treewide: use nixfmt --strict flag

This commit is contained in:
Guanran Wang 2024-09-21 01:38:01 +08:00
parent f3c554e51d
commit b2638a2885
Signed by: nyancat
GPG key ID: 91F97D9ED12639CF
30 changed files with 88 additions and 207 deletions

View file

@ -1,8 +1,4 @@
{
lib,
pkgs,
...
}:
{ lib, pkgs, ... }:
let
package = pkgs.qt6Packages.fcitx5-with-addons.override {
addons = with pkgs; [
@ -14,9 +10,7 @@ let
};
in
{
home.packages = [
package
];
home.packages = [ package ];
systemd.user.services.fcitx5-daemon = {
Unit.Description = "Fcitx5 input method editor";

View file

@ -1,8 +1,4 @@
{
pkgs,
config,
...
}:
{ pkgs, config, ... }:
{
programs.go.enable = true;
home.packages = with pkgs; [

View file

@ -1,8 +1,4 @@
{
pkgs,
lib,
...
}:
{ pkgs, lib, ... }:
{
programs.mpv = {
enable = true;
@ -23,12 +19,7 @@
modernx-zydezu
thumbfast
])
++ lib.optionals pkgs.stdenv.hostPlatform.isLinux (
with pkgs.mpvScripts;
[
mpris
]
);
++ lib.optionals pkgs.stdenv.hostPlatform.isLinux (with pkgs.mpvScripts; [ mpris ]);
bindings =
let

View file

@ -1,8 +1,4 @@
{
pkgs,
inputs,
...
}:
{ pkgs, inputs, ... }:
{
home.packages = [ pkgs.neovim ];
home.sessionVariables."EDITOR" = "nvim";

View file

@ -1,8 +1,4 @@
{
lib,
config,
...
}:
{ lib, config, ... }:
{
services.swayidle = {
enable = true;

View file

@ -1,8 +1,4 @@
{
inputs,
pkgs,
...
}:
{ inputs, pkgs, ... }:
{
programs.swaylock = {
enable = true;

View file

@ -1,8 +1,4 @@
{
lib,
pkgs,
...
}:
{ lib, pkgs, ... }:
{
home = {
username = "guanranwang";

View file

@ -59,48 +59,48 @@
boot.tmp.useTmpfs = true;
services.tailscale = {
enable = true;
openFirewall = true;
environment.systemPackages = with pkgs; [ yubikey-manager ];
networking.firewall = {
allowedTCPPorts = [ 53317 ];
allowedUDPPorts = [ 53317 ];
};
environment.systemPackages = with pkgs; [
yubikey-manager
];
networking.firewall.allowedTCPPorts = [ 53317 ];
networking.firewall.allowedUDPPorts = [ 53317 ];
programs.gamemode.enable = true;
programs.steam.enable = true;
programs.adb.enable = true;
programs.dconf.enable = true;
programs.fish.enable = true;
programs.localsend.enable = true;
programs.seahorse.enable = true;
programs.ssh = {
startAgent = true;
enableAskPassword = true;
programs = {
adb.enable = true;
dconf.enable = true;
fish.enable = true;
gamemode.enable = true;
localsend.enable = true;
seahorse.enable = true;
steam.enable = true;
ssh = {
startAgent = true;
enableAskPassword = true;
};
};
services.power-profiles-daemon.enable = true;
services.gvfs.enable = true;
services.gnome = {
gnome-keyring.enable = true;
sushi.enable = true;
};
services = {
power-profiles-daemon.enable = true;
gvfs.enable = true;
gnome = {
gnome-keyring.enable = true;
sushi.enable = true;
};
tailscale = {
enable = true;
openFirewall = true;
};
# yubikey
services.pcscd.enable = true;
services.udev.packages = [ pkgs.yubikey-personalization ];
# yubikey
pcscd.enable = true;
udev.packages = [ pkgs.yubikey-personalization ];
};
fonts = {
enableDefaultPackages = false;
packages = with pkgs; [
(nerdfonts.override {
fonts = [ "NerdFontsSymbolsOnly" ];
})
(nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
(inter.overrideAttrs {
installPhase = ''
runHook preInstall
@ -129,9 +129,7 @@
];
fontconfig = {
defaultFonts = {
emoji = [
"Noto Color Emoji"
];
emoji = [ "Noto Color Emoji" ];
# Append emoji font for Qt apps, they might use the monochrome emoji
monospace = [
"JetBrains Mono"

View file

@ -39,9 +39,7 @@
".config/fcitx5"
".config/obs-studio"
];
files = [
".config/sops/age/keys.txt"
];
files = [ ".config/sops/age/keys.txt" ];
};
};

View file

@ -42,28 +42,20 @@
systemd.services.mastodon-sidekiq-all.environment = config.networking.proxy.envVars;
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "mastodon.ny4.dev" ];
};
match = lib.singleton { host = [ "mastodon.ny4.dev" ]; };
handle = lib.singleton {
handler = "subroute";
routes = [
{
match = lib.singleton {
path = [ "/api/v1/streaming/*" ];
};
match = lib.singleton { path = [ "/api/v1/streaming/*" ]; };
handle = lib.singleton {
handler = "reverse_proxy";
headers.request.set."X-Forwarded-Proto" = [ "https" ];
upstreams = lib.singleton {
dial = "unix//run/mastodon-streaming/streaming-1.socket";
};
upstreams = lib.singleton { dial = "unix//run/mastodon-streaming/streaming-1.socket"; };
};
}
{
match = lib.singleton {
path = [ "/system/*" ];
};
match = lib.singleton { path = [ "/system/*" ]; };
handle = [
{
handler = "rewrite";
@ -85,9 +77,7 @@
{
handler = "reverse_proxy";
headers.request.set."X-Forwarded-Proto" = [ "https" ];
upstreams = lib.singleton {
dial = "unix//run/mastodon-web/web.socket";
};
upstreams = lib.singleton { dial = "unix//run/mastodon-web/web.socket"; };
}
];
}
@ -96,9 +86,7 @@
};
services.caddy.settings.apps.http.servers.srv0.errors.routes = lib.singleton {
match = lib.singleton {
host = [ "mastodon.ny4.dev" ];
};
match = lib.singleton { host = [ "mastodon.ny4.dev" ]; };
handle = lib.singleton {
handler = "subroute";
routes = [

View file

@ -50,9 +50,7 @@
};
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "matrix.ny4.dev" ];
};
match = lib.singleton { host = [ "matrix.ny4.dev" ]; };
handle = lib.singleton {
handler = "subroute";
routes = lib.singleton {
@ -66,9 +64,7 @@
handle = lib.singleton {
handler = "reverse_proxy";
headers.request.set."X-Forwarded-Proto" = [ "https" ];
upstreams = lib.singleton {
dial = "unix//run/matrix-synapse/synapse.sock";
};
upstreams = lib.singleton { dial = "unix//run/matrix-synapse/synapse.sock"; };
};
};
};

View file

@ -1,8 +1,4 @@
{
lib,
pkgs,
...
}:
{ lib, pkgs, ... }:
{
services.minecraft-server = {
enable = true;

View file

@ -14,11 +14,7 @@
];
allowUnfree = false;
allowUnfreePredicate =
pkg:
lib.elem (lib.getName pkg)
[
];
allowUnfreePredicate = pkg: lib.elem (lib.getName pkg) [ ];
permittedInsecurePackages = [
"cinny-4.1.0"

View file

@ -64,9 +64,7 @@
listen = [ ":443" ];
};
systemd.services."caddy".serviceConfig.SupplementaryGroups = [
"forgejo"
];
systemd.services."caddy".serviceConfig.SupplementaryGroups = [ "forgejo" ];
services.caddy.settings.apps.http.servers.srv0.routes = [
{
@ -81,9 +79,7 @@
Access-Control-Allow-Origin = [ "*" ];
Content-Type = [ "application/json" ];
};
body = builtins.toJSON {
"m.server" = "matrix.ny4.dev:443";
};
body = builtins.toJSON { "m.server" = "matrix.ny4.dev:443"; };
};
}
{
@ -120,9 +116,7 @@
};
}
{
match = lib.singleton {
host = [ "ny4.dev" ];
};
match = lib.singleton { host = [ "ny4.dev" ]; };
handle = lib.singleton {
handler = "static_response";
status_code = 302;
@ -132,9 +126,7 @@
};
}
{
match = lib.singleton {
host = [ "element.ny4.dev" ];
};
match = lib.singleton { host = [ "element.ny4.dev" ]; };
handle = [
{
handler = "headers";
@ -157,9 +149,7 @@
];
}
{
match = lib.singleton {
host = [ "cinny.ny4.dev" ];
};
match = lib.singleton { host = [ "cinny.ny4.dev" ]; };
handle = lib.singleton {
handler = "subroute";
routes = [

View file

@ -29,9 +29,7 @@
};
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "git.ny4.dev" ];
};
match = lib.singleton { host = [ "git.ny4.dev" ]; };
handle = lib.singleton {
handler = "reverse_proxy";
upstreams = [ { dial = "unix//run/forgejo/forgejo.sock"; } ];

View file

@ -21,9 +21,7 @@ in
};
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "id.ny4.dev" ];
};
match = lib.singleton { host = [ "id.ny4.dev" ]; };
handle = lib.singleton {
handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${toString port}"; } ];

View file

@ -19,9 +19,7 @@ in
};
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "rss.ny4.dev" ];
};
match = lib.singleton { host = [ "rss.ny4.dev" ]; };
handle = lib.singleton {
handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${toString port}"; } ];

View file

@ -14,9 +14,7 @@
systemd.services.ntfy-sh.serviceConfig.RuntimeDirectory = [ "ntfy-sh" ];
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "ntfy.ny4.dev" ];
};
match = lib.singleton { host = [ "ntfy.ny4.dev" ]; };
handle = lib.singleton {
handler = "reverse_proxy";
upstreams = [ { dial = "unix//run/ntfy-sh/ntfy.sock"; } ];

View file

@ -57,11 +57,7 @@ in
}
{
job_name = "blackbox_exporter";
static_configs = lib.singleton {
targets = [
"127.0.0.1:${toString ports.blackbox}"
];
};
static_configs = lib.singleton { targets = [ "127.0.0.1:${toString ports.blackbox}" ]; };
}
{
job_name = "blackbox_probe";
@ -137,11 +133,7 @@ in
);
alertmanagers = lib.singleton {
static_configs = lib.singleton {
targets = [
"127.0.0.1:${toString ports.alertmanager}"
];
};
static_configs = lib.singleton { targets = [ "127.0.0.1:${toString ports.alertmanager}" ]; };
};
alertmanager = {
@ -152,9 +144,7 @@ in
configuration = {
receivers = lib.singleton {
name = "ntfy";
webhook_configs = lib.singleton {
url = "https://ntfy.ny4.dev/alert";
};
webhook_configs = lib.singleton { url = "https://ntfy.ny4.dev/alert"; };
};
route = {
receiver = "ntfy";
@ -164,9 +154,7 @@ in
};
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "prom.ny4.dev" ];
};
match = lib.singleton { host = [ "prom.ny4.dev" ]; };
handle = lib.singleton {
handler = "reverse_proxy";
upstreams = [ { dial = "127.0.0.1:${toString ports.prometheus}"; } ];

View file

@ -10,9 +10,7 @@ in
};
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "reddit.ny4.dev" ];
};
match = lib.singleton { host = [ "reddit.ny4.dev" ]; };
handle = [
{
# Google's indexing caused a DoS with 800k requests...

View file

@ -1,8 +1,6 @@
{ lib, config, ... }:
{
networking.firewall.allowedTCPPorts = [
27253
];
networking.firewall.allowedTCPPorts = [ 27253 ];
services.sing-box = {
enable = true;

View file

@ -20,9 +20,7 @@ in
};
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "vault.ny4.dev" ];
};
match = lib.singleton { host = [ "vault.ny4.dev" ]; };
handle = lib.singleton {
handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${toString port}"; } ];

View file

@ -9,9 +9,7 @@ in
};
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton {
host = [ "pb.ny4.dev" ];
};
match = lib.singleton { host = [ "pb.ny4.dev" ]; };
handle = lib.singleton {
handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${toString port}"; } ];

View file

@ -1,8 +1,4 @@
{
inputs,
pkgs,
...
}:
{ inputs, pkgs, ... }:
{
imports =
[
@ -16,9 +12,7 @@
sops-nix.nixosModules.sops
]);
nixpkgs.overlays = [
inputs.self.overlays.default
];
nixpkgs.overlays = [ inputs.self.overlays.default ];
boot.kernelPackages = pkgs.linuxPackages_latest;

View file

@ -41,9 +41,7 @@
password = "$2a$14$2Phk4tobM04H4XiGegB3TuEXkyORCKMKW8TptYPTPXUWmZgtGBj/.";
};
}
{
handler = "metrics";
}
{ handler = "metrics"; }
];
}
];

View file

@ -1,12 +1,8 @@
{ pkgs, ... }:
{
imports = [
../prometheus
];
imports = [ ../prometheus ];
environment.systemPackages = with pkgs; [
foot.terminfo
];
environment.systemPackages = with pkgs; [ foot.terminfo ];
services.openssh = {
enable = true;

View file

@ -47,9 +47,7 @@
outbound = "direct";
}
{
rule_set = [
"geosite-private"
];
rule_set = [ "geosite-private" ];
ip_is_private = true;
outbound = "direct";
}

View file

@ -52,12 +52,8 @@ _final: prev: {
# HACK: no more gtk2
gnome-themes-extra =
(prev.gnome-themes-extra.override {
gtk2 = prev.emptyDirectory;
}).overrideAttrs
{
configureFlags = [ "--disable-gtk2-engine" ];
};
(prev.gnome-themes-extra.override { gtk2 = prev.emptyDirectory; }).overrideAttrs
{ configureFlags = [ "--disable-gtk2-engine" ]; };
sway-unwrapped = addPatches prev.sway-unwrapped [
# text_input: Implement input-method popups

View file

@ -1,5 +1,3 @@
# NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`,
# only keeping some packages that only fits for personal use.
pkgs: {
background = pkgs.nixos-artwork.wallpapers.nineish-dark-gray.src;
}
pkgs: { background = pkgs.nixos-artwork.wallpapers.nineish-dark-gray.src; }

View file

@ -1,13 +1,15 @@
{
projectRootFile = "flake.nix";
### nix
programs.nixfmt.enable = true;
programs.deadnix.enable = true;
programs.statix.enable = true;
programs = {
deadnix.enable = true;
nixfmt.enable = true;
prettier.enable = true;
statix.enable = true;
};
settings.formatter.nixfmt.options = [ "--strict" ];
### misc
programs.prettier.enable = true;
settings.formatter.prettier.excludes = [
"hosts/pek0/secrets.yaml"
"hosts/tyo0/secrets.yaml"