheck = true; - # # kaas = { - # # email = "chris+kaas@kruining.eu"; - # # firstName = "Kaas"; - # # lastName = "Kruining"; - # # }; - # # }; + role = { + jellyfin = { + group = "jellyfin"; + }; + jellyfin_admin = { + group = "jellyfin"; + }; + }; - # # project = { - # # ulmo = { - # # projectRoleCheck = true; - # # projectRoleAssertion = true; - # # hasProjectCheck = true; + assign = { + chris = ["jellyfin" "jellyfin_admin"]; + kaas = ["jellyfin"]; + }; - # # role = { - # # jellyfin = { - # # group = "jellyfin"; - # # }; - # # jellyfin_admin = { - # # group = "jellyfin"; - # # }; - # # }; + application = { + jellyfin = { + redirectUris = ["https://jellyfin.kruining.eu/sso/OID/redirect/zitadel"]; + grantTypes = ["authorizationCode"]; + responseTypes = ["code"]; + }; - # # assign = { - # # chris = ["jellyfin" "jellyfin_admin"]; - # # kaas = ["jellyfin"]; - # # }; + forgejo = { + redirectUris = ["https://git.amarth.cloud/user/oauth2/zitadel/callback"]; + grantTypes = ["authorizationCode"]; + responseTypes = ["code"]; + }; - # # application = { - # # jellyfin = { - # # redirectUris = ["https://jellyfin.kruining.eu/sso/OID/redirect/zitadel"]; - # # grantTypes = ["authorizationCode"]; - # # responseTypes = ["code"]; - # # }; + vaultwarden = { + redirectUris = ["https://vault.kruining.eu/identity/connect/oidc-signin"]; + grantTypes = ["authorizationCode"]; + responseTypes = ["code"]; + exportMap = { + client_id = "SSO_CLIENT_ID"; + client_secret = "SSO_CLIENT_SECRET"; + }; + }; - # # forgejo = { - # # redirectUris = ["https://git.amarth.cloud/user/oauth2/zitadel/callback"]; - # # grantTypes = ["authorizationCode"]; - # # responseTypes = ["code"]; - # # }; + matrix = { + redirectUris = ["https://matrix.kruining.eu/_synapse/client/oidc/callback"]; + grantTypes = ["authorizationCode"]; + responseTypes = ["code"]; + }; - # # vaultwarden = { - # # redirectUris = ["https://vault.kruining.eu/identity/connect/oidc-signin"]; - # # grantTypes = ["authorizationCode"]; - # # responseTypes = ["code"]; - # # exportMap = { - # # client_id = "SSO_CLIENT_ID"; - # # client_secret = "SSO_CLIENT_SECRET"; - # # }; - # # }; + mydia = { + redirectUris = ["http://localhost:2010/auth/oidc/callback"]; + grantTypes = ["authorizationCode"]; + responseTypes = ["code"]; + }; - # # matrix = { - # # redirectUris = ["https://matrix.kruining.eu/_synapse/client/oidc/callback"]; - # # grantTypes = ["authorizationCode"]; - # # responseTypes = ["code"]; - # # }; + grafana = { + redirectUris = ["http://localhost:9001/login/generic_oauth"]; + grantTypes = ["authorizationCode"]; + responseTypes = ["code"]; + }; + }; + }; - # # mydia = { - # # redirectUris = ["http://localhost:2010/auth/oidc/callback"]; - # # grantTypes = ["authorizationCode"]; - # # responseTypes = ["code"]; - # # }; + convex = { + projectRoleCheck = true; + projectRoleAssertion = true; + hasProjectCheck = true; - # # grafana = { - # # redirectUris = ["http://localhost:9001/login/generic_oauth"]; - # # grantTypes = ["authorizationCode"]; - # # responseTypes = ["code"]; - # # }; - # # }; - # # }; + application = { + scry = { + redirectUris = ["https://nautical-salamander-320.eu-west-1.convex.cloud/api/auth/callback/zitadel"]; + grantTypes = ["authorizationCode"]; + responseTypes = ["code"]; + }; + }; + }; + }; - # # convex = { - # # projectRoleCheck = true; - # # projectRoleAssertion = true; - # # hasProjectCheck = true; + action = { + flattenRoles = { + script = '' + (ctx, api) => { + if (ctx.v1.user.grants == undefined || ctx.v1.user.grants.count == 0) { + return; + } - # # application = { - # # scry = { - # # redirectUris = ["https://nautical-salamander-320.eu-west-1.convex.cloud/api/auth/callback/zitadel"]; - # # grantTypes = ["authorizationCode"]; - # # responseTypes = ["code"]; - # # }; - # # }; - # # }; - # # }; + const roles = ctx.v1.user.grants.grants.flatMap(({ roles, projectId }) => roles.map(role => projectId + ':' + role)); - # # action = { - # # flattenRoles = { - # # script = '' - # # (ctx, api) => { - # # if (ctx.v1.user.grants == undefined || ctx.v1.user.grants.count == 0) { - # # return; - # # } + api.v1.claims.setClaim('nix:zitadel:custom', JSON.stringify({ roles })); + }; + ''; + }; + }; - # # const roles = ctx.v1.user.grants.grants.flatMap(({ roles, projectId }) => roles.map(role => projectId + ':' + role)); + triggers = [ + { + flowType = "customiseToken"; + triggerType = "preUserinfoCreation"; + actions = ["flattenRoles"]; + } + { + flowType = "customiseToken"; + triggerType = "preAccessTokenCreation"; + actions = ["flattenRoles"]; + } + ]; + }; + }; + }; - # # api.v1.claims.setClaim('nix:zitadel:custom', JSON.stringify({ roles })); - # # }; - # # ''; - # # }; - # # }; + communication.matrix.enable = true; - # # triggers = [ - # # { - # # flowType = "customiseToken"; - # # triggerType = "preUserinfoCreation"; - # # actions = ["flattenRoles"]; - # # } - # # { - # # flowType = "customiseToken"; - # # triggerType = "preAccessTokenCreation"; - # # actions = ["flattenRoles"]; - # # } - # # ]; - # # }; - # # }; - # # }; + development.forgejo.enable = true; - # # communication.matrix.enable = true; + networking.ssh.enable = true; + networking.caddy.hosts = { + # Expose amarht cloud stuff like this until I have a proper solution + "auth.amarth.cloud" = '' + reverse_proxy http://192.168.1.223:9092 + ''; - # # development.forgejo.enable = true; + "amarth.cloud" = '' + reverse_proxy http://192.168.1.223:8080 + ''; + }; - # # networking.ssh.enable = true; - # # networking.caddy.hosts = { - # # # Expose amarht cloud stuff like this until I have a proper solution - # # "auth.amarth.cloud" = '' - # # reverse_proxy http://192.168.1.223:9092 - # # ''; + media.enable = true; + media.glance.enable = true; + media.mydia.enable = true; + media.nfs.enable = true; + media.jellyfin.enable = true; + media.servarr = { + radarr = { + enable = true; + port = 2001; + rootFolders = [ + "/var/media/movies" + ]; + }; - # # "amarth.cloud" = '' - # # reverse_proxy http://192.168.1.223:8080 - # # ''; - # # }; + sonarr = { + enable = true; + # debug = true; + port = 2002; + rootFolders = [ + "/var/media/series" + ]; + }; - # # media.enable = true; - # # media.glance.enable = true; - # # media.mydia.enable = true; - # # media.nfs.enable = true; - # # media.jellyfin.enable = true; - # # media.servarr = { - # # radarr = { - # # enable = true; - # # port = 2001; - # # rootFolders = [ - # # "/var/media/movies" - # # ]; - # # }; + lidarr = { + enable = true; + debug = true; + port = 2003; + rootFolders = [ + "/var/media/music" + ]; + }; - # # sonarr = { - # # enable = true; - # # # debug = true; - # # port = 2002; - # # rootFolders = [ - # # "/var/media/series" - # # ]; - # # }; + prowlarr = { + enable = true; + # debug = true; + port = 2004; + }; + }; - # # lidarr = { - # # enable = true; - # # debug = true; - # # port = 2003; - # # rootFolders = [ - # # "/var/media/music" - # # ]; - # # }; + observability = { + grafana.enable = true; + prometheus.enable = true; + loki.enable = true; + promtail.enable = true; + # uptime-kuma.enable = true; + }; - # # prowlarr = { - # # enable = true; - # # # debug = true; - # # port = 2004; - # # }; - # # }; + security.vaultwarden = { + enable = true; + database = { + # type = "sqlite"; + # file = "/var/lib/vaultwarden/state.db"; - # # observability = { - # # grafana.enable = true; - # # prometheus.enable = true; - # # loki.enable = true; - # # promtail.enable = true; - # # # uptime-kuma.enable = true; - # # }; + type = "postgresql"; + host = "localhost"; + port = 5432; + sslMode = "disabled"; + }; + }; + }; - # # security.vaultwarden = { - # # enable = true; - # # database = { - # # # type = "sqlite"; - # # # file = "/var/lib/vaultwarden/state.db"; + editor = { + nano.enable = true; + }; + }; - # # type = "postgresql"; - # # host = "localhost"; - # # port = 5432; - # # sslMode = "disabled"; - # # }; - # # }; - # # }; - - # # editor = { - # # nano.enable = true; - # # }; - # # }; -} + system.stateVersion = "23.11"; +} \ No newline at end of file diff --git a/modules/home/application/bitwarden/default.nix b/modules/home/application/bitwarden/default.nix index 5d62919..f2cd869 100644 --- a/modules/home/application/bitwarden/default.nix +++ b/modules/home/application/bitwarden/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.bitwarden; + cfg = config.${namespace}.application.bitwarden; in { - options.sneeuwvlok.application.bitwarden = { + options.${namespace}.application.bitwarden = { enable = mkEnableOption "enable bitwarden"; }; diff --git a/modules/home/application/chrome/default.nix b/modules/home/application/chrome/default.nix index 1848836..ac9f5ef 100644 --- a/modules/home/application/chrome/default.nix +++ b/modules/home/application/chrome/default.nix @@ -1,16 +1,11 @@ -{ - inputs, - config, - lib, - pkgs, - namespace, - ... -}: let +{ inputs, config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.chrome; -in { - options.sneeuwvlok.application.chrome = { + cfg = config.${namespace}.application.chrome; +in +{ + options.${namespace}.application.chrome = { enable = mkEnableOption "enable chrome"; }; diff --git a/modules/home/application/discord/default.nix b/modules/home/application/discord/default.nix index edb640a..a736b37 100644 --- a/modules/home/application/discord/default.nix +++ b/modules/home/application/discord/default.nix @@ -1,20 +1,15 @@ -{ - inputs, - config, - lib, - pkgs, - namespace, - ... -}: let +{ inputs, config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.discord; -in { - options.sneeuwvlok.application.discord = { + cfg = config.${namespace}.application.discord; +in +{ + options.${namespace}.application.discord = { enable = mkEnableOption "enable discord (vesktop)"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [vesktop]; + home.packages = with pkgs; [ vesktop ]; }; } diff --git a/modules/home/application/ladybird/default.nix b/modules/home/application/ladybird/default.nix index f1ad1ea..31d7c17 100644 --- a/modules/home/application/ladybird/default.nix +++ b/modules/home/application/ladybird/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.ladybird; + cfg = config.${namespace}.application.ladybird; in { - options.sneeuwvlok.application.ladybird = { + options.${namespace}.application.ladybird = { enable = mkEnableOption "enable ladybird"; }; diff --git a/modules/home/application/matrix/default.nix b/modules/home/application/matrix/default.nix index d09ea11..867a94f 100644 --- a/modules/home/application/matrix/default.nix +++ b/modules/home/application/matrix/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.matrix; + cfg = config.${namespace}.application.matrix; in { - options.sneeuwvlok.application.matrix = { + options.${namespace}.application.matrix = { enable = mkEnableOption "enable Matrix client (Fractal)"; }; diff --git a/modules/home/application/obs/default.nix b/modules/home/application/obs/default.nix index e6ee4e3..a2be203 100644 --- a/modules/home/application/obs/default.nix +++ b/modules/home/application/obs/default.nix @@ -1,16 +1,11 @@ -{ - config, - lib, - pkgs, - namespace, - osConfig ? {}, - ... -}: let +{ config, lib, pkgs, namespace, osConfig ? {}, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.obs; -in { - options.sneeuwvlok.application.obs = { + cfg = config.${namespace}.application.obs; +in +{ + options.${namespace}.application.obs = { enable = mkEnableOption "enable obs"; }; diff --git a/modules/home/application/onlyoffice/default.nix b/modules/home/application/onlyoffice/default.nix index 02484ca..0479539 100644 --- a/modules/home/application/onlyoffice/default.nix +++ b/modules/home/application/onlyoffice/default.nix @@ -8,9 +8,9 @@ }: let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.onlyoffice; + cfg = config.${namespace}.application.onlyoffice; in { - options.sneeuwvlok.application.onlyoffice = { + options.${namespace}.application.onlyoffice = { enable = mkEnableOption "enable onlyoffice"; }; diff --git a/modules/home/application/signal/default.nix b/modules/home/application/signal/default.nix index 1c591bf..f4eb1d0 100644 --- a/modules/home/application/signal/default.nix +++ b/modules/home/application/signal/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.signal; + cfg = config.${namespace}.application.signal; in { - options.sneeuwvlok.application.signal = { + options.${namespace}.application.signal = { enable = mkEnableOption "enable signal"; }; diff --git a/modules/home/application/steam/default.nix b/modules/home/application/steam/default.nix index 28a8e93..8c87b40 100644 --- a/modules/home/application/steam/default.nix +++ b/modules/home/application/steam/default.nix @@ -1,21 +1,16 @@ -{ - inputs, - config, - lib, - pkgs, - namespace, - ... -}: let +{ inputs, config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.steam; -in { - options.sneeuwvlok.application.steam = { + cfg = config.${namespace}.application.steam; +in +{ + options.${namespace}.application.steam = { enable = mkEnableOption "enable steam"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [protonup-ng]; + home.packages = with pkgs; [ protonup-ng ]; home.sessionVariables = { STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d"; diff --git a/modules/home/application/studio/default.nix b/modules/home/application/studio/default.nix index c883eac..bd4e64e 100644 --- a/modules/home/application/studio/default.nix +++ b/modules/home/application/studio/default.nix @@ -2,13 +2,13 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.studio; + cfg = config.${namespace}.application.studio; studioPackage = pkgs.callPackage (repoRoot + "/packages/studio/package.nix") { inherit erosanixLib; }; in { - options.sneeuwvlok.application.studio = { + options.${namespace}.application.studio = { enable = mkEnableOption "enable Bricklink Studio"; }; diff --git a/modules/home/application/teamspeak/default.nix b/modules/home/application/teamspeak/default.nix index 031de79..3e5e530 100644 --- a/modules/home/application/teamspeak/default.nix +++ b/modules/home/application/teamspeak/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.teamspeak; + cfg = config.${namespace}.application.teamspeak; in { - options.sneeuwvlok.application.teamspeak = { + options.${namespace}.application.teamspeak = { enable = mkEnableOption "enable teamspeak"; }; diff --git a/modules/home/application/thunderbird/default.nix b/modules/home/application/thunderbird/default.nix index 3392358..92c8e37 100644 --- a/modules/home/application/thunderbird/default.nix +++ b/modules/home/application/thunderbird/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.thunderbird; + cfg = config.${namespace}.application.thunderbird; in { - options.sneeuwvlok.application.thunderbird = { + options.${namespace}.application.thunderbird = { enable = mkEnableOption "enable thunderbird"; }; diff --git a/modules/home/application/zen/default.nix b/modules/home/application/zen/default.nix index b8a2505..1d18a92 100644 --- a/modules/home/application/zen/default.nix +++ b/modules/home/application/zen/default.nix @@ -1,15 +1,11 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.application.zen; -in { - options.sneeuwvlok.application.zen = { + cfg = config.${namespace}.application.zen; +in +{ + options.${namespace}.application.zen = { enable = mkEnableOption "enable zen"; }; @@ -54,7 +50,8 @@ in { install_url = "https://addons.mozilla.org/firefox/downloads/latest/${builtins.toString id}/latest.xpi"; installation_mode = "force_installed"; }; - in { + in + { ublock_origin = 4531307; ghostry = 4562168; bitwarden = 4562769; diff --git a/modules/home/default.nix b/modules/home/default.nix index 92a65e5..1c9623e 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -1,14 +1,9 @@ -{ - pkgs, - config, - lib, - namespace, - ... -}: let +{ pkgs, config, lib, namespace, ... }: +let inherit (lib) mkOption; inherit (lib.types) enum; - cfg = config.sneeuwvlok.defaults; + cfg = config.${namespace}.defaults; in { imports = [ ./application @@ -22,30 +17,30 @@ in { ./themes ]; - options.sneeuwvlok.defaults = { + options.${namespace}.defaults = { editor = mkOption { - type = enum ["nano" "nvim" "zed"]; + type = enum [ "nano" "nvim" "zed" ]; default = "nano"; description = "Default editor for text manipulation"; example = "nvim"; }; shell = mkOption { - type = enum ["fish" "zsh" "bash"]; + type = enum [ "fish" "zsh" "bash" ]; default = "zsh"; description = "Default shell"; example = "zsh"; }; terminal = mkOption { - type = enum ["ghostty" "alacritty"]; + type = enum [ "ghostty" "alacritty" ]; default = "ghostty"; description = "Default terminal"; example = "ghostty"; }; browser = mkOption { - type = enum ["chrome" "ladybird" "zen"]; + type = enum [ "chrome" "ladybird" "zen" ]; default = "zen"; description = "Default terminal"; example = "zen"; diff --git a/modules/home/desktop/plasma/default.nix b/modules/home/desktop/plasma/default.nix index f6e629e..0b679a0 100644 --- a/modules/home/desktop/plasma/default.nix +++ b/modules/home/desktop/plasma/default.nix @@ -2,11 +2,11 @@ let inherit (lib) mkIf; - cfg = config.sneeuwvlok.desktop.plasma; - osCfg = osConfig.sneeuwvlok.desktop.plasma or { enable = false; }; + cfg = config.${namespace}.desktop.plasma; + osCfg = osConfig.${namespace}.desktop.plasma or { enable = false; }; in { - options.sneeuwvlok.desktop.plasma = { + options.${namespace}.desktop.plasma = { }; diff --git a/modules/home/development/dotnet/default.nix b/modules/home/development/dotnet/default.nix index e1d0f7c..7ed848e 100644 --- a/modules/home/development/dotnet/default.nix +++ b/modules/home/development/dotnet/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkEnableOption mkIf; - cfg = config.sneeuwvlok.development.dotnet; + cfg = config.${namespace}.development.dotnet; in { - options.sneeuwvlok.development.dotnet = { + options.${namespace}.development.dotnet = { enable = mkEnableOption "Enable dotnet development tools"; }; diff --git a/modules/home/development/javascript/default.nix b/modules/home/development/javascript/default.nix index 40c94b4..e649c86 100644 --- a/modules/home/development/javascript/default.nix +++ b/modules/home/development/javascript/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkEnableOption mkIf; - cfg = config.sneeuwvlok.development.javascript; + cfg = config.${namespace}.development.javascript; in { - options.sneeuwvlok.development.javascript = { + options.${namespace}.development.javascript = { enable = mkEnableOption "Enable javascript development tools"; }; diff --git a/modules/home/development/rust/default.nix b/modules/home/development/rust/default.nix index f545e7e..4208c68 100644 --- a/modules/home/development/rust/default.nix +++ b/modules/home/development/rust/default.nix @@ -1,19 +1,15 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkEnableOption mkIf; - cfg = config.sneeuwvlok.development.rust; -in { - options.sneeuwvlok.development.rust = { + cfg = config.${namespace}.development.rust; +in +{ + options.${namespace}.development.rust = { enable = mkEnableOption "Enable rust development tools"; }; - config = - mkIf cfg.enable { - }; + config = mkIf cfg.enable { + + }; } diff --git a/modules/home/editor/nano/default.nix b/modules/home/editor/nano/default.nix index f436775..870db8e 100644 --- a/modules/home/editor/nano/default.nix +++ b/modules/home/editor/nano/default.nix @@ -1,21 +1,16 @@ -{ - config, - options, - lib, - pkgs, - namespace, - ... -}: let +{ config, options, lib, pkgs, namespace, ... }: +let inherit (lib) mkEnableOption mkIf; - cfg = config.sneeuwvlok.editor.nano; -in { - options.sneeuwvlok.editor.nano = { + cfg = config.${namespace}.editor.nano; +in +{ + options.${namespace}.editor.nano = { enable = mkEnableOption "nano"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [nano]; + home.packages = with pkgs; [ nano ]; # programs.nano = { # enable = true; diff --git a/modules/home/editor/nvim/default.nix b/modules/home/editor/nvim/default.nix index fcb0b25..162772f 100644 --- a/modules/home/editor/nvim/default.nix +++ b/modules/home/editor/nvim/default.nix @@ -1,20 +1,15 @@ -{ - inputs, - config, - lib, - pkgs, - namespace, - ... -}: let +{ inputs, config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.editor.nvim; -in { + cfg = config.${namespace}.editor.nvim; +in +{ # imports = [ # inputs.nvf.nixosModules.default # ]; - options.sneeuwvlok.editor.nvim = { + options.${namespace}.editor.nvim = { enable = mkEnableOption "enable nvim via nvf on user level"; }; diff --git a/modules/home/editor/zed/default.nix b/modules/home/editor/zed/default.nix index 2da026c..f0fe7fa 100644 --- a/modules/home/editor/zed/default.nix +++ b/modules/home/editor/zed/default.nix @@ -1,9 +1,9 @@ { config, lib, pkgs, namespace, ... }: let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.editor.zed; + cfg = config.${namespace}.editor.zed; in { - options.sneeuwvlok.editor.zed = { + options.${namespace}.editor.zed = { enable = mkEnableOption "zed"; }; diff --git a/modules/home/game/minecraft/default.nix b/modules/home/game/minecraft/default.nix index fbdcc9d..e5dedc6 100644 --- a/modules/home/game/minecraft/default.nix +++ b/modules/home/game/minecraft/default.nix @@ -1,20 +1,15 @@ -{ - inputs, - config, - lib, - pkgs, - namespace, - ... -}: let +{ inputs, config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.game.minecraft; -in { - options.sneeuwvlok.game.minecraft = { + cfg = config.${namespace}.game.minecraft; +in +{ + options.${namespace}.game.minecraft = { enable = mkEnableOption "enable minecraft"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [prismlauncher]; + home.packages = with pkgs; [ prismlauncher ]; }; } diff --git a/modules/home/shell/default.nix b/modules/home/shell/default.nix index 2081c59..636156a 100644 --- a/modules/home/shell/default.nix +++ b/modules/home/shell/default.nix @@ -2,7 +2,7 @@ let inherit (lib) mkIf mkMerge mkEnableOption mkDefault; - cfg = config.sneeuwvlok.shell; + cfg = config.${namespace}.shell; in { imports = [ @@ -10,13 +10,13 @@ in ./zsh ]; - options.sneeuwvlok.shell = { + options.${namespace}.shell = { corePkgs.enable = mkEnableOption "core shell packages"; }; config = mkMerge [ (mkIf (cfg.corePkgs.enable) { - sneeuwvlok.shell.toolset = mkDefault { + ${namespace}.shell.toolset = mkDefault { bat.enable = true; btop.enable = true; eza.enable = true; diff --git a/modules/home/shell/toolset/bat/default.nix b/modules/home/shell/toolset/bat/default.nix index 0c403ee..78899df 100644 --- a/modules/home/shell/toolset/bat/default.nix +++ b/modules/home/shell/toolset/bat/default.nix @@ -1,20 +1,16 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.toolset.bat; -in { - options.sneeuwvlok.shell.toolset.bat = { + cfg = config.${namespace}.shell.toolset.bat; +in +{ + options.${namespace}.shell.toolset.bat = { enable = mkEnableOption "cat replacement"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [bat]; + home.packages = with pkgs; [ bat ]; programs.bat = { enable = true; diff --git a/modules/home/shell/toolset/btop/default.nix b/modules/home/shell/toolset/btop/default.nix index 4368367..b490acc 100644 --- a/modules/home/shell/toolset/btop/default.nix +++ b/modules/home/shell/toolset/btop/default.nix @@ -1,21 +1,17 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; inherit (lib.strings) concatStringsSep; - cfg = config.sneeuwvlok.shell.toolset.btop; -in { - options.sneeuwvlok.shell.toolset.btop = { + cfg = config.${namespace}.shell.toolset.btop; +in +{ + options.${namespace}.shell.toolset.btop = { enable = mkEnableOption "system-monitor"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [btop]; + home.packages = with pkgs; [ btop ]; programs.btop = { enable = true; diff --git a/modules/home/shell/toolset/eza/default.nix b/modules/home/shell/toolset/eza/default.nix index 463e9ae..00026cf 100644 --- a/modules/home/shell/toolset/eza/default.nix +++ b/modules/home/shell/toolset/eza/default.nix @@ -1,20 +1,16 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.toolset.eza; -in { - options.sneeuwvlok.shell.toolset.eza = { + cfg = config.${namespace}.shell.toolset.eza; +in +{ + options.${namespace}.shell.toolset.eza = { enable = mkEnableOption "system-monitor"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [eza]; + home.packages = with pkgs; [ eza ]; programs.eza = { enable = true; diff --git a/modules/home/shell/toolset/fzf/default.nix b/modules/home/shell/toolset/fzf/default.nix index 7e0706b..e2f0313 100644 --- a/modules/home/shell/toolset/fzf/default.nix +++ b/modules/home/shell/toolset/fzf/default.nix @@ -1,20 +1,16 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.toolset.fzf; -in { - options.sneeuwvlok.shell.toolset.fzf = { + cfg = config.${namespace}.shell.toolset.fzf; +in +{ + options.${namespace}.shell.toolset.fzf = { enable = mkEnableOption "TUI Fuzzy Finder."; }; config = mkIf cfg.enable { - home.packages = with pkgs; [fzf]; + home.packages = with pkgs; [ fzf ]; programs.fzf = { enable = true; diff --git a/modules/home/shell/toolset/git/default.nix b/modules/home/shell/toolset/git/default.nix index 9f42376..dd138c8 100644 --- a/modules/home/shell/toolset/git/default.nix +++ b/modules/home/shell/toolset/git/default.nix @@ -7,9 +7,9 @@ }: let inherit (lib) mkEnableOption mkIf; - cfg = config.sneeuwvlok.shell.toolset.git; + cfg = config.${namespace}.shell.toolset.git; in { - options.sneeuwvlok.shell.toolset.git = { + options.${namespace}.shell.toolset.git = { enable = mkEnableOption "version-control system"; }; diff --git a/modules/home/shell/toolset/gnugpg/default.nix b/modules/home/shell/toolset/gnugpg/default.nix index 8340ba4..8b6ae38 100644 --- a/modules/home/shell/toolset/gnugpg/default.nix +++ b/modules/home/shell/toolset/gnugpg/default.nix @@ -1,15 +1,11 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.toolset.gnupg; -in { - options.sneeuwvlok.shell.toolset.gnupg = { + cfg = config.${namespace}.shell.toolset.gnupg; +in +{ + options.${namespace}.shell.toolset.gnupg = { enable = mkEnableOption "cryptographic suite"; }; diff --git a/modules/home/shell/toolset/just/default.nix b/modules/home/shell/toolset/just/default.nix index 983b5d6..e956b2a 100644 --- a/modules/home/shell/toolset/just/default.nix +++ b/modules/home/shell/toolset/just/default.nix @@ -1,19 +1,15 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkEnableOption mkIf; - cfg = config.sneeuwvlok.shell.toolset.just; -in { - options.sneeuwvlok.shell.toolset.just = { + cfg = config.${namespace}.shell.toolset.just; +in +{ + options.${namespace}.shell.toolset.just = { enable = mkEnableOption "version-control system"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [just gum]; + home.packages = with pkgs; [ just gum ]; }; } diff --git a/modules/home/shell/toolset/starship/default.nix b/modules/home/shell/toolset/starship/default.nix index 9c52947..28d57f7 100644 --- a/modules/home/shell/toolset/starship/default.nix +++ b/modules/home/shell/toolset/starship/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.toolset.starship; + cfg = config.${namespace}.shell.toolset.starship; in { - options.sneeuwvlok.shell.toolset.starship = { + options.${namespace}.shell.toolset.starship = { enable = mkEnableOption "fancy pansy shell prompt"; }; diff --git a/modules/home/shell/toolset/tmux/default.nix b/modules/home/shell/toolset/tmux/default.nix index 95c54d4..ed14ba6 100644 --- a/modules/home/shell/toolset/tmux/default.nix +++ b/modules/home/shell/toolset/tmux/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.toolset.tmux; + cfg = config.${namespace}.shell.toolset.tmux; in { - options.sneeuwvlok.shell.toolset.tmux = { + options.${namespace}.shell.toolset.tmux = { enable = mkEnableOption "terminal multiplexer"; }; diff --git a/modules/home/shell/toolset/yazi/default.nix b/modules/home/shell/toolset/yazi/default.nix index 4c5f2f5..37138a0 100644 --- a/modules/home/shell/toolset/yazi/default.nix +++ b/modules/home/shell/toolset/yazi/default.nix @@ -1,20 +1,16 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.toolset.yazi; -in { - options.sneeuwvlok.shell.toolset.yazi = { + cfg = config.${namespace}.shell.toolset.yazi; +in +{ + options.${namespace}.shell.toolset.yazi = { enable = mkEnableOption "cli file browser"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [yazi]; + home.packages = with pkgs; [ yazi ]; programs.yazi = { enable = true; diff --git a/modules/home/shell/toolset/zellij/default.nix b/modules/home/shell/toolset/zellij/default.nix index fb366e1..db5b7bd 100644 --- a/modules/home/shell/toolset/zellij/default.nix +++ b/modules/home/shell/toolset/zellij/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.toolset.zellij; + cfg = config.${namespace}.shell.toolset.zellij; in { - options.sneeuwvlok.shell.toolset.zellij = { + options.${namespace}.shell.toolset.zellij = { enable = mkEnableOption "terminal multiplexer"; }; diff --git a/modules/home/shell/toolset/zoxide/default.nix b/modules/home/shell/toolset/zoxide/default.nix index 53a1f35..5b8acb6 100644 --- a/modules/home/shell/toolset/zoxide/default.nix +++ b/modules/home/shell/toolset/zoxide/default.nix @@ -1,20 +1,16 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.toolset.zoxide; -in { - options.sneeuwvlok.shell.toolset.zoxide = { + cfg = config.${namespace}.shell.toolset.zoxide; +in +{ + options.${namespace}.shell.toolset.zoxide = { enable = mkEnableOption "cd replacement"; }; config = mkIf cfg.enable { - home.packages = with pkgs; [zoxide]; + home.packages = with pkgs; [ zoxide ]; programs.zoxide = { enable = true; diff --git a/modules/home/shell/zsh/default.nix b/modules/home/shell/zsh/default.nix index 02dc043..b37cc4c 100644 --- a/modules/home/shell/zsh/default.nix +++ b/modules/home/shell/zsh/default.nix @@ -2,15 +2,15 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.zsh; + cfg = config.${namespace}.shell.zsh; in { - options.sneeuwvlok.shell.zsh = { + options.${namespace}.shell.zsh = { enable = mkEnableOption "enable ZSH"; }; config = mkIf cfg.enable { - # sneeuwvlok.shell = { + # ${namespace}.shell = { # zsh.enable = true; # }; diff --git a/modules/home/terminal/alacritty/default.nix b/modules/home/terminal/alacritty/default.nix index 73468f6..b6e5822 100644 --- a/modules/home/terminal/alacritty/default.nix +++ b/modules/home/terminal/alacritty/default.nix @@ -1,14 +1,11 @@ -{ - config, - lib, - namespace, - ... -}: let +{ config, lib, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.terminal.alacritty; -in { - options.sneeuwvlok.terminal.alacritty = { + cfg = config.${namespace}.terminal.alacritty; +in +{ + options.${namespace}.terminal.alacritty = { enable = mkEnableOption "enable alacritty"; }; diff --git a/modules/home/terminal/ghostty/default.nix b/modules/home/terminal/ghostty/default.nix index 6949df1..4681b53 100644 --- a/modules/home/terminal/ghostty/default.nix +++ b/modules/home/terminal/ghostty/default.nix @@ -1,14 +1,11 @@ -{ - config, - lib, - namespace, - ... -}: let +{ config, lib, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.terminal.ghostty; -in { - options.sneeuwvlok.terminal.ghostty = { + cfg = config.${namespace}.terminal.ghostty; +in +{ + options.${namespace}.terminal.ghostty = { enable = mkEnableOption "enable ghostty"; }; @@ -16,10 +13,10 @@ in { programs.ghostty = { enable = true; settings = { - command = config.sneeuwvlok.defaults.shell; + command = config.${namespace}.defaults.shell; background-blur-radius = 20; theme = "dark:stylix,light:stylix"; - window-theme = config.sneeuwvlok.themes.polarity or "dark"; + window-theme = (config.${namespace}.themes.polarity or "dark"); background-opacity = 0.8; minimum-contrast = 1.1; }; diff --git a/modules/home/themes/default.nix b/modules/home/themes/default.nix index d6f8b6a..d338b88 100644 --- a/modules/home/themes/default.nix +++ b/modules/home/themes/default.nix @@ -1,30 +1,24 @@ -{ - config, - lib, - pkgs, - namespace, - osConfig ? {}, - ... -}: let +{ config, lib, pkgs, namespace, osConfig ? {}, ... }: +let inherit (lib) mkIf mkDefault; inherit (lib.options) mkOption mkEnableOption; inherit (lib.types) nullOr enum; - cfg = config.sneeuwvlok.themes; - osCfg = osConfig.sneeuwvlok.theming; + cfg = config.${namespace}.themes; + osCfg = osConfig.${namespace}.theming; in { - options.sneeuwvlok.themes = { + options.${namespace}.themes = { enable = mkEnableOption "Theming (Stylix)"; theme = mkOption { - type = nullOr (enum ["everforest" "catppuccin-latte" "chalk"]); + type = nullOr (enum [ "everforest" "catppuccin-latte" "chalk" ]); default = "everforest"; description = "The theme to set the system to"; example = "everforest"; }; polarity = mkOption { - type = nullOr (enum ["dark" "light"]); + type = nullOr (enum [ "dark" "light" ]); default = "dark"; description = "determine if system is in dark or light mode"; }; @@ -39,7 +33,7 @@ in { polarity = cfg.polarity; targets.qt.platform = mkDefault "kde"; - targets.zen-browser.profileNames = ["Chris"]; + targets.zen-browser.profileNames = [ "Chris" ]; fonts = { serif = { diff --git a/modules/nixos/application/default.nix b/modules/nixos/application/default.nix new file mode 100644 index 0000000..cd39af6 --- /dev/null +++ b/modules/nixos/application/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./steam + ]; +} diff --git a/modules/nixos/application/steam.nix b/modules/nixos/application/steam.nix deleted file mode 100644 index de83987..0000000 --- a/modules/nixos/application/steam.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - lib, - pkgs, - config, - ... -}: let - inherit (lib) mkIf mkEnableOption; - - cfg = config.sneeuwvlok.application.steam; -in { - options.sneeuwvlok.application.steam = { - enable = mkEnableOption "enable steam"; - }; - config = mkIf cfg.enable { - environment.systemPackages = with pkgs; [steam]; - - programs = { - steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - localNetworkGameTransfers.openFirewall = true; - extraCompatPackages = with pkgs; [ - proton-ge-bin - ]; - }; - }; - }; -} diff --git a/modules/nixos/application/steam/default.nix b/modules/nixos/application/steam/default.nix new file mode 100644 index 0000000..061765e --- /dev/null +++ b/modules/nixos/application/steam/default.nix @@ -0,0 +1,64 @@ +{ + inputs, + config, + lib, + pkgs, + namespace, + ... +}: let + inherit (lib) mkIf mkEnableOption; + + cfg = config.${namespace}.application.steam; +in { + options.${namespace}.application.steam = { + enable = mkEnableOption "enable steam"; + }; + + config = mkIf cfg.enable { + # environment.systemPackages = with pkgs; [ steam ]; + + programs = { + steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + localNetworkGameTransfers.openFirewall = true; + + extraCompatPackages = with pkgs; [ + proton-ge-bin + ]; + + # package = pkgs.steam.override { + # extraEnv = { + # DXVK_HUD = "compiler"; + # MANGOHUD = true; + # }; + # }; + + # gamescopeSession = { + # enable = true; + # args = ["--immediate-flips"]; + # }; + }; + + # https://github.com/FeralInteractive/gamemode + # gamemode = { + # enable = true; + # enableRenice = true; + # settings = {}; + # }; + + # gamescope = { + # enable = true; + # capSysNice = true; + # env = { + # DXVK_HDR = "1"; + # ENABLE_GAMESCOPE_WSI = "1"; + # WINE_FULLSCREEN_FSR = "1"; + # WLR_RENDERER = "vulkan"; + # }; + # args = ["--hdr-enabled"]; + # }; + }; + }; +} diff --git a/modules/nixos/boot/default.nix b/modules/nixos/boot/default.nix index de3303a..1f844d1 100644 --- a/modules/nixos/boot/default.nix +++ b/modules/nixos/boot/default.nix @@ -1,19 +1,14 @@ -{ - inputs, - lib, - namespace, - config, - pkgs, - ... -}: let +{ lib, namespace, config, pkgs, ... }: +let inherit (lib) mkIf mkMerge mkDefault mkOption; inherit (lib.types) enum bool; - cfg = config.sneeuwvlok.boot; -in { - options.sneeuwvlok.boot = { + cfg = config.${namespace}.boot; +in +{ + options.${namespace}.boot = { type = mkOption { - type = enum ["bios" "uefi"]; + type = enum [ "bios" "uefi" ]; default = "uefi"; }; @@ -29,7 +24,7 @@ in { }; config = mkMerge [ - { + ({ boot = { kernelPackages = pkgs.linuxPackages_latest; @@ -37,16 +32,16 @@ in { systemd-boot.enable = false; grub.enable = mkDefault true; - # grub2-theme = { - # enable = true; - # theme = "vimix"; - # footer = true; - # }; + grub2-theme = { + enable = true; + theme = "vimix"; + footer = true; + }; }; - supportedFilesystems = ["nfs"]; + supportedFilesystems = [ "nfs" ]; }; - } + }) (mkIf (cfg.type == "bios") { boot.loader.grub.efiSupport = false; @@ -92,7 +87,7 @@ in { theme = mkDefault "pixels"; themePackages = with pkgs; [ (adi1090x-plymouth-themes.override { - selected_themes = ["pixels"]; + selected_themes = [ "pixels" ]; }) ]; }; diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index d5f4e41..1a2c686 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -1,15 +1,14 @@ { imports = [ - ./application/steam.nix - ./boot/default.nix - ./editor/nano/default.nix - ./editor/nvim/default.nix - ./hardware/audio/default.nix + ./application + ./boot + ./desktop + ./editor + ./hardware ./home-manager + ./nix ./services - ./system/networking - ./system/security/boot - ./system/security/sops - ./system/security/sudo + ./shells + ./system ]; } diff --git a/modules/nixos/desktop/cosmic/default.nix b/modules/nixos/desktop/cosmic/default.nix index c4531ba..cba6955 100644 --- a/modules/nixos/desktop/cosmic/default.nix +++ b/modules/nixos/desktop/cosmic/default.nix @@ -7,13 +7,13 @@ }: let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.desktop.cosmic; + cfg = config.${namespace}.desktop.cosmic; in { - options.sneeuwvlok.desktop.cosmic = { + options.${namespace}.desktop.cosmic = { enable = mkEnableOption "Enable Cosmic desktop" // { - default = config.sneeuwvlok.desktop.use == "cosmic"; + default = config.${namespace}.desktop.use == "cosmic"; }; }; diff --git a/modules/nixos/desktop/default.nix b/modules/nixos/desktop/default.nix index d231d9a..03d36e6 100644 --- a/modules/nixos/desktop/default.nix +++ b/modules/nixos/desktop/default.nix @@ -7,7 +7,7 @@ inherit (lib) mkIf mkOption mkEnableOption mkMerge; inherit (lib.types) nullOr enum; - cfg = config.sneeuwvlok.desktop; + cfg = config.${namespace}.desktop; in { imports = [ ./cosmic @@ -16,7 +16,7 @@ in { ./plasma ]; - options.sneeuwvlok.desktop = { + options.${namespace}.desktop = { use = mkOption { type = nullOr (enum ["plasma" "gamescope" "gnome" "cosmic"]); default = null; @@ -33,7 +33,7 @@ in { } # (mkIf (cfg.use != null) { - # sneeuwvlok.desktop.${cfg.use}.enable = true; + # ${namespace}.desktop.${cfg.use}.enable = true; # }) ]; } diff --git a/modules/nixos/desktop/gamescope/default.nix b/modules/nixos/desktop/gamescope/default.nix index 500a3fa..9e499be 100644 --- a/modules/nixos/desktop/gamescope/default.nix +++ b/modules/nixos/desktop/gamescope/default.nix @@ -1,23 +1,18 @@ -{ - lib, - config, - namespace, - ... -}: let +{ lib, config, namespace, ... }: +let inherit (lib) mkIf mkEnableOption mkForce; - cfg = config.sneeuwvlok.desktop.gamescope; -in { - options.sneeuwvlok.desktop.gamescope = { - enable = - mkEnableOption "Enable Steamdeck ui" - // { - default = config.sneeuwvlok.desktop.use == "gamescope"; - }; + cfg = config.${namespace}.desktop.gamescope; +in +{ + options.${namespace}.desktop.gamescope = { + enable = mkEnableOption "Enable Steamdeck ui" // { + default = (config.${namespace}.desktop.use == "gamescope"); + }; }; config = mkIf cfg.enable { - sneeuwvlok.desktop.plasma.enable = true; + ${namespace}.desktop.plasma.enable = true; services.displayManager.sddm.enable = mkForce false; services.displayManager.gdm.enable = mkForce false; diff --git a/modules/nixos/desktop/gnome/default.nix b/modules/nixos/desktop/gnome/default.nix index ad1eac4..979587f 100644 --- a/modules/nixos/desktop/gnome/default.nix +++ b/modules/nixos/desktop/gnome/default.nix @@ -1,22 +1,16 @@ -{ - lib, - config, - namespace, - ... -}: let +{ lib, config, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.desktop.gnome; -in { - options.sneeuwvlok.desktop.gnome = { - enable = - mkEnableOption "Enable Gnome" - // { - default = config.sneeuwvlok.desktop.use == "gnome"; - }; + cfg = config.${namespace}.desktop.gnome; +in +{ + options.${namespace}.desktop.gnome = { + enable = mkEnableOption "Enable Gnome" // { + default = (config.${namespace}.desktop.use == "gnome"); + }; }; - config = - mkIf cfg.enable { - }; + config = mkIf cfg.enable { + }; } diff --git a/modules/nixos/desktop/plasma/default.nix b/modules/nixos/desktop/plasma/default.nix index 0c0ea58..aa1e497 100644 --- a/modules/nixos/desktop/plasma/default.nix +++ b/modules/nixos/desktop/plasma/default.nix @@ -1,20 +1,14 @@ -{ - pkgs, - lib, - config, - namespace, - ... -}: let +{ pkgs, lib, config, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.desktop.plasma; -in { - options.sneeuwvlok.desktop.plasma = { - enable = - mkEnableOption "Enable KDE Plasma" - // { - default = config.sneeuwvlok.desktop.use == "plasma"; - }; + cfg = config.${namespace}.desktop.plasma; +in +{ + options.${namespace}.desktop.plasma = { + enable = mkEnableOption "Enable KDE Plasma" // { + default = (config.${namespace}.desktop.use == "plasma"); + }; }; config = mkIf cfg.enable { diff --git a/modules/nixos/editor/nano/default.nix b/modules/nixos/editor/nano/default.nix index 6d89c72..1cb7ff1 100644 --- a/modules/nixos/editor/nano/default.nix +++ b/modules/nixos/editor/nano/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkEnableOption mkIf; - cfg = config.sneeuwvlok.editor.nano; + cfg = config.${namespace}.editor.nano; in { - options.sneeuwvlok.editor.nano = { + options.${namespace}.editor.nano = { enable = mkEnableOption "nano"; }; diff --git a/modules/nixos/editor/nvim/default.nix b/modules/nixos/editor/nvim/default.nix index 624c7c1..fb3bc56 100644 --- a/modules/nixos/editor/nvim/default.nix +++ b/modules/nixos/editor/nvim/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.editor.nvim; + cfg = config.${namespace}.editor.nvim; in { - options.sneeuwvlok.editor.nvim = { + options.${namespace}.editor.nvim = { enable = mkEnableOption "enable nvim via nvf on system level"; }; diff --git a/modules/nixos/hardware/audio/default.nix b/modules/nixos/hardware/audio/default.nix index ca01562..d3f340f 100644 --- a/modules/nixos/hardware/audio/default.nix +++ b/modules/nixos/hardware/audio/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.hardware.has.audio; + cfg = config.${namespace}.hardware.has.audio; in { - options.sneeuwvlok.hardware.has.audio = mkEnableOption "Enable bluetooth"; + options.${namespace}.hardware.has.audio = mkEnableOption "Enable bluetooth"; config = mkIf cfg { environment.systemPackages = with pkgs; [ diff --git a/modules/nixos/hardware/bluetooth/default.nix b/modules/nixos/hardware/bluetooth/default.nix index 8fbf999..98fc678 100644 --- a/modules/nixos/hardware/bluetooth/default.nix +++ b/modules/nixos/hardware/bluetooth/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.hardware.has.bluetooth; + cfg = config.${namespace}.hardware.has.bluetooth; in { - options.sneeuwvlok.hardware.has.bluetooth = mkEnableOption "Enable bluetooth"; + options.${namespace}.hardware.has.bluetooth = mkEnableOption "Enable bluetooth"; config = mkIf cfg { hardware.bluetooth = { diff --git a/modules/nixos/hardware/gpu/amd/default.nix b/modules/nixos/hardware/gpu/amd/default.nix index e1da9e8..cdc9d1e 100644 --- a/modules/nixos/hardware/gpu/amd/default.nix +++ b/modules/nixos/hardware/gpu/amd/default.nix @@ -1,18 +1,14 @@ -{ - pkgs, - lib, - namespace, - config, - ... -}: let +{ pkgs, lib, namespace, config, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.hardware.has.gpu; -in { - options.sneeuwvlok.hardware.has.gpu.amd = mkEnableOption "Enable AMD gpu configuration"; + cfg = config.${namespace}.hardware.has.gpu; +in +{ + options.${namespace}.hardware.has.gpu.amd = mkEnableOption "Enable AMD gpu configuration"; config = mkIf cfg.amd { - services.xserver.videoDrivers = ["amd"]; + services.xserver.videoDrivers = [ "amd" ]; hardware = { graphics = { diff --git a/modules/nixos/hardware/gpu/nvidia.nix b/modules/nixos/hardware/gpu/nvidia.nix index b0296ca..e8ac542 100644 --- a/modules/nixos/hardware/gpu/nvidia.nix +++ b/modules/nixos/hardware/gpu/nvidia.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.hardware.has.gpu.nvidia; + cfg = config.${namespace}.hardware.has.gpu.nvidia; in { - options.sneeuwvlok.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration"; + options.${namespace}.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration"; config = mkIf cfg { services.xserver.videoDrivers = [ "nvidia" ]; diff --git a/modules/nixos/hardware/gpu/nvidia/default.nix b/modules/nixos/hardware/gpu/nvidia/default.nix index 48c5a54..ab7c087 100644 --- a/modules/nixos/hardware/gpu/nvidia/default.nix +++ b/modules/nixos/hardware/gpu/nvidia/default.nix @@ -1,18 +1,14 @@ -{ - pkgs, - lib, - namespace, - config, - ... -}: let +{ pkgs, lib, namespace, config, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.hardware.has.gpu; -in { - options.sneeuwvlok.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration"; + cfg = config.${namespace}.hardware.has.gpu; +in +{ + options.${namespace}.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration"; config = mkIf cfg.nvidia { - services.xserver.videoDrivers = ["nvidia"]; + services.xserver.videoDrivers = [ "nvidia" ]; hardware = { graphics = { diff --git a/modules/nixos/hardware/keyboard/voyager.nix b/modules/nixos/hardware/keyboard/voyager.nix index e97b7da..fd470f8 100644 --- a/modules/nixos/hardware/keyboard/voyager.nix +++ b/modules/nixos/hardware/keyboard/voyager.nix @@ -1,15 +1,11 @@ -{ - lib, - config, - pkgs, - namespace, - ... -}: let +{ lib, config, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.hardware.keyboard.voyager; -in { - options.sneeuwvlok.hardware.keyboard.voyager = { + cfg = config.${namespace}.hardware.keyboard.voyager; +in +{ + options.${namespace}.hardware.keyboard.voyager = { enble = mkEnableOption "Enable tools for ZSA Voyager"; }; diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix/default.nix index 24db3dc..bf96f59 100644 --- a/modules/nixos/nix/default.nix +++ b/modules/nixos/nix/default.nix @@ -1,13 +1,9 @@ +{ pkgs, lib, namespace, config, ... }: +let + cfg = config.${namespace}.nix; +in { - pkgs, - lib, - namespace, - config, - ... -}: let - cfg = config.sneeuwvlok.nix; -in { - options.sneeuwvlok.nix = {}; + options.${namespace}.nix = {}; config = { programs.git.enable = true; @@ -18,9 +14,9 @@ in { extraOptions = "experimental-features = nix-command flakes pipe-operators"; settings = { - experimental-features = ["nix-command" "flakes" "pipe-operators"]; - allowed-users = ["@wheel"]; - trusted-users = ["@wheel"]; + experimental-features = [ "nix-command" "flakes" "pipe-operators" ]; + allowed-users = [ "@wheel" ]; + trusted-users = [ "@wheel" ]; auto-optimise-store = true; connect-timeout = 5; diff --git a/modules/nixos/services/authentication/authelia/default.nix b/modules/nixos/services/authentication/authelia/default.nix index 8121ad8..7aea103 100644 --- a/modules/nixos/services/authentication/authelia/default.nix +++ b/modules/nixos/services/authentication/authelia/default.nix @@ -8,14 +8,14 @@ inherit (lib) mkIf mkEnableOption; user = "authelia-testing"; - cfg = config.sneeuwvlok.services.authentication.authelia; + cfg = config.${namespace}.services.authentication.authelia; in { - options.sneeuwvlok.services.authentication.authelia = { + options.${namespace}.services.authentication.authelia = { enable = mkEnableOption "Authelia"; }; config = mkIf cfg.enable { - sneeuwvlok.services.networking.caddy = { + ${namespace}.services.networking.caddy = { hosts = { "auth.kruining.eu".extraConfig = '' reverse_proxy http://127.0.0.1:9091 diff --git a/modules/nixos/services/authentication/himmelblau/default.nix b/modules/nixos/services/authentication/himmelblau/default.nix index f30a079..228fea0 100644 --- a/modules/nixos/services/authentication/himmelblau/default.nix +++ b/modules/nixos/services/authentication/himmelblau/default.nix @@ -6,9 +6,9 @@ }: let inherit (lib) mkEnableOption mkIf; - cfg = config.sneeuwvlok.services.authentication.himmelblau; + cfg = config.${namespace}.services.authentication.himmelblau; in { - options.sneeuwvlok.services.authentication.himmelblau = { + options.${namespace}.services.authentication.himmelblau = { enable = mkEnableOption "enable azure entra ID authentication"; }; diff --git a/modules/nixos/services/authentication/zitadel/default.nix b/modules/nixos/services/authentication/zitadel/default.nix index 8168a5a..ff95e79 100644 --- a/modules/nixos/services/authentication/zitadel/default.nix +++ b/modules/nixos/services/authentication/zitadel/default.nix @@ -3,12 +3,12 @@ let inherit (lib) mkIf mkEnableOption mkOption types toUpper toSentenceCase nameValuePair mapAttrs mapAttrs' concatMapAttrs concatMapStringsSep filterAttrsRecursive listToAttrs imap0 head drop length literalExpression attrNames; inherit (sneeuwvlokLib.strings) toSnakeCase; - cfg = config.sneeuwvlok.services.authentication.zitadel; + cfg = config.${namespace}.services.authentication.zitadel; database = "zitadel"; in { - options.sneeuwvlok.services.authentication.zitadel = { + options.${namespace}.services.authentication.zitadel = { enable = mkEnableOption "Zitadel"; organization = mkOption { @@ -537,7 +537,7 @@ in }; in mkIf cfg.enable { - sneeuwvlok.services = { + ${namespace}.services = { persistance.postgresql.enable = true; networking.caddy = { diff --git a/modules/nixos/services/backup/borg/default.nix b/modules/nixos/services/backup/borg/default.nix index f892bca..9cbbea0 100644 --- a/modules/nixos/services/backup/borg/default.nix +++ b/modules/nixos/services/backup/borg/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.backup.borg; + cfg = config.${namespace}.services.backup.borg; in { - options.sneeuwvlok.services.backup.borg = { + options.${namespace}.services.backup.borg = { enable = mkEnableOption "Borg Backup"; }; diff --git a/modules/nixos/services/communication/matrix/default.nix b/modules/nixos/services/communication/matrix/default.nix index 210835f..d2e47b0 100644 --- a/modules/nixos/services/communication/matrix/default.nix +++ b/modules/nixos/services/communication/matrix/default.nix @@ -8,7 +8,7 @@ inherit (builtins) toString toJSON; inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.communication.matrix; + cfg = config.${namespace}.services.communication.matrix; domain = "kruining.eu"; fqn = "matrix.${domain}"; @@ -17,12 +17,12 @@ database = "synapse"; keyFile = "/var/lib/element-call/key"; in { - options.sneeuwvlok.services.communication.matrix = { + options.${namespace}.services.communication.matrix = { enable = mkEnableOption "Matrix server (Synapse)"; }; config = mkIf cfg.enable { - sneeuwvlok.services = { + ${namespace}.services = { persistance.postgresql.enable = true; # virtualisation.podman.enable = true; diff --git a/modules/nixos/services/development/forgejo/default.nix b/modules/nixos/services/development/forgejo/default.nix index ae5379b..f190b0c 100644 --- a/modules/nixos/services/development/forgejo/default.nix +++ b/modules/nixos/services/development/forgejo/default.nix @@ -8,10 +8,10 @@ inherit (builtins) toString; inherit (lib) mkIf mkEnableOption mkOption; - cfg = config.sneeuwvlok.services.development.forgejo; + cfg = config.${namespace}.services.development.forgejo; domain = "git.amarth.cloud"; in { - options.sneeuwvlok.services.development.forgejo = { + options.${namespace}.services.development.forgejo = { enable = mkEnableOption "Forgejo"; port = mkOption { @@ -25,7 +25,7 @@ in { }; config = mkIf cfg.enable { - sneeuwvlok.services = { + ${namespace}.services = { persistance.postgresql.enable = true; virtualisation.podman.enable = true; diff --git a/modules/nixos/services/games/minecraft/default.nix b/modules/nixos/services/games/minecraft/default.nix index 4488833..851d1da 100644 --- a/modules/nixos/services/games/minecraft/default.nix +++ b/modules/nixos/services/games/minecraft/default.nix @@ -8,9 +8,9 @@ inherit (lib) mkIf mkEnableOption mkOption; inherit (lib.types) str; - cfg = config.sneeuwvlok.services.games.minecraft; + cfg = config.${namespace}.services.games.minecraft; in { - options.sneeuwvlok.services.games.minecraft = { + options.${namespace}.services.games.minecraft = { enable = mkEnableOption "Minecraft"; user = mkOption { diff --git a/modules/nixos/services/games/openrct.nix b/modules/nixos/services/games/openrct.nix index 0090ffa..a36f0fb 100644 --- a/modules/nixos/services/games/openrct.nix +++ b/modules/nixos/services/games/openrct.nix @@ -1,15 +1,11 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: let +{ config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.games.openrct; -in { - options.sneeuwvlok.services.games.openrct = { + cfg = config.${namespace}.services.games.openrct; +in +{ + options.${namespace}.services.games.openrct = { enable = mkEnableOption "OpenRCT2"; }; @@ -20,7 +16,7 @@ in { systemd.services.openrct = { enable = true; - after = ["network.target"]; + after = [ "network.target"]; description = "OpenRCT2 Server"; serviceConfig = { Type = ""; diff --git a/modules/nixos/services/games/palworld/default.nix b/modules/nixos/services/games/palworld/default.nix index e1414a4..152891d 100644 --- a/modules/nixos/services/games/palworld/default.nix +++ b/modules/nixos/services/games/palworld/default.nix @@ -6,9 +6,9 @@ }: let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.games.palworld; + cfg = config.${namespace}.services.games.palworld; in { - options.sneeuwvlok.services.games.palworld = { + options.${namespace}.services.games.palworld = { enable = mkEnableOption "Palworld"; }; diff --git a/modules/nixos/services/media/default.nix b/modules/nixos/services/media/default.nix index d2395ef..7a0d102 100644 --- a/modules/nixos/services/media/default.nix +++ b/modules/nixos/services/media/default.nix @@ -8,7 +8,7 @@ inherit (lib) mkIf mkEnableOption mkOption; inherit (lib.types) str; - cfg = config.sneeuwvlok.services.media; + cfg = config.${namespace}.services.media; in { imports = [ ./glance @@ -19,7 +19,7 @@ in { ./servarr ]; - options.sneeuwvlok.services.media = { + options.${namespace}.services.media = { enable = mkEnableOption "Enable media services"; user = mkOption { diff --git a/modules/nixos/services/media/glance/default.nix b/modules/nixos/services/media/glance/default.nix index 0e94a21..b042297 100644 --- a/modules/nixos/services/media/glance/default.nix +++ b/modules/nixos/services/media/glance/default.nix @@ -6,14 +6,14 @@ }: let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.media.glance; + cfg = config.${namespace}.services.media.glance; in { - options.sneeuwvlok.services.media.glance = { + options.${namespace}.services.media.glance = { enable = mkEnableOption "Enable Glance"; }; config = mkIf cfg.enable { - sneeuwvlok.services.networking.caddy.hosts = { + ${namespace}.services.networking.caddy.hosts = { "https://${config.networking.hostName}:443" = '' reverse_proxy http://[::1]:2000 ''; diff --git a/modules/nixos/services/media/jellyfin/default.nix b/modules/nixos/services/media/jellyfin/default.nix index 2f8d43f..e129cc4 100644 --- a/modules/nixos/services/media/jellyfin/default.nix +++ b/modules/nixos/services/media/jellyfin/default.nix @@ -9,14 +9,14 @@ inherit (builtins) toString; inherit (lib) mkIf mkEnableOption mkOption types; - cfg = config.sneeuwvlok.services.media.jellyfin; + cfg = config.${namespace}.services.media.jellyfin; in { - options.sneeuwvlok.services.media.jellyfin = { + options.${namespace}.services.media.jellyfin = { enable = mkEnableOption "Enable jellyfin server"; }; config = mkIf cfg.enable { - sneeuwvlok.services.networking.caddy = { + ${namespace}.services.networking.caddy = { hosts = { "jellyfin.kruining.eu" = '' reverse_proxy http://[::1]:8096 diff --git a/modules/nixos/services/media/mydia/default.nix b/modules/nixos/services/media/mydia/default.nix index 9bfa87d..3f2008a 100644 --- a/modules/nixos/services/media/mydia/default.nix +++ b/modules/nixos/services/media/mydia/default.nix @@ -6,9 +6,9 @@ }: let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.media.mydia; + cfg = config.${namespace}.services.media.mydia; in { - options.sneeuwvlok.services.media.mydia = { + options.${namespace}.services.media.mydia = { enable = mkEnableOption "Enable Mydia"; }; diff --git a/modules/nixos/services/media/nextcloud/default.nix b/modules/nixos/services/media/nextcloud/default.nix index 2b42509..06904c6 100644 --- a/modules/nixos/services/media/nextcloud/default.nix +++ b/modules/nixos/services/media/nextcloud/default.nix @@ -8,9 +8,9 @@ inherit (lib) mkIf mkEnableOption mkOption; inherit (lib.types) str; - cfg = config.sneeuwvlok.services.media.nextcloud; + cfg = config.${namespace}.services.media.nextcloud; in { - options.sneeuwvlok.services.media.nextcloud = { + options.${namespace}.services.media.nextcloud = { enable = mkEnableOption "Nextcloud"; user = mkOption { @@ -25,7 +25,7 @@ in { }; config = mkIf cfg.enable { - sneeuwvlok.services.networking.caddy = { + ${namespace}.services.networking.caddy = { hosts."cloud.kruining.eu" = '' php_fastcgi unix//run/phpfpm/nextcloud.sock { env front_controller_active true @@ -41,14 +41,14 @@ in { groups.${cfg.group} = {}; }; - # home-manager.users.${cfg.user}.home = { - # stateVersion = config.system.stateVersion; + home-manager.users.${cfg.user}.home = { + stateVersion = config.system.stateVersion; - # file.".netrc".text = '' - # login root - # password KaasIsAwesome! - # ''; - # }; + file.".netrc".text = '' + login root + password KaasIsAwesome! + ''; + }; services.nextcloud = { enable = true; diff --git a/modules/nixos/services/media/nfs/default.nix b/modules/nixos/services/media/nfs/default.nix index efea82c..54b58e7 100644 --- a/modules/nixos/services/media/nfs/default.nix +++ b/modules/nixos/services/media/nfs/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.media.nfs; + cfg = config.${namespace}.services.media.nfs; in { - options.sneeuwvlok.services.media.nfs = { + options.${namespace}.services.media.nfs = { enable = mkEnableOption "Enable NFS"; }; diff --git a/modules/nixos/services/media/servarr/default.nix b/modules/nixos/services/media/servarr/default.nix index 8f3e5db..0b75d22 100644 --- a/modules/nixos/services/media/servarr/default.nix +++ b/modules/nixos/services/media/servarr/default.nix @@ -9,11 +9,11 @@ inherit (builtins) toString; inherit (lib) mkIf mkEnableOption mkOption types; - cfg = config.sneeuwvlok.services.media.servarr; + cfg = config.${namespace}.services.media.servarr; servarr = import ./lib.nix {inherit lib;}; anyEnabled = cfg |> lib.attrNames |> lib.length |> (l: l > 0); in { - options.sneeuwvlok.services.media = { + options.${namespace}.services.media = { servarr = mkOption { type = types.attrsOf (types.submodule ({name, ...}: { options = { diff --git a/modules/nixos/services/networking/caddy/default.nix b/modules/nixos/services/networking/caddy/default.nix index f2ee8fd..2d28435 100644 --- a/modules/nixos/services/networking/caddy/default.nix +++ b/modules/nixos/services/networking/caddy/default.nix @@ -8,14 +8,14 @@ inherit (builtins) length; inherit (lib) mkIf mkEnableOption mkOption types attrNames mapAttrs; - cfg = config.sneeuwvlok.services.networking.caddy; + cfg = config.${namespace}.services.networking.caddy; hasHosts = (cfg.hosts |> attrNames |> length) > 0; caddyPackage = pkgs.caddy.withPlugins { plugins = ["github.com/corazawaf/coraza-caddy/v2@v2.1.0"]; hash = "sha256-rsDnTunR8C7hVOX5aKcba+iFYHbpWek65DZgbMxOdTs="; }; in { - options.sneeuwvlok.services.networking.caddy = { + options.${namespace}.services.networking.caddy = { enable = mkEnableOption "enable caddy" // {default = true;}; hosts = mkOption { diff --git a/modules/nixos/services/networking/ssh/default.nix b/modules/nixos/services/networking/ssh/default.nix index e0442d7..5ebdfd2 100644 --- a/modules/nixos/services/networking/ssh/default.nix +++ b/modules/nixos/services/networking/ssh/default.nix @@ -1,15 +1,12 @@ -{ - config, - lib, - namespace, - ... -}: let +{ config, lib, namespace, ... }: +let inherit (lib.modules) mkIf; inherit (lib.options) mkEnableOption; - cfg = config.sneeuwvlok.services.networking.ssh; -in { - options.sneeuwvlok.services.networking.ssh = { + cfg = config.${namespace}.services.networking.ssh; +in +{ + options.${namespace}.services.networking.ssh = { enable = mkEnableOption "enable ssh"; }; @@ -17,10 +14,10 @@ in { services.openssh = { enable = true; openFirewall = true; - ports = [22]; + ports = [ 22 ]; settings = { PasswordAuthentication = true; - AllowUsers = ["chris" "root"]; + AllowUsers = [ "chris" "root" ]; UseDns = true; UsePAM = true; PermitRootLogin = "prohibit-password"; diff --git a/modules/nixos/services/networking/wireguard/default.nix b/modules/nixos/services/networking/wireguard/default.nix index bf22a53..0cf5320 100644 --- a/modules/nixos/services/networking/wireguard/default.nix +++ b/modules/nixos/services/networking/wireguard/default.nix @@ -8,10 +8,10 @@ inherit (builtins) length; inherit (lib) mkIf mkEnableOption mkOption types attrNames attrsToList listToAttrs; - cfg = config.sneeuwvlok.services.networking.wireguard; + cfg = config.${namespace}.services.networking.wireguard; hasPeers = (cfg.peer |> attrNames |> length) > 0; in { - options.sneeuwvlok.services.networking.wireguard = { + options.${namespace}.services.networking.wireguard = { # enable = mkEnableOption "enable wireguard" // {default = true;}; peer = mkOption { diff --git a/modules/nixos/services/observability/grafana/default.nix b/modules/nixos/services/observability/grafana/default.nix index 40fdc38..a867351 100644 --- a/modules/nixos/services/observability/grafana/default.nix +++ b/modules/nixos/services/observability/grafana/default.nix @@ -8,12 +8,12 @@ inherit (lib.modules) mkIf; inherit (lib.options) mkEnableOption; - cfg = config.sneeuwvlok.services.observability.grafana; + cfg = config.${namespace}.services.observability.grafana; db_user = "grafana"; db_name = "grafana"; in { - options.sneeuwvlok.services.observability.grafana = { + options.${namespace}.services.observability.grafana = { enable = mkEnableOption "enable Grafana"; }; diff --git a/modules/nixos/services/observability/loki/default.nix b/modules/nixos/services/observability/loki/default.nix index abe42ca..d4774ac 100644 --- a/modules/nixos/services/observability/loki/default.nix +++ b/modules/nixos/services/observability/loki/default.nix @@ -1,16 +1,12 @@ -{ - pkgs, - config, - lib, - namespace, - ... -}: let +{ pkgs, config, lib, namespace, ... }: +let inherit (lib.modules) mkIf; inherit (lib.options) mkEnableOption; - cfg = config.sneeuwvlok.services.observability.loki; -in { - options.sneeuwvlok.services.observability.loki = { + cfg = config.${namespace}.services.observability.loki; +in +{ + options.${namespace}.services.observability.loki = { enable = mkEnableOption "enable Grafana Loki"; }; @@ -48,6 +44,6 @@ in { }; }; - networking.firewall.allowedTCPPorts = [9003]; + networking.firewall.allowedTCPPorts = [ 9003 ]; }; } diff --git a/modules/nixos/services/observability/prometheus/default.nix b/modules/nixos/services/observability/prometheus/default.nix index 191d7c1..af5ee9d 100644 --- a/modules/nixos/services/observability/prometheus/default.nix +++ b/modules/nixos/services/observability/prometheus/default.nix @@ -3,10 +3,10 @@ let inherit (builtins) toString; inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.observability.prometheus; + cfg = config.${namespace}.services.observability.prometheus; in { - options.sneeuwvlok.services.observability.prometheus = { + options.${namespace}.services.observability.prometheus = { enable = mkEnableOption "enable Prometheus"; }; diff --git a/modules/nixos/services/observability/promtail/default.nix b/modules/nixos/services/observability/promtail/default.nix index 80bac51..38dbbab 100644 --- a/modules/nixos/services/observability/promtail/default.nix +++ b/modules/nixos/services/observability/promtail/default.nix @@ -8,9 +8,9 @@ inherit (lib.modules) mkIf; inherit (lib.options) mkEnableOption; - cfg = config.sneeuwvlok.services.observability.promtail; + cfg = config.${namespace}.services.observability.promtail; in { - options.sneeuwvlok.services.observability.promtail = { + options.${namespace}.services.observability.promtail = { enable = mkEnableOption "enable Grafana Promtail"; }; diff --git a/modules/nixos/services/observability/uptime-kuma/default.nix b/modules/nixos/services/observability/uptime-kuma/default.nix index 619da55..c23977b 100644 --- a/modules/nixos/services/observability/uptime-kuma/default.nix +++ b/modules/nixos/services/observability/uptime-kuma/default.nix @@ -1,16 +1,12 @@ -{ - pkgs, - config, - lib, - namespace, - ... -}: let +{ pkgs, config, lib, namespace, ... }: +let inherit (builtins) toString; inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.observability.uptime-kuma; -in { - options.sneeuwvlok.services.observability.uptime-kuma = { + cfg = config.${namespace}.services.observability.uptime-kuma; +in +{ + options.${namespace}.services.observability.uptime-kuma = { enable = mkEnableOption "enable uptime kuma"; }; @@ -23,7 +19,7 @@ in { HOST = "0.0.0.0"; }; }; - - networking.firewall.allowedTCPPorts = [9006]; + + networking.firewall.allowedTCPPorts = [ 9006 ]; }; } diff --git a/modules/nixos/services/persistance/postgesql/default.nix b/modules/nixos/services/persistance/postgesql/default.nix index 7d06daa..403c07c 100644 --- a/modules/nixos/services/persistance/postgesql/default.nix +++ b/modules/nixos/services/persistance/postgesql/default.nix @@ -7,9 +7,9 @@ }: let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.persistance.postgresql; + cfg = config.${namespace}.services.persistance.postgresql; in { - options.sneeuwvlok.services.persistance.postgresql = { + options.${namespace}.services.persistance.postgresql = { enable = mkEnableOption "Postgresql"; }; diff --git a/modules/nixos/services/security/vaultwarden/default.nix b/modules/nixos/services/security/vaultwarden/default.nix index 9fa4687..c3b75b2 100644 --- a/modules/nixos/services/security/vaultwarden/default.nix +++ b/modules/nixos/services/security/vaultwarden/default.nix @@ -10,7 +10,7 @@ inherit (builtins) toString; inherit (lib) mkIf mkEnableOption mkOption types getAttrs toUpper concatMapAttrsStringSep; - cfg = config.sneeuwvlok.services.security.vaultwarden; + cfg = config.${namespace}.services.security.vaultwarden; databaseProviderSqlite = types.submodule ({...}: { options = { @@ -78,7 +78,7 @@ // (urlOptions |> getAttrs ["protocol" "host" "port"]); }); in { - options.sneeuwvlok.services.security.vaultwarden = { + options.${namespace}.services.security.vaultwarden = { enable = mkEnableOption "enable vaultwarden"; database = mkOption { @@ -93,7 +93,7 @@ in { }; config = mkIf cfg.enable { - sneeuwvlok.services.networking.caddy.hosts = { + ${namespace}.services.networking.caddy.hosts = { "vault.kruining.eu" = '' encode zstd gzip diff --git a/modules/nixos/services/virtualisation/podman/default.nix b/modules/nixos/services/virtualisation/podman/default.nix index c827677..0faf8ce 100644 --- a/modules/nixos/services/virtualisation/podman/default.nix +++ b/modules/nixos/services/virtualisation/podman/default.nix @@ -1,16 +1,11 @@ -{ - config, - options, - lib, - pkgs, - namespace, - ... -}: let +{ config, options, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.services.virtualisation.podman; -in { - options.sneeuwvlok.services.virtualisation.podman = { + cfg = config.${namespace}.services.virtualisation.podman; +in +{ + options.${namespace}.services.virtualisation.podman = { enable = mkEnableOption "enable podman"; }; diff --git a/modules/nixos/shells/default.nix b/modules/nixos/shells/default.nix new file mode 100644 index 0000000..ea8f50d --- /dev/null +++ b/modules/nixos/shells/default.nix @@ -0,0 +1,2 @@ +{...}: { +} diff --git a/modules/nixos/shells/zsh/default.nix b/modules/nixos/shells/zsh/default.nix index 1d9adb7..399e7dd 100644 --- a/modules/nixos/shells/zsh/default.nix +++ b/modules/nixos/shells/zsh/default.nix @@ -1,16 +1,11 @@ -{ - inputs, - config, - lib, - pkgs, - namespace, - ... -}: let +{ inputs, config, lib, pkgs, namespace, ... }: +let inherit (lib) mkIf mkEnableOption; - cfg = config.sneeuwvlok.shell.zsh; -in { - options.sneeuwvlok.shell.zsh = { + cfg = config.${namespace}.shell.zsh; +in +{ + options.${namespace}.shell.zsh = { enable = mkEnableOption "enable zsh shell"; }; diff --git a/modules/nixos/system/default.nix b/modules/nixos/system/default.nix new file mode 100644 index 0000000..4abcf82 --- /dev/null +++ b/modules/nixos/system/default.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ./networking + ./security + ]; +} diff --git a/modules/nixos/system/networking/default.nix b/modules/nixos/system/networking/default.nix index ab8842c..c61a81b 100644 --- a/modules/nixos/system/networking/default.nix +++ b/modules/nixos/system/networking/default.nix @@ -2,10 +2,10 @@ let inherit (lib) mkDefault; - cfg = config.sneeuwvlok.system.networking; + cfg = config.${namespace}.system.networking; in { - options.sneeuwvlok.system.networking = {}; + options.${namespace}.system.networking = {}; config = { systemd.services.NetworkManager-wait-online.enable = false; diff --git a/modules/nixos/system/security/boot/default.nix b/modules/nixos/system/security/boot/default.nix index f911a7a..ccf1f83 100644 --- a/modules/nixos/system/security/boot/default.nix +++ b/modules/nixos/system/security/boot/default.nix @@ -1,16 +1,13 @@ +{ config, namespace, inputs, ... }: +let + cfg = config.${namespace}.system.security.boot; +in { - config, - namespace, - inputs, - ... -}: let - cfg = config.sneeuwvlok.system.security.boot; -in { - options.sneeuwvlok.system.security.boot = {}; + options.${namespace}.system.security.boot = {}; config = { boot = { - kernelModules = ["tcp_bbr"]; + kernelModules = [ "tcp_bbr" ]; kernel.sysctl = { ## TCP hardening # Prevent bogus ICMP errors from filling up logs. @@ -46,4 +43,4 @@ in { }; }; }; -} +} \ No newline at end of file diff --git a/modules/nixos/system/security/default.nix b/modules/nixos/system/security/default.nix index 0b440b0..17d34f9 100644 --- a/modules/nixos/system/security/default.nix +++ b/modules/nixos/system/security/default.nix @@ -1,28 +1,29 @@ -{...}: { - flake.modules.nixos.sneeuwvlok.system.security = { - config, - namespace, - inputs, - ... - }: let - cfg = config.sneeuwvlok.system.security; - in { - options.sneeuwvlok.system.security = {}; +{ config, namespace, inputs, ... }: +let + cfg = config.${namespace}.system.security; +in +{ + imports = [ + ./boot + ./sops + ./sudo + ]; - config = { - security = { - acme.acceptTerms = true; - polkit.enable = true; + options.${namespace}.system.security = {}; - pam = { - u2f = { - enable = true; - settings.cue = true; - }; + config = { + security = { + acme.acceptTerms = true; + polkit.enable = true; + + pam = { + u2f = { + enable = true; + settings.cue = true; }; }; - - programs.gnupg.agent.enable = true; }; + + programs.gnupg.agent.enable = true; }; } diff --git a/modules/nixos/system/security/sops/default.nix b/modules/nixos/system/security/sops/default.nix index caef7be..1583104 100644 --- a/modules/nixos/system/security/sops/default.nix +++ b/modules/nixos/system/security/sops/default.nix @@ -1,16 +1,12 @@ +{ pkgs, config, namespace, repoRoot, ... }: +let + cfg = config.${namespace}.system.security.sops; +in { - pkgs, - config, - namespace, - repoRoot, - ... -}: let - cfg = config.sneeuwvlok.system.security.sops; -in { - options.sneeuwvlok.system.security.sops = {}; + options.${namespace}.system.security.sops = {}; config = { - environment.systemPackages = with pkgs; [sops]; + environment.systemPackages = with pkgs; [ sops ]; sops = { defaultSopsFormat = "yaml"; diff --git a/modules/nixos/system/security/sudo/default.nix b/modules/nixos/system/security/sudo/default.nix index 11f99d2..b79efbc 100644 --- a/modules/nixos/system/security/sudo/default.nix +++ b/modules/nixos/system/security/sudo/default.nix @@ -1,9 +1,9 @@ { config, namespace, ... }: let - cfg = config.sneeuwvlok.system.security.sudo; + cfg = config.${namespace}.system.security.sudo; in { - options.sneeuwvlok.system.security.sudo = {}; + options.${namespace}.system.security.sudo = {}; config = { security = { diff --git a/packages/default.nix b/packages/default.nix new file mode 100644 index 0000000..11752d1 --- /dev/null +++ b/packages/default.nix @@ -0,0 +1,24 @@ +{ + config, + lib, + mkPkgs, + ... +}: { + imports = [ + ./studio + ./vaultwarden + ]; + + perSystem = {system, ...}: let + pkgs = mkPkgs system; + in { + _module.args.pkgs = pkgs; + + clan.pkgs = pkgs; + }; + + flake.overlays.default = lib.composeManyExtensions [ + config.flake.overlays."package/studio" + config.flake.overlays."package/vaultwarden" + ]; +} diff --git a/packages/flake-module.nix b/packages/flake-module.nix deleted file mode 100644 index c6a1225..0000000 --- a/packages/flake-module.nix +++ /dev/null @@ -1,14 +0,0 @@ -{inputs, ...}: { - imports = []; - - perSystem = { - system, - pkgs, - ... - }: { - packages = { - studio = pkgs.callPackage ./studio {erosanix = inputs.erosanix.lib.${system};}; - vaultwarden = pkgs.callPackage ./vaultwarden {}; - }; - }; -} diff --git a/packages/studio/default.nix b/packages/studio/default.nix index 10ae62c..cfd99fe 100644 --- a/packages/studio/default.nix +++ b/packages/studio/default.nix @@ -1,100 +1,16 @@ -{ - pkgs, - erosanix, -}: let - inherit (builtins) fetchurl replaceStrings; - inherit (pkgs) makeDesktopItem copyDesktopItems wineWow64Packages; - inherit (erosanix) mkWindowsAppNoCC makeDesktopIcon copyDesktopIcons; - - wine = wineWow64Packages.base; -in - mkWindowsAppNoCC rec { - inherit wine; - - pname = "studio"; - version = "2.25.12"; - - src = fetchurl { - url = "https://studio.download.bricklink.info/Studio2.0+EarlyAccess/Archive/2.25.12_1/Studio+2.0+EarlyAccess.exe"; - sha256 = "sha256:1xl3zvzkzr64zphk7rnpfx3whhbaykzw06m3nd5dc12r2p4sdh3v"; +{inputs, lib, ...}: { + perSystem = {pkgs, system, ...}: { + packages = lib.optionalAttrs (system == "x86_64-linux") { + studio = pkgs.callPackage ./package.nix { + erosanixLib = inputs.erosanix.lib; + }; }; + }; - enableMonoBootPrompt = false; - dontUnpack = true; - - wineArch = "win64"; - enableInstallNotification = true; - - fileMap = { - "$HOME/.config/${pname}/Stud.io" = "drive_c/users/$USER/AppData/Local/Stud.io"; - "$HOME/.config/${pname}/Bricklink" = "drive_c/users/$USER/AppData/LocalLow/Bricklink"; + flake.overlays."package/studio" = final: _prev: + lib.optionalAttrs (final.stdenv.hostPlatform.system == "x86_64-linux") { + studio = final.callPackage ./package.nix { + erosanixLib = inputs.erosanix.lib; + }; }; - - fileMapDuringAppInstall = false; - - persistRegistry = false; - persistRuntimeLayer = true; - inputHashMethod = "version"; - - enableVulkan = false; - rendererOverride = null; - - enableHUD = false; - - enabledWineSymlinks = {}; - graphicsDriver = "auto"; - inhibitIdle = false; - - nativeBuildInputs = [copyDesktopIcons copyDesktopItems]; - - winAppInstall = replaceStrings ["\r"] [""] '' - wine64 ${src} - - wineserver -W - wine64 reg add 'HKEY_CURRENT_USER\Software\Wine\X11 Driver' /t REG_SZ /v UseTakeFocus /d N /f - ''; - - winAppPreRun = replaceStrings ["\r"] [""] '' - wineserver -W - wine64 reg add 'HKEY_CURRENT_USER\Software\Wine\X11 Driver' /t REG_SZ /v UseTakeFocus /d N /f - ''; - - winAppRun = replaceStrings ["\r"] [""] '' - wine64 "$WINEPREFIX/drive_c/Program Files/Studio 2.0/Studio.exe" "$ARGS" - ''; - - winAppPostRun = ""; - installPhase = replaceStrings ["\r"] [""] '' - runHook preInstall - - ln -s $out/bin/.launcher $out/bin/${pname} - - runHook postInstall - ''; - - desktopItems = [ - (makeDesktopItem { - mimeTypes = []; - - name = pname; - exec = pname; - icon = pname; - desktopName = "Bricklink studio"; - genericName = "Lego creation app"; - categories = []; - }) - ]; - - desktopIcon = makeDesktopIcon { - name = pname; - src = ./studio.png; - }; - - meta = { - description = "App for creating lego builds"; - homepage = "https://www.bricklink.com/v3/studio/main.page"; - license = ""; - maintainers = []; - platforms = ["x86_64-linux"]; - }; - } +} diff --git a/packages/studio/package.nix b/packages/studio/package.nix new file mode 100644 index 0000000..7b40c68 --- /dev/null +++ b/packages/studio/package.nix @@ -0,0 +1,100 @@ +{ + pkgs, + erosanixLib, +}: let + inherit (builtins) fetchurl replaceStrings; + inherit (pkgs) makeDesktopItem copyDesktopItems wineWow64Packages; + inherit (erosanixLib.x86_64-linux) mkWindowsAppNoCC makeDesktopIcon copyDesktopIcons; + + wine = wineWow64Packages.base; +in + mkWindowsAppNoCC rec { + inherit wine; + + pname = "studio"; + version = "2.25.12"; + + src = fetchurl { + url = "https://studio.download.bricklink.info/Studio2.0+EarlyAccess/Archive/2.25.12_1/Studio+2.0+EarlyAccess.exe"; + sha256 = "sha256:1xl3zvzkzr64zphk7rnpfx3whhbaykzw06m3nd5dc12r2p4sdh3v"; + }; + + enableMonoBootPrompt = false; + dontUnpack = true; + + wineArch = "win64"; + enableInstallNotification = true; + + fileMap = { + "$HOME/.config/${pname}/Stud.io" = "drive_c/users/$USER/AppData/Local/Stud.io"; + "$HOME/.config/${pname}/Bricklink" = "drive_c/users/$USER/AppData/LocalLow/Bricklink"; + }; + + fileMapDuringAppInstall = false; + + persistRegistry = false; + persistRuntimeLayer = true; + inputHashMethod = "version"; + + enableVulkan = false; + rendererOverride = null; + + enableHUD = false; + + enabledWineSymlinks = {}; + graphicsDriver = "auto"; + inhibitIdle = false; + + nativeBuildInputs = [copyDesktopIcons copyDesktopItems]; + + winAppInstall = replaceStrings ["\r"] [""] '' + wine64 ${src} + + wineserver -W + wine64 reg add 'HKEY_CURRENT_USER\Software\Wine\X11 Driver' /t REG_SZ /v UseTakeFocus /d N /f + ''; + + winAppPreRun = replaceStrings ["\r"] [""] '' + wineserver -W + wine64 reg add 'HKEY_CURRENT_USER\Software\Wine\X11 Driver' /t REG_SZ /v UseTakeFocus /d N /f + ''; + + winAppRun = replaceStrings ["\r"] [""] '' + wine64 "$WINEPREFIX/drive_c/Program Files/Studio 2.0/Studio.exe" "$ARGS" + ''; + + winAppPostRun = ""; + installPhase = replaceStrings ["\r"] [""] '' + runHook preInstall + + ln -s $out/bin/.launcher $out/bin/${pname} + + runHook postInstall + ''; + + desktopItems = [ + (makeDesktopItem { + mimeTypes = []; + + name = pname; + exec = pname; + icon = pname; + desktopName = "Bricklink studio"; + genericName = "Lego creation app"; + categories = []; + }) + ]; + + desktopIcon = makeDesktopIcon { + name = pname; + src = ./studio.png; + }; + + meta = { + description = "App for creating lego builds"; + homepage = "https://www.bricklink.com/v3/studio/main.page"; + license = ""; + maintainers = []; + platforms = ["x86_64-linux"]; + }; + } diff --git a/packages/vaultwarden/default.nix b/packages/vaultwarden/default.nix index c4642fd..035b6da 100644 --- a/packages/vaultwarden/default.nix +++ b/packages/vaultwarden/default.nix @@ -1,28 +1,9 @@ -{lib, stdenv, rustPlatform, fetchFromGitHub, openssl, pkg-config, postgresql, dbBackend ? "postgresql", ...}: -rustPlatform.buildRustPackage rec { - pname = "vaultwarden"; - version = "1.34.3"; - - src = fetchFromGitHub { - owner = "Timshel"; - repo = "vaultwarden"; - rev = "1.34.3"; - hash = "sha256-Dj0ySVRvBZ/57+UHas3VI8bi/0JBRqn0IW1Dq+405J0="; +{lib, ...}: { + perSystem = {pkgs, ...}: { + packages.vaultwarden = pkgs.callPackage ./package.nix {}; }; - cargoHash = "sha256-4sDagd2XGamBz1XvDj4ycRVJ0F+4iwHOPlj/RglNDqE="; - - env.VW_VERSION = version; - - nativeBuildInputs = [pkg-config]; - buildInputs = - [openssl] - ++ lib.optional (dbBackend == "postgresql") postgresql; - - buildFeatures = dbBackend; - - meta = with lib; { - license = licenses.agpl3Only; - mainProgram = "vaultwarden"; + flake.overlays."package/vaultwarden" = final: _prev: { + vaultwarden = final.callPackage ./package.nix {}; }; } diff --git a/packages/vaultwarden/package.nix b/packages/vaultwarden/package.nix new file mode 100644 index 0000000..c4642fd --- /dev/null +++ b/packages/vaultwarden/package.nix @@ -0,0 +1,28 @@ +{lib, stdenv, rustPlatform, fetchFromGitHub, openssl, pkg-config, postgresql, dbBackend ? "postgresql", ...}: +rustPlatform.buildRustPackage rec { + pname = "vaultwarden"; + version = "1.34.3"; + + src = fetchFromGitHub { + owner = "Timshel"; + repo = "vaultwarden"; + rev = "1.34.3"; + hash = "sha256-Dj0ySVRvBZ/57+UHas3VI8bi/0JBRqn0IW1Dq+405J0="; + }; + + cargoHash = "sha256-4sDagd2XGamBz1XvDj4ycRVJ0F+4iwHOPlj/RglNDqE="; + + env.VW_VERSION = version; + + nativeBuildInputs = [pkg-config]; + buildInputs = + [openssl] + ++ lib.optional (dbBackend == "postgresql") postgresql; + + buildFeatures = dbBackend; + + meta = with lib; { + license = licenses.agpl3Only; + mainProgram = "vaultwarden"; + }; +} diff --git a/devShell.nix b/shells/default/default.nix similarity index 100% rename from devShell.nix rename to shells/default/default.nix