nyancat/flake
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

treewide: use nixfmt --strict flag

Browse source
This commit is contained in:
Guanran Wang 2024-09-21 01:38:01 +08:00
parent f3c554e51d
commit b2638a2885
Signed by: nyancat
GPG key ID: 91F97D9ED12639CF
30 changed files with 88 additions and 207 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
home/applications/fcitx5/default.nix
View file

@ -1,8 +1,4 @@
{ { lib, pkgs, ... }:
lib,
pkgs,
...
}:
let let
package = pkgs.qt6Packages.fcitx5-with-addons.override { package = pkgs.qt6Packages.fcitx5-with-addons.override {
addons = with pkgs; [ addons = with pkgs; [
@ -14,9 +10,7 @@ let
}; };
in in
{ {
home.packages = [ home.packages = [ package ];
package
];
systemd.user.services.fcitx5-daemon = { systemd.user.services.fcitx5-daemon = {
Unit.Description = "Fcitx5 input method editor"; Unit.Description = "Fcitx5 input method editor";

6
home/applications/go/default.nix
View file

@ -1,8 +1,4 @@
{ { pkgs, config, ... }:
pkgs,
config,
...
}:
{ {
programs.go.enable = true; programs.go.enable = true;
home.packages = with pkgs; [ home.packages = with pkgs; [

13
home/applications/mpv/default.nix
View file

@ -1,8 +1,4 @@
{ { pkgs, lib, ... }:
pkgs,
lib,
...
}:
{ {
programs.mpv = { programs.mpv = {
enable = true; enable = true;
@ -23,12 +19,7 @@
modernx-zydezu modernx-zydezu
thumbfast thumbfast
]) ])
++ lib.optionals pkgs.stdenv.hostPlatform.isLinux ( ++ lib.optionals pkgs.stdenv.hostPlatform.isLinux (with pkgs.mpvScripts; [ mpris ]);
with pkgs.mpvScripts;
[
mpris
]
);
bindings = bindings =
let let

6
home/applications/neovim/default.nix
View file

@ -1,8 +1,4 @@
{ { pkgs, inputs, ... }:
pkgs,
inputs,
...
}:
{ {
home.packages = [ pkgs.neovim ]; home.packages = [ pkgs.neovim ];
home.sessionVariables."EDITOR" = "nvim"; home.sessionVariables."EDITOR" = "nvim";

6
home/applications/swayidle/default.nix
View file

@ -1,8 +1,4 @@
{ { lib, config, ... }:
lib,
config,
...
}:
{ {
services.swayidle = { services.swayidle = {
enable = true; enable = true;

6
home/applications/swaylock/default.nix
View file

@ -1,8 +1,4 @@
{ { inputs, pkgs, ... }:
inputs,
pkgs,
...
}:
{ {
programs.swaylock = { programs.swaylock = {
enable = true; enable = true;

6
home/default.nix
View file

@ -1,8 +1,4 @@
{ { lib, pkgs, ... }:
lib,
pkgs,
...
}:
{ {
home = { home = {
username = "guanranwang"; username = "guanranwang";

70
hosts/dust/default.nix
View file

@ -59,48 +59,48 @@
boot.tmp.useTmpfs = true; boot.tmp.useTmpfs = true;
services.tailscale = { environment.systemPackages = with pkgs; [ yubikey-manager ];
enable = true;
openFirewall = true; networking.firewall = {
allowedTCPPorts = [ 53317 ];
allowedUDPPorts = [ 53317 ];
}; };
environment.systemPackages = with pkgs; [ programs = {
yubikey-manager adb.enable = true;
]; dconf.enable = true;
fish.enable = true;
networking.firewall.allowedTCPPorts = [ 53317 ]; gamemode.enable = true;
networking.firewall.allowedUDPPorts = [ 53317 ]; localsend.enable = true;
seahorse.enable = true;
programs.gamemode.enable = true; steam.enable = true;
programs.steam.enable = true; ssh = {
startAgent = true;
programs.adb.enable = true; enableAskPassword = true;
programs.dconf.enable = true; };
programs.fish.enable = true;
programs.localsend.enable = true;
programs.seahorse.enable = true;
programs.ssh = {
startAgent = true;
enableAskPassword = true;
}; };
services.power-profiles-daemon.enable = true; services = {
services.gvfs.enable = true; power-profiles-daemon.enable = true;
services.gnome = { gvfs.enable = true;
gnome-keyring.enable = true; gnome = {
sushi.enable = true; gnome-keyring.enable = true;
}; sushi.enable = true;
};
tailscale = {
enable = true;
openFirewall = true;
};
# yubikey # yubikey
services.pcscd.enable = true; pcscd.enable = true;
services.udev.packages = [ pkgs.yubikey-personalization ]; udev.packages = [ pkgs.yubikey-personalization ];
};
fonts = { fonts = {
enableDefaultPackages = false; enableDefaultPackages = false;
packages = with pkgs; [ packages = with pkgs; [
(nerdfonts.override { (nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
fonts = [ "NerdFontsSymbolsOnly" ];
})
(inter.overrideAttrs { (inter.overrideAttrs {
installPhase = '' installPhase = ''
runHook preInstall runHook preInstall
@ -129,9 +129,7 @@
]; ];
fontconfig = { fontconfig = {
defaultFonts = { defaultFonts = {
emoji = [ emoji = [ "Noto Color Emoji" ];
"Noto Color Emoji"
];
# Append emoji font for Qt apps, they might use the monochrome emoji # Append emoji font for Qt apps, they might use the monochrome emoji
monospace = [ monospace = [
"JetBrains Mono" "JetBrains Mono"

4
hosts/dust/preservation.nix
View file

@ -39,9 +39,7 @@
".config/fcitx5" ".config/fcitx5"
".config/obs-studio" ".config/obs-studio"
]; ];
files = [ files = [ ".config/sops/age/keys.txt" ];
".config/sops/age/keys.txt"
];
}; };
}; };

24
hosts/pek0/services/mastodon.nix
View file

@ -42,28 +42,20 @@
systemd.services.mastodon-sidekiq-all.environment = config.networking.proxy.envVars; systemd.services.mastodon-sidekiq-all.environment = config.networking.proxy.envVars;
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "mastodon.ny4.dev" ]; };
host = [ "mastodon.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "subroute"; handler = "subroute";
routes = [ routes = [
{ {
match = lib.singleton { match = lib.singleton { path = [ "/api/v1/streaming/*" ]; };
path = [ "/api/v1/streaming/*" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "reverse_proxy"; handler = "reverse_proxy";
headers.request.set."X-Forwarded-Proto" = [ "https" ]; headers.request.set."X-Forwarded-Proto" = [ "https" ];
upstreams = lib.singleton { upstreams = lib.singleton { dial = "unix//run/mastodon-streaming/streaming-1.socket"; };
dial = "unix//run/mastodon-streaming/streaming-1.socket";
};
}; };
} }
{ {
match = lib.singleton { match = lib.singleton { path = [ "/system/*" ]; };
path = [ "/system/*" ];
};
handle = [ handle = [
{ {
handler = "rewrite"; handler = "rewrite";
@ -85,9 +77,7 @@
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
headers.request.set."X-Forwarded-Proto" = [ "https" ]; headers.request.set."X-Forwarded-Proto" = [ "https" ];
upstreams = lib.singleton { upstreams = lib.singleton { dial = "unix//run/mastodon-web/web.socket"; };
dial = "unix//run/mastodon-web/web.socket";
};
} }
]; ];
} }
@ -96,9 +86,7 @@
}; };
services.caddy.settings.apps.http.servers.srv0.errors.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.errors.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "mastodon.ny4.dev" ]; };
host = [ "mastodon.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "subroute"; handler = "subroute";
routes = [ routes = [

8
hosts/pek0/services/matrix.nix
View file

@ -50,9 +50,7 @@
}; };
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "matrix.ny4.dev" ]; };
host = [ "matrix.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "subroute"; handler = "subroute";
routes = lib.singleton { routes = lib.singleton {
@ -66,9 +64,7 @@
handle = lib.singleton { handle = lib.singleton {
handler = "reverse_proxy"; handler = "reverse_proxy";
headers.request.set."X-Forwarded-Proto" = [ "https" ]; headers.request.set."X-Forwarded-Proto" = [ "https" ];
upstreams = lib.singleton { upstreams = lib.singleton { dial = "unix//run/matrix-synapse/synapse.sock"; };
dial = "unix//run/matrix-synapse/synapse.sock";
};
}; };
}; };
}; };

6
hosts/pek0/services/minecraft.nix
View file

@ -1,8 +1,4 @@
{ { lib, pkgs, ... }:
lib,
pkgs,
...
}:
{ {
services.minecraft-server = { services.minecraft-server = {
enable = true; enable = true;

6
hosts/tyo0/anti-feature.nix
View file

@ -14,11 +14,7 @@
]; ];
allowUnfree = false; allowUnfree = false;
allowUnfreePredicate = allowUnfreePredicate = pkg: lib.elem (lib.getName pkg) [ ];
pkg:
lib.elem (lib.getName pkg)
[
];
permittedInsecurePackages = [ permittedInsecurePackages = [
"cinny-4.1.0" "cinny-4.1.0"

20
hosts/tyo0/default.nix
View file

@ -64,9 +64,7 @@
listen = [ ":443" ]; listen = [ ":443" ];
}; };
systemd.services."caddy".serviceConfig.SupplementaryGroups = [ systemd.services."caddy".serviceConfig.SupplementaryGroups = [ "forgejo" ];
"forgejo"
];
services.caddy.settings.apps.http.servers.srv0.routes = [ services.caddy.settings.apps.http.servers.srv0.routes = [
{ {
@ -81,9 +79,7 @@
Access-Control-Allow-Origin = [ "*" ]; Access-Control-Allow-Origin = [ "*" ];
Content-Type = [ "application/json" ]; Content-Type = [ "application/json" ];
}; };
body = builtins.toJSON { body = builtins.toJSON { "m.server" = "matrix.ny4.dev:443"; };
"m.server" = "matrix.ny4.dev:443";
};
}; };
} }
{ {
@ -120,9 +116,7 @@
}; };
} }
{ {
match = lib.singleton { match = lib.singleton { host = [ "ny4.dev" ]; };
host = [ "ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "static_response"; handler = "static_response";
status_code = 302; status_code = 302;
@ -132,9 +126,7 @@
}; };
} }
{ {
match = lib.singleton { match = lib.singleton { host = [ "element.ny4.dev" ]; };
host = [ "element.ny4.dev" ];
};
handle = [ handle = [
{ {
handler = "headers"; handler = "headers";
@ -157,9 +149,7 @@
]; ];
} }
{ {
match = lib.singleton { match = lib.singleton { host = [ "cinny.ny4.dev" ]; };
host = [ "cinny.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "subroute"; handler = "subroute";
routes = [ routes = [

4
hosts/tyo0/services/forgejo.nix
View file

@ -29,9 +29,7 @@
}; };
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "git.ny4.dev" ]; };
host = [ "git.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "reverse_proxy"; handler = "reverse_proxy";
upstreams = [ { dial = "unix//run/forgejo/forgejo.sock"; } ]; upstreams = [ { dial = "unix//run/forgejo/forgejo.sock"; } ];

4
hosts/tyo0/services/keycloak.nix
View file

@ -21,9 +21,7 @@ in
}; };
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "id.ny4.dev" ]; };
host = [ "id.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "reverse_proxy"; handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${toString port}"; } ]; upstreams = [ { dial = "localhost:${toString port}"; } ];

4
hosts/tyo0/services/miniflux.nix
View file

@ -19,9 +19,7 @@ in
}; };
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "rss.ny4.dev" ]; };
host = [ "rss.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "reverse_proxy"; handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${toString port}"; } ]; upstreams = [ { dial = "localhost:${toString port}"; } ];

4
hosts/tyo0/services/ntfy.nix
View file

@ -14,9 +14,7 @@
systemd.services.ntfy-sh.serviceConfig.RuntimeDirectory = [ "ntfy-sh" ]; systemd.services.ntfy-sh.serviceConfig.RuntimeDirectory = [ "ntfy-sh" ];
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "ntfy.ny4.dev" ]; };
host = [ "ntfy.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "reverse_proxy"; handler = "reverse_proxy";
upstreams = [ { dial = "unix//run/ntfy-sh/ntfy.sock"; } ]; upstreams = [ { dial = "unix//run/ntfy-sh/ntfy.sock"; } ];

20
hosts/tyo0/services/prometheus.nix
View file

@ -57,11 +57,7 @@ in
} }
{ {
job_name = "blackbox_exporter"; job_name = "blackbox_exporter";
static_configs = lib.singleton { static_configs = lib.singleton { targets = [ "127.0.0.1:${toString ports.blackbox}" ]; };
targets = [
"127.0.0.1:${toString ports.blackbox}"
];
};
} }
{ {
job_name = "blackbox_probe"; job_name = "blackbox_probe";
@ -137,11 +133,7 @@ in
); );
alertmanagers = lib.singleton { alertmanagers = lib.singleton {
static_configs = lib.singleton { static_configs = lib.singleton { targets = [ "127.0.0.1:${toString ports.alertmanager}" ]; };
targets = [
"127.0.0.1:${toString ports.alertmanager}"
];
};
}; };
alertmanager = { alertmanager = {
@ -152,9 +144,7 @@ in
configuration = { configuration = {
receivers = lib.singleton { receivers = lib.singleton {
name = "ntfy"; name = "ntfy";
webhook_configs = lib.singleton { webhook_configs = lib.singleton { url = "https://ntfy.ny4.dev/alert"; };
url = "https://ntfy.ny4.dev/alert";
};
}; };
route = { route = {
receiver = "ntfy"; receiver = "ntfy";
@ -164,9 +154,7 @@ in
}; };
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "prom.ny4.dev" ]; };
host = [ "prom.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "reverse_proxy"; handler = "reverse_proxy";
upstreams = [ { dial = "127.0.0.1:${toString ports.prometheus}"; } ]; upstreams = [ { dial = "127.0.0.1:${toString ports.prometheus}"; } ];

4
hosts/tyo0/services/redlib.nix
View file

@ -10,9 +10,7 @@ in
}; };
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "reddit.ny4.dev" ]; };
host = [ "reddit.ny4.dev" ];
};
handle = [ handle = [
{ {
# Google's indexing caused a DoS with 800k requests... # Google's indexing caused a DoS with 800k requests...

4
hosts/tyo0/services/sing-box.nix
View file

@ -1,8 +1,6 @@
{ lib, config, ... }: { lib, config, ... }:
{ {
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [ 27253 ];
27253
];
services.sing-box = { services.sing-box = {
enable = true; enable = true;

4
hosts/tyo0/services/vaultwarden.nix
View file

@ -20,9 +20,7 @@ in
}; };
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "vault.ny4.dev" ]; };
host = [ "vault.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "reverse_proxy"; handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${toString port}"; } ]; upstreams = [ { dial = "localhost:${toString port}"; } ];

4
hosts/tyo0/services/wastebin.nix
View file

@ -9,9 +9,7 @@ in
}; };
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton {
match = lib.singleton { match = lib.singleton { host = [ "pb.ny4.dev" ]; };
host = [ "pb.ny4.dev" ];
};
handle = lib.singleton { handle = lib.singleton {
handler = "reverse_proxy"; handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${toString port}"; } ]; upstreams = [ { dial = "localhost:${toString port}"; } ];

10
nixos/profiles/core/default.nix
View file

@ -1,8 +1,4 @@
{ { inputs, pkgs, ... }:
inputs,
pkgs,
...
}:
{ {
imports = imports =
[ [
@ -16,9 +12,7 @@
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
]); ]);
nixpkgs.overlays = [ nixpkgs.overlays = [ inputs.self.overlays.default ];
inputs.self.overlays.default
];
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;

4
nixos/profiles/prometheus/default.nix
View file

@ -41,9 +41,7 @@
password = "$2a$14$2Phk4tobM04H4XiGegB3TuEXkyORCKMKW8TptYPTPXUWmZgtGBj/."; password = "$2a$14$2Phk4tobM04H4XiGegB3TuEXkyORCKMKW8TptYPTPXUWmZgtGBj/.";
}; };
} }
{ { handler = "metrics"; }
handler = "metrics";
}
]; ];
} }
]; ];

8
nixos/profiles/server/default.nix
View file

@ -1,12 +1,8 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
imports = [ imports = [ ../prometheus ];
../prometheus
];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ foot.terminfo ];
foot.terminfo
];
services.openssh = { services.openssh = {
enable = true; enable = true;

4
nixos/profiles/sing-box/default.nix
View file

@ -47,9 +47,7 @@
outbound = "direct"; outbound = "direct";
} }
{ {
rule_set = [ rule_set = [ "geosite-private" ];
"geosite-private"
];
ip_is_private = true; ip_is_private = true;
outbound = "direct"; outbound = "direct";
} }

8
overlays/default.nix
View file

@ -52,12 +52,8 @@ _final: prev: {
# HACK: no more gtk2 # HACK: no more gtk2
gnome-themes-extra = gnome-themes-extra =
(prev.gnome-themes-extra.override { (prev.gnome-themes-extra.override { gtk2 = prev.emptyDirectory; }).overrideAttrs
gtk2 = prev.emptyDirectory; { configureFlags = [ "--disable-gtk2-engine" ]; };
}).overrideAttrs
{
configureFlags = [ "--disable-gtk2-engine" ];
};
sway-unwrapped = addPatches prev.sway-unwrapped [ sway-unwrapped = addPatches prev.sway-unwrapped [
# text_input: Implement input-method popups # text_input: Implement input-method popups

4
pkgs/default.nix
View file

@ -1,5 +1,3 @@
# NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`, # NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`,
# only keeping some packages that only fits for personal use. # only keeping some packages that only fits for personal use.
pkgs: { pkgs: { background = pkgs.nixos-artwork.wallpapers.nineish-dark-gray.src; }
background = pkgs.nixos-artwork.wallpapers.nineish-dark-gray.src;
}

14
treefmt.nix
View file

@ -1,13 +1,15 @@
{ {
projectRootFile = "flake.nix"; projectRootFile = "flake.nix";
### nix programs = {
programs.nixfmt.enable = true; deadnix.enable = true;
programs.deadnix.enable = true; nixfmt.enable = true;
programs.statix.enable = true; prettier.enable = true;
statix.enable = true;
};
settings.formatter.nixfmt.options = [ "--strict" ];
### misc
programs.prettier.enable = true;
settings.formatter.prettier.excludes = [ settings.formatter.prettier.excludes = [
"hosts/pek0/secrets.yaml" "hosts/pek0/secrets.yaml"
"hosts/tyo0/secrets.yaml" "hosts/tyo0/secrets.yaml"