diff --git a/home/applications/fcitx5/default.nix b/home/applications/fcitx5/default.nix index e510982..e03c3ca 100644 --- a/home/applications/fcitx5/default.nix +++ b/home/applications/fcitx5/default.nix @@ -1,8 +1,4 @@ -{ - lib, - pkgs, - ... -}: +{ lib, pkgs, ... }: let package = pkgs.qt6Packages.fcitx5-with-addons.override { addons = with pkgs; [ @@ -14,9 +10,7 @@ let }; in { - home.packages = [ - package - ]; + home.packages = [ package ]; systemd.user.services.fcitx5-daemon = { Unit.Description = "Fcitx5 input method editor"; diff --git a/home/applications/go/default.nix b/home/applications/go/default.nix index 2580a00..9d034ac 100644 --- a/home/applications/go/default.nix +++ b/home/applications/go/default.nix @@ -1,8 +1,4 @@ -{ - pkgs, - config, - ... -}: +{ pkgs, config, ... }: { programs.go.enable = true; home.packages = with pkgs; [ diff --git a/home/applications/mpv/default.nix b/home/applications/mpv/default.nix index 989ca26..d5b2c91 100644 --- a/home/applications/mpv/default.nix +++ b/home/applications/mpv/default.nix @@ -1,8 +1,4 @@ -{ - pkgs, - lib, - ... -}: +{ pkgs, lib, ... }: { programs.mpv = { enable = true; @@ -23,12 +19,7 @@ modernx-zydezu thumbfast ]) - ++ lib.optionals pkgs.stdenv.hostPlatform.isLinux ( - with pkgs.mpvScripts; - [ - mpris - ] - ); + ++ lib.optionals pkgs.stdenv.hostPlatform.isLinux (with pkgs.mpvScripts; [ mpris ]); bindings = let diff --git a/home/applications/neovim/default.nix b/home/applications/neovim/default.nix index a9b2592..9ba1d84 100644 --- a/home/applications/neovim/default.nix +++ b/home/applications/neovim/default.nix @@ -1,8 +1,4 @@ -{ - pkgs, - inputs, - ... -}: +{ pkgs, inputs, ... }: { home.packages = [ pkgs.neovim ]; home.sessionVariables."EDITOR" = "nvim"; diff --git a/home/applications/swayidle/default.nix b/home/applications/swayidle/default.nix index 66194bf..6d93476 100644 --- a/home/applications/swayidle/default.nix +++ b/home/applications/swayidle/default.nix @@ -1,8 +1,4 @@ -{ - lib, - config, - ... -}: +{ lib, config, ... }: { services.swayidle = { enable = true; diff --git a/home/applications/swaylock/default.nix b/home/applications/swaylock/default.nix index a241fe7..8952a09 100644 --- a/home/applications/swaylock/default.nix +++ b/home/applications/swaylock/default.nix @@ -1,8 +1,4 @@ -{ - inputs, - pkgs, - ... -}: +{ inputs, pkgs, ... }: { programs.swaylock = { enable = true; diff --git a/home/default.nix b/home/default.nix index 95df7aa..7cb1751 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,8 +1,4 @@ -{ - lib, - pkgs, - ... -}: +{ lib, pkgs, ... }: { home = { username = "guanranwang"; diff --git a/hosts/dust/default.nix b/hosts/dust/default.nix index bc8c1df..f35bcbb 100644 --- a/hosts/dust/default.nix +++ b/hosts/dust/default.nix @@ -59,48 +59,48 @@ boot.tmp.useTmpfs = true; - services.tailscale = { - enable = true; - openFirewall = true; + environment.systemPackages = with pkgs; [ yubikey-manager ]; + + networking.firewall = { + allowedTCPPorts = [ 53317 ]; + allowedUDPPorts = [ 53317 ]; }; - environment.systemPackages = with pkgs; [ - yubikey-manager - ]; - - networking.firewall.allowedTCPPorts = [ 53317 ]; - networking.firewall.allowedUDPPorts = [ 53317 ]; - - programs.gamemode.enable = true; - programs.steam.enable = true; - - programs.adb.enable = true; - programs.dconf.enable = true; - programs.fish.enable = true; - programs.localsend.enable = true; - programs.seahorse.enable = true; - programs.ssh = { - startAgent = true; - enableAskPassword = true; + programs = { + adb.enable = true; + dconf.enable = true; + fish.enable = true; + gamemode.enable = true; + localsend.enable = true; + seahorse.enable = true; + steam.enable = true; + ssh = { + startAgent = true; + enableAskPassword = true; + }; }; - services.power-profiles-daemon.enable = true; - services.gvfs.enable = true; - services.gnome = { - gnome-keyring.enable = true; - sushi.enable = true; - }; + services = { + power-profiles-daemon.enable = true; + gvfs.enable = true; + gnome = { + gnome-keyring.enable = true; + sushi.enable = true; + }; + tailscale = { + enable = true; + openFirewall = true; + }; - # yubikey - services.pcscd.enable = true; - services.udev.packages = [ pkgs.yubikey-personalization ]; + # yubikey + pcscd.enable = true; + udev.packages = [ pkgs.yubikey-personalization ]; + }; fonts = { enableDefaultPackages = false; packages = with pkgs; [ - (nerdfonts.override { - fonts = [ "NerdFontsSymbolsOnly" ]; - }) + (nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; }) (inter.overrideAttrs { installPhase = '' runHook preInstall @@ -129,9 +129,7 @@ ]; fontconfig = { defaultFonts = { - emoji = [ - "Noto Color Emoji" - ]; + emoji = [ "Noto Color Emoji" ]; # Append emoji font for Qt apps, they might use the monochrome emoji monospace = [ "JetBrains Mono" diff --git a/hosts/dust/preservation.nix b/hosts/dust/preservation.nix index 12788b2..d6a9a12 100644 --- a/hosts/dust/preservation.nix +++ b/hosts/dust/preservation.nix @@ -39,9 +39,7 @@ ".config/fcitx5" ".config/obs-studio" ]; - files = [ - ".config/sops/age/keys.txt" - ]; + files = [ ".config/sops/age/keys.txt" ]; }; }; diff --git a/hosts/pek0/services/mastodon.nix b/hosts/pek0/services/mastodon.nix index 9dbcf86..7813fba 100644 --- a/hosts/pek0/services/mastodon.nix +++ b/hosts/pek0/services/mastodon.nix @@ -42,28 +42,20 @@ systemd.services.mastodon-sidekiq-all.environment = config.networking.proxy.envVars; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "mastodon.ny4.dev" ]; - }; + match = lib.singleton { host = [ "mastodon.ny4.dev" ]; }; handle = lib.singleton { handler = "subroute"; routes = [ { - match = lib.singleton { - path = [ "/api/v1/streaming/*" ]; - }; + match = lib.singleton { path = [ "/api/v1/streaming/*" ]; }; handle = lib.singleton { handler = "reverse_proxy"; headers.request.set."X-Forwarded-Proto" = [ "https" ]; - upstreams = lib.singleton { - dial = "unix//run/mastodon-streaming/streaming-1.socket"; - }; + upstreams = lib.singleton { dial = "unix//run/mastodon-streaming/streaming-1.socket"; }; }; } { - match = lib.singleton { - path = [ "/system/*" ]; - }; + match = lib.singleton { path = [ "/system/*" ]; }; handle = [ { handler = "rewrite"; @@ -85,9 +77,7 @@ { handler = "reverse_proxy"; headers.request.set."X-Forwarded-Proto" = [ "https" ]; - upstreams = lib.singleton { - dial = "unix//run/mastodon-web/web.socket"; - }; + upstreams = lib.singleton { dial = "unix//run/mastodon-web/web.socket"; }; } ]; } @@ -96,9 +86,7 @@ }; services.caddy.settings.apps.http.servers.srv0.errors.routes = lib.singleton { - match = lib.singleton { - host = [ "mastodon.ny4.dev" ]; - }; + match = lib.singleton { host = [ "mastodon.ny4.dev" ]; }; handle = lib.singleton { handler = "subroute"; routes = [ diff --git a/hosts/pek0/services/matrix.nix b/hosts/pek0/services/matrix.nix index 359c14f..12b492c 100644 --- a/hosts/pek0/services/matrix.nix +++ b/hosts/pek0/services/matrix.nix @@ -50,9 +50,7 @@ }; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "matrix.ny4.dev" ]; - }; + match = lib.singleton { host = [ "matrix.ny4.dev" ]; }; handle = lib.singleton { handler = "subroute"; routes = lib.singleton { @@ -66,9 +64,7 @@ handle = lib.singleton { handler = "reverse_proxy"; headers.request.set."X-Forwarded-Proto" = [ "https" ]; - upstreams = lib.singleton { - dial = "unix//run/matrix-synapse/synapse.sock"; - }; + upstreams = lib.singleton { dial = "unix//run/matrix-synapse/synapse.sock"; }; }; }; }; diff --git a/hosts/pek0/services/minecraft.nix b/hosts/pek0/services/minecraft.nix index 373bf61..aecedd6 100644 --- a/hosts/pek0/services/minecraft.nix +++ b/hosts/pek0/services/minecraft.nix @@ -1,8 +1,4 @@ -{ - lib, - pkgs, - ... -}: +{ lib, pkgs, ... }: { services.minecraft-server = { enable = true; diff --git a/hosts/tyo0/anti-feature.nix b/hosts/tyo0/anti-feature.nix index d1dc41f..845ef8f 100644 --- a/hosts/tyo0/anti-feature.nix +++ b/hosts/tyo0/anti-feature.nix @@ -14,11 +14,7 @@ ]; allowUnfree = false; - allowUnfreePredicate = - pkg: - lib.elem (lib.getName pkg) - [ - ]; + allowUnfreePredicate = pkg: lib.elem (lib.getName pkg) [ ]; permittedInsecurePackages = [ "cinny-4.1.0" diff --git a/hosts/tyo0/default.nix b/hosts/tyo0/default.nix index 369b438..b3d87ea 100644 --- a/hosts/tyo0/default.nix +++ b/hosts/tyo0/default.nix @@ -64,9 +64,7 @@ listen = [ ":443" ]; }; - systemd.services."caddy".serviceConfig.SupplementaryGroups = [ - "forgejo" - ]; + systemd.services."caddy".serviceConfig.SupplementaryGroups = [ "forgejo" ]; services.caddy.settings.apps.http.servers.srv0.routes = [ { @@ -81,9 +79,7 @@ Access-Control-Allow-Origin = [ "*" ]; Content-Type = [ "application/json" ]; }; - body = builtins.toJSON { - "m.server" = "matrix.ny4.dev:443"; - }; + body = builtins.toJSON { "m.server" = "matrix.ny4.dev:443"; }; }; } { @@ -120,9 +116,7 @@ }; } { - match = lib.singleton { - host = [ "ny4.dev" ]; - }; + match = lib.singleton { host = [ "ny4.dev" ]; }; handle = lib.singleton { handler = "static_response"; status_code = 302; @@ -132,9 +126,7 @@ }; } { - match = lib.singleton { - host = [ "element.ny4.dev" ]; - }; + match = lib.singleton { host = [ "element.ny4.dev" ]; }; handle = [ { handler = "headers"; @@ -157,9 +149,7 @@ ]; } { - match = lib.singleton { - host = [ "cinny.ny4.dev" ]; - }; + match = lib.singleton { host = [ "cinny.ny4.dev" ]; }; handle = lib.singleton { handler = "subroute"; routes = [ diff --git a/hosts/tyo0/services/forgejo.nix b/hosts/tyo0/services/forgejo.nix index 5f409a5..78629dc 100644 --- a/hosts/tyo0/services/forgejo.nix +++ b/hosts/tyo0/services/forgejo.nix @@ -29,9 +29,7 @@ }; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "git.ny4.dev" ]; - }; + match = lib.singleton { host = [ "git.ny4.dev" ]; }; handle = lib.singleton { handler = "reverse_proxy"; upstreams = [ { dial = "unix//run/forgejo/forgejo.sock"; } ]; diff --git a/hosts/tyo0/services/keycloak.nix b/hosts/tyo0/services/keycloak.nix index 1908c40..a73d65d 100644 --- a/hosts/tyo0/services/keycloak.nix +++ b/hosts/tyo0/services/keycloak.nix @@ -21,9 +21,7 @@ in }; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "id.ny4.dev" ]; - }; + match = lib.singleton { host = [ "id.ny4.dev" ]; }; handle = lib.singleton { handler = "reverse_proxy"; upstreams = [ { dial = "localhost:${toString port}"; } ]; diff --git a/hosts/tyo0/services/miniflux.nix b/hosts/tyo0/services/miniflux.nix index bf7ac64..ac7ee27 100644 --- a/hosts/tyo0/services/miniflux.nix +++ b/hosts/tyo0/services/miniflux.nix @@ -19,9 +19,7 @@ in }; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "rss.ny4.dev" ]; - }; + match = lib.singleton { host = [ "rss.ny4.dev" ]; }; handle = lib.singleton { handler = "reverse_proxy"; upstreams = [ { dial = "localhost:${toString port}"; } ]; diff --git a/hosts/tyo0/services/ntfy.nix b/hosts/tyo0/services/ntfy.nix index 1cf1ee1..eebe031 100644 --- a/hosts/tyo0/services/ntfy.nix +++ b/hosts/tyo0/services/ntfy.nix @@ -14,9 +14,7 @@ systemd.services.ntfy-sh.serviceConfig.RuntimeDirectory = [ "ntfy-sh" ]; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "ntfy.ny4.dev" ]; - }; + match = lib.singleton { host = [ "ntfy.ny4.dev" ]; }; handle = lib.singleton { handler = "reverse_proxy"; upstreams = [ { dial = "unix//run/ntfy-sh/ntfy.sock"; } ]; diff --git a/hosts/tyo0/services/prometheus.nix b/hosts/tyo0/services/prometheus.nix index b9a1a42..73a4bfe 100644 --- a/hosts/tyo0/services/prometheus.nix +++ b/hosts/tyo0/services/prometheus.nix @@ -57,11 +57,7 @@ in } { job_name = "blackbox_exporter"; - static_configs = lib.singleton { - targets = [ - "127.0.0.1:${toString ports.blackbox}" - ]; - }; + static_configs = lib.singleton { targets = [ "127.0.0.1:${toString ports.blackbox}" ]; }; } { job_name = "blackbox_probe"; @@ -137,11 +133,7 @@ in ); alertmanagers = lib.singleton { - static_configs = lib.singleton { - targets = [ - "127.0.0.1:${toString ports.alertmanager}" - ]; - }; + static_configs = lib.singleton { targets = [ "127.0.0.1:${toString ports.alertmanager}" ]; }; }; alertmanager = { @@ -152,9 +144,7 @@ in configuration = { receivers = lib.singleton { name = "ntfy"; - webhook_configs = lib.singleton { - url = "https://ntfy.ny4.dev/alert"; - }; + webhook_configs = lib.singleton { url = "https://ntfy.ny4.dev/alert"; }; }; route = { receiver = "ntfy"; @@ -164,9 +154,7 @@ in }; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "prom.ny4.dev" ]; - }; + match = lib.singleton { host = [ "prom.ny4.dev" ]; }; handle = lib.singleton { handler = "reverse_proxy"; upstreams = [ { dial = "127.0.0.1:${toString ports.prometheus}"; } ]; diff --git a/hosts/tyo0/services/redlib.nix b/hosts/tyo0/services/redlib.nix index 27d50bc..afbd6a4 100644 --- a/hosts/tyo0/services/redlib.nix +++ b/hosts/tyo0/services/redlib.nix @@ -10,9 +10,7 @@ in }; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "reddit.ny4.dev" ]; - }; + match = lib.singleton { host = [ "reddit.ny4.dev" ]; }; handle = [ { # Google's indexing caused a DoS with 800k requests... diff --git a/hosts/tyo0/services/sing-box.nix b/hosts/tyo0/services/sing-box.nix index f42c534..7b4b6a0 100644 --- a/hosts/tyo0/services/sing-box.nix +++ b/hosts/tyo0/services/sing-box.nix @@ -1,8 +1,6 @@ { lib, config, ... }: { - networking.firewall.allowedTCPPorts = [ - 27253 - ]; + networking.firewall.allowedTCPPorts = [ 27253 ]; services.sing-box = { enable = true; diff --git a/hosts/tyo0/services/vaultwarden.nix b/hosts/tyo0/services/vaultwarden.nix index edf3a35..8afbc61 100644 --- a/hosts/tyo0/services/vaultwarden.nix +++ b/hosts/tyo0/services/vaultwarden.nix @@ -20,9 +20,7 @@ in }; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "vault.ny4.dev" ]; - }; + match = lib.singleton { host = [ "vault.ny4.dev" ]; }; handle = lib.singleton { handler = "reverse_proxy"; upstreams = [ { dial = "localhost:${toString port}"; } ]; diff --git a/hosts/tyo0/services/wastebin.nix b/hosts/tyo0/services/wastebin.nix index 36d9416..12c4e32 100644 --- a/hosts/tyo0/services/wastebin.nix +++ b/hosts/tyo0/services/wastebin.nix @@ -9,9 +9,7 @@ in }; services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { - match = lib.singleton { - host = [ "pb.ny4.dev" ]; - }; + match = lib.singleton { host = [ "pb.ny4.dev" ]; }; handle = lib.singleton { handler = "reverse_proxy"; upstreams = [ { dial = "localhost:${toString port}"; } ]; diff --git a/nixos/profiles/core/default.nix b/nixos/profiles/core/default.nix index fa1b2a0..1a6d3ab 100644 --- a/nixos/profiles/core/default.nix +++ b/nixos/profiles/core/default.nix @@ -1,8 +1,4 @@ -{ - inputs, - pkgs, - ... -}: +{ inputs, pkgs, ... }: { imports = [ @@ -16,9 +12,7 @@ sops-nix.nixosModules.sops ]); - nixpkgs.overlays = [ - inputs.self.overlays.default - ]; + nixpkgs.overlays = [ inputs.self.overlays.default ]; boot.kernelPackages = pkgs.linuxPackages_latest; diff --git a/nixos/profiles/prometheus/default.nix b/nixos/profiles/prometheus/default.nix index b5dd188..5662b83 100644 --- a/nixos/profiles/prometheus/default.nix +++ b/nixos/profiles/prometheus/default.nix @@ -41,9 +41,7 @@ password = "$2a$14$2Phk4tobM04H4XiGegB3TuEXkyORCKMKW8TptYPTPXUWmZgtGBj/."; }; } - { - handler = "metrics"; - } + { handler = "metrics"; } ]; } ]; diff --git a/nixos/profiles/server/default.nix b/nixos/profiles/server/default.nix index 057fea1..6301ab7 100644 --- a/nixos/profiles/server/default.nix +++ b/nixos/profiles/server/default.nix @@ -1,12 +1,8 @@ { pkgs, ... }: { - imports = [ - ../prometheus - ]; + imports = [ ../prometheus ]; - environment.systemPackages = with pkgs; [ - foot.terminfo - ]; + environment.systemPackages = with pkgs; [ foot.terminfo ]; services.openssh = { enable = true; diff --git a/nixos/profiles/sing-box/default.nix b/nixos/profiles/sing-box/default.nix index 87febe2..afbd052 100644 --- a/nixos/profiles/sing-box/default.nix +++ b/nixos/profiles/sing-box/default.nix @@ -47,9 +47,7 @@ outbound = "direct"; } { - rule_set = [ - "geosite-private" - ]; + rule_set = [ "geosite-private" ]; ip_is_private = true; outbound = "direct"; } diff --git a/overlays/default.nix b/overlays/default.nix index e73553e..ad2967b 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -52,12 +52,8 @@ _final: prev: { # HACK: no more gtk2 gnome-themes-extra = - (prev.gnome-themes-extra.override { - gtk2 = prev.emptyDirectory; - }).overrideAttrs - { - configureFlags = [ "--disable-gtk2-engine" ]; - }; + (prev.gnome-themes-extra.override { gtk2 = prev.emptyDirectory; }).overrideAttrs + { configureFlags = [ "--disable-gtk2-engine" ]; }; sway-unwrapped = addPatches prev.sway-unwrapped [ # text_input: Implement input-method popups diff --git a/pkgs/default.nix b/pkgs/default.nix index 58e074b..51ed0ea 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,3 @@ # NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`, # only keeping some packages that only fits for personal use. -pkgs: { - background = pkgs.nixos-artwork.wallpapers.nineish-dark-gray.src; -} +pkgs: { background = pkgs.nixos-artwork.wallpapers.nineish-dark-gray.src; } diff --git a/treefmt.nix b/treefmt.nix index e8e1cf9..6c14fa2 100644 --- a/treefmt.nix +++ b/treefmt.nix @@ -1,13 +1,15 @@ { projectRootFile = "flake.nix"; - ### nix - programs.nixfmt.enable = true; - programs.deadnix.enable = true; - programs.statix.enable = true; + programs = { + deadnix.enable = true; + nixfmt.enable = true; + prettier.enable = true; + statix.enable = true; + }; + + settings.formatter.nixfmt.options = [ "--strict" ]; - ### misc - programs.prettier.enable = true; settings.formatter.prettier.excludes = [ "hosts/pek0/secrets.yaml" "hosts/tyo0/secrets.yaml"