From c8247a320812e65303cecdb039cff1fe1f7f3db6 Mon Sep 17 00:00:00 2001 From: "Gustavo \"Guz\" L. de Mello" Date: Sun, 16 Jun 2024 20:08:29 -0300 Subject: [PATCH] chore: format files --- configuration.nix | 17 ++-- flake.nix | 28 +++--- hardware-configuration.nix | 21 ++--- homes/guz.nix | 11 +-- modules/adguardhome.nix | 63 +++++++------- modules/default.nix | 2 +- modules/forgejo/default.nix | 130 ++++++++++++++-------------- modules/locales.nix | 85 +++++++++--------- modules/nh/default.nix | 17 ++-- modules/tailscale.nix | 55 ++++++------ secrets/spacestation.lesser.json | 4 +- services/adguardhome.nix | 15 ++-- services/caddy.nix | 20 +++++ services/containers/default.nix | 2 +- services/containers/prata-music.nix | 11 +-- services/default.nix | 1 + services/forgejo.nix | 15 ++-- services/tailscale.nix | 15 ++-- 18 files changed, 265 insertions(+), 247 deletions(-) create mode 100644 services/caddy.nix diff --git a/configuration.nix b/configuration.nix index e491cad..8605f91 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,8 +1,9 @@ -{ config -, lib -, inputs -, pkgs -, ... +{ + config, + lib, + inputs, + pkgs, + ... }: { imports = [ ./hardware-configuration.nix @@ -17,13 +18,13 @@ profiles.locale.enable = true; - home-manager.extraSpecialArgs = { inherit inputs; }; + home-manager.extraSpecialArgs = {inherit inputs;}; users.users."guz" = { shell = pkgs.zsh; hashedPasswordFile = builtins.toString config.sops.secrets."guz/password".path; home = "/home/guz"; isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "plugdev" ]; + extraGroups = ["wheel" "networkmanager" "plugdev"]; }; home-manager.users."guz" = import ./homes/guz.nix; @@ -43,7 +44,7 @@ libinput ]; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nix.settings.experimental-features = ["nix-command" "flakes"]; nix.package = pkgs.nixVersions.nix_2_21; networking = { diff --git a/flake.nix b/flake.nix index f39d431..772ef7f 100644 --- a/flake.nix +++ b/flake.nix @@ -21,21 +21,21 @@ dot013-environment.url = "github:dot013/environment"; }; - outputs = - { nixpkgs - , home-manager - , ... - } @ inputs: { - nixosConfigurations = { - spacestation = nixpkgs.lib.nixosSystem { - specialArgs = { - inherit inputs; - }; - modules = [ - inputs.home-manager.nixosModules.default - ./configuration.nix - ]; + outputs = { + nixpkgs, + home-manager, + ... + } @ inputs: { + nixosConfigurations = { + spacestation = nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs; }; + modules = [ + inputs.home-manager.nixosModules.default + ./configuration.nix + ]; }; }; + }; } diff --git a/hardware-configuration.nix b/hardware-configuration.nix index 2a50d82..f0277c7 100644 --- a/hardware-configuration.nix +++ b/hardware-configuration.nix @@ -1,20 +1,21 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config -, lib -, pkgs -, modulesPath -, ... +{ + config, + lib, + pkgs, + modulesPath, + ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/26878c61-60d2-4ac9-967f-30faffc0f21f"; @@ -27,7 +28,7 @@ }; swapDevices = [ - { device = "/dev/disk/by-uuid/878a189a-e5df-4e1c-92d5-df6f77ff53bb"; } + {device = "/dev/disk/by-uuid/878a189a-e5df-4e1c-92d5-df6f77ff53bb";} ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/homes/guz.nix b/homes/guz.nix index eac4602..306c9c5 100644 --- a/homes/guz.nix +++ b/homes/guz.nix @@ -1,8 +1,9 @@ -{ config -, pkgs -, inputs -, lib -, ... +{ + config, + pkgs, + inputs, + lib, + ... }: { imports = [ inputs.dot013-environment.homeManagerModule diff --git a/modules/adguardhome.nix b/modules/adguardhome.nix index d38c2c1..53a618e 100644 --- a/modules/adguardhome.nix +++ b/modules/adguardhome.nix @@ -1,41 +1,40 @@ -{ config -, lib -, ... -}: -let - cfg = config.services.adguardhome; -in { - imports = [ ]; + config, + lib, + ... +}: let + cfg = config.services.adguardhome; +in { + imports = []; options.services.adguardhome = with lib; - with lib.types; { - dns.filters = mkOption { - type = attrsOf (submodule ({ lib, ... }: { - options = { - name = mkOption { - type = nullOr str; - default = null; - }; - url = mkOption { - type = str; - }; - enabled = mkOption { - type = bool; - default = true; - }; + with lib.types; { + dns.filters = mkOption { + type = attrsOf (submodule ({lib, ...}: { + options = { + name = mkOption { + type = nullOr str; + default = null; }; - })); - default = { }; - }; - dns.rewrites = mkOption { - type = attrsOf str; - default = { }; - }; + url = mkOption { + type = str; + }; + enabled = mkOption { + type = bool; + default = true; + }; + }; + })); + default = {}; }; + dns.rewrites = mkOption { + type = attrsOf str; + default = {}; + }; + }; config = with lib; mkIf cfg.enable { - networking.firewall.allowedTCPPorts = [ 53 ]; - networking.firewall.allowedUDPPorts = [ 53 51820 ]; + networking.firewall.allowedTCPPorts = [53]; + networking.firewall.allowedUDPPorts = [53 51820]; services.adguardhome = { settings = { diff --git a/modules/default.nix b/modules/default.nix index b9d187b..b38447f 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,4 +1,4 @@ -{ ... }: { +{...}: { imports = [ ./adguardhome.nix ./forgejo diff --git a/modules/forgejo/default.nix b/modules/forgejo/default.nix index 99c1c24..c313f0a 100644 --- a/modules/forgejo/default.nix +++ b/modules/forgejo/default.nix @@ -1,12 +1,12 @@ -{ config -, lib -, pkgs -, utils -, ... -}: -let +{ + config, + lib, + pkgs, + utils, + ... +}: let cfg = config.services.forgejo; - yamlFormat = pkgs.formats.yaml { }; + yamlFormat = pkgs.formats.yaml {}; users = builtins.attrValues (builtins.mapAttrs (username: info: { name = @@ -19,67 +19,67 @@ let }) cfg.users); initList = l: lib.strings.concatStringsSep "," l; -in -{ - imports = [ ]; +in { + imports = []; options.services.forgejo = with lib; - with lib.types; { - handleUndeclaredUsers = mkOption { - type = bool; - default = false; - }; - users = mkOption { - type = attrsOf (submodule ({ config - , lib - , ... - }: - with lib; - with lib.types; { - options = { - name = mkOption { - type = nullOr (either str path); - default = null; - }; - password = mkOption { - type = either str path; - }; - email = mkOption { - type = either str path; - }; - admin = mkOption { - type = bool; - default = false; - }; + with lib.types; { + handleUndeclaredUsers = mkOption { + type = bool; + default = false; + }; + users = mkOption { + type = attrsOf (submodule ({ + config, + lib, + ... + }: + with lib; + with lib.types; { + options = { + name = mkOption { + type = nullOr (either str path); + default = null; }; - })); - default = { }; + password = mkOption { + type = either str path; + }; + email = mkOption { + type = either str path; + }; + admin = mkOption { + type = bool; + default = false; + }; + }; + })); + default = {}; + }; + actions = { + enable = mkOption { + type = bool; + default = cfg.enable; }; - actions = { - enable = mkOption { - type = bool; - default = cfg.enable; - }; - token = mkOption { - type = str; - }; - url = mkOption { - type = str; - default = "http://localhost:${toString cfg.settings.server.HTTP_PORT}"; - }; - labels = mkOption { - type = listOf str; - default = [ - /* + token = mkOption { + type = str; + }; + url = mkOption { + type = str; + default = "http://localhost:${toString cfg.settings.server.HTTP_PORT}"; + }; + labels = mkOption { + type = listOf str; + default = [ + /* Remember to install git on these images so actions/checkout can work, without it, the actions tries to use the /api/v3/repos/{user}/{repo}/tarball/{ref} api endpoint, which Gitea/Forgejo doesn't has. - */ - "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest-slim" - "ubuntu-latest-full:docker://gitea/runner-images:ubuntu-latest" - ]; - }; + */ + "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest-slim" + "ubuntu-latest-full:docker://gitea/runner-images:ubuntu-latest" + ]; }; }; + }; config = with lib; mkIf cfg.enable { networking.firewall.allowedTCPPorts = mkIf cfg.settings.actions.ENABLED [ @@ -94,9 +94,9 @@ in useDefaultShell = true; group = cfg.group; isSystemUser = true; - extraGroups = [ "wheel" "networkmanager" ]; + extraGroups = ["wheel" "networkmanager"]; }; - users.groups."${cfg.group}" = { }; + users.groups."${cfg.group}" = {}; services.forgejo = { user = mkDefault "git"; @@ -193,8 +193,8 @@ in '') users)} ''; - wantedBy = [ "multi-user.target" ]; - after = [ "forgejo.service" ]; + wantedBy = ["multi-user.target"]; + after = ["forgejo.service"]; serviceConfig = { Type = "oneshot"; User = cfg.user; diff --git a/modules/locales.nix b/modules/locales.nix index ac1dbb0..2c1803c 100644 --- a/modules/locales.nix +++ b/modules/locales.nix @@ -1,50 +1,49 @@ -{ config -, lib -, ... -}: -let - cfg = config.profiles.locale; -in { - imports = [ ]; + config, + lib, + ... +}: let + cfg = config.profiles.locale; +in { + imports = []; options.profiles.locale = with lib; - with lib.types; { - enable = mkEnableOption ""; - locale = mkOption { - type = str; - default = "en_US.UTF-8"; - }; - extraLocales = mkOption { - type = attrsOf str; - default = rec { - LC_ADDRESS = "pt_BR.UTF-8"; - LC_IDENTIFICATION = LC_ADDRESS; - LC_MEASUREMENT = LC_ADDRESS; - LC_MONETARY = LC_ADDRESS; - LC_NAME = LC_ADDRESS; - LC_NUMERIC = LC_ADDRESS; - LC_PAPER = LC_ADDRESS; - LC_TELEPHONE = LC_ADDRESS; - LC_TIME = LC_ADDRESS; - }; - }; - keymap.layout = mkOption { - type = str; - default = "br"; - }; - keymap.variant = mkOption { - type = str; - default = ""; - }; - keymap.console = mkOption { - type = str; - default = "br-abnt2"; - }; - timeZone = mkOption { - type = str; - default = "America/Sao_Paulo"; + with lib.types; { + enable = mkEnableOption ""; + locale = mkOption { + type = str; + default = "en_US.UTF-8"; + }; + extraLocales = mkOption { + type = attrsOf str; + default = rec { + LC_ADDRESS = "pt_BR.UTF-8"; + LC_IDENTIFICATION = LC_ADDRESS; + LC_MEASUREMENT = LC_ADDRESS; + LC_MONETARY = LC_ADDRESS; + LC_NAME = LC_ADDRESS; + LC_NUMERIC = LC_ADDRESS; + LC_PAPER = LC_ADDRESS; + LC_TELEPHONE = LC_ADDRESS; + LC_TIME = LC_ADDRESS; }; }; + keymap.layout = mkOption { + type = str; + default = "br"; + }; + keymap.variant = mkOption { + type = str; + default = ""; + }; + keymap.console = mkOption { + type = str; + default = "br-abnt2"; + }; + timeZone = mkOption { + type = str; + default = "America/Sao_Paulo"; + }; + }; config = { i18n = { defaultLocale = cfg.locale; diff --git a/modules/nh/default.nix b/modules/nh/default.nix index e4626ad..a8904bc 100644 --- a/modules/nh/default.nix +++ b/modules/nh/default.nix @@ -1,9 +1,9 @@ -{ config -, lib -, pkgs -, ... -}: -let +{ + config, + lib, + pkgs, + ... +}: let cfg = config.programs.nh; wrapper = pkgs.writeShellScriptBin "nh" '' function alejandra() { ${pkgs.alejandra}/bin/alejandra "$@"; } @@ -16,9 +16,8 @@ let ${builtins.readFile ./wrapper.sh} ''; -in -{ - options.programs.nh = with lib; with lib.types; { }; +in { + options.programs.nh = with lib; with lib.types; {}; config = with lib; mkIf cfg.enable { programs.nh.package = wrapper; diff --git a/modules/tailscale.nix b/modules/tailscale.nix index a32536b..0eb26a6 100644 --- a/modules/tailscale.nix +++ b/modules/tailscale.nix @@ -1,33 +1,32 @@ -{ config -, lib -, ... -}: -let - cfg = config.services.tailscale; -in { - imports = [ ]; + config, + lib, + ... +}: let + cfg = config.services.tailscale; +in { + imports = []; options.services.tailscale = with lib; - with lib.types; { - exitNode = mkOption { - type = bool; - default = false; - }; - tailnetName = mkOption { - type = str; - }; - tailnetUrl = mkOption { - type = str; - default = "${config.services.tailscale.tailnetName}.ts.net"; - }; - deviceUrl = mkOption { - type = str; - default = "${config.networking.hostName}.${config.services.tailscale.tailnetUrl}"; - }; - deviceIp = mkOption { - type = str; - }; + with lib.types; { + exitNode = mkOption { + type = bool; + default = false; }; + tailnetName = mkOption { + type = str; + }; + tailnetUrl = mkOption { + type = str; + default = "${config.services.tailscale.tailnetName}.ts.net"; + }; + deviceUrl = mkOption { + type = str; + default = "${config.networking.hostName}.${config.services.tailscale.tailnetUrl}"; + }; + deviceIp = mkOption { + type = str; + }; + }; config = with lib; mkIf cfg.enable { services.tailscale = { @@ -52,7 +51,7 @@ in systemd.services."tailscaled" = mkIf config.services.caddy.enable (mkDefault { serviceConfig = { - Environment = [ "TS_PERMIT_CERT_UID=caddy" ]; + Environment = ["TS_PERMIT_CERT_UID=caddy"]; }; }); diff --git a/secrets/spacestation.lesser.json b/secrets/spacestation.lesser.json index 2995f35..5075422 100644 --- a/secrets/spacestation.lesser.json +++ b/secrets/spacestation.lesser.json @@ -71,8 +71,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnL3dCY1VLMmoxRFRmS0Ir\nV0ppTnI0RE5ZMjcvRGNPWkNxWFdJYTBDTG00ClRGQkh1UStGTmc0RE5aNy9nL3FI\nbHJIa3hLR0ZkTjd6WkFzOFkzeFdMNUEKLS0tIDBidk93Qy9LenFlSGZ2aEpuTUFt\nWVM2eS9UdXAvbzE4eEdKMjVEM3RLdm8KKeIhk+YOKVL9Y19lLyb6/Pxv8rbewK2e\nLm96jx+LOMOCFcQGxuFKWqQbTB4br/cPvRKSY5jFmFWqVg7pCPTAzQ==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-05-21T18:13:55Z", - "mac": "ENC[AES256_GCM,data:P+tqLu/mY+qadDeyDwEYf/Mwv2tJOBEghvkBhRzLguaynCk4pLhy40P+eIvd8/DWfERW/CAnOH038kJRO9zG5qZiYKZgTB1MVFACnpPoF4Ek1a0+eSmQfiHBBLd45fvExfyYo3XLi6e0ZNZYiQOSL++WqBPGcSAz0N2bhxnPqFE=,iv:b7xEGJybByQwl2FfIdC3q2UVuDgOTHrVPPqZe/w8cmc=,tag:upZP6dukO70Qm5hb3odTWg==,type:str]", + "lastmodified": "2024-06-16T23:07:47Z", + "mac": "ENC[AES256_GCM,data:Bf5CCuBVEidLk+7OW6g6ADfchxh+98D24p3Kk6vuwScTDsA77ADQVcWmd2wQkwwl6j1b2p/0Brr0nZEbjTJL+vsYhRmMYlWvqyXEu7e10Obl3gd8OlnMIifit9jNpbTGGvlE+ZYiLGpqOoYHOMJOAB9kJPz21FiQlsFMEcDQseI=,iv:hddyrPLcWBhu0mpbegpsAXLeXZt/W8LOnFg4TNvxyag=,tag:OKHVYFy2+aJEtfqq3tSNLA==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.8.1" diff --git a/services/adguardhome.nix b/services/adguardhome.nix index c9bc6c8..b6c8703 100644 --- a/services/adguardhome.nix +++ b/services/adguardhome.nix @@ -1,13 +1,12 @@ -{ config -, lib -, pkgs -, ... -}: -let +{ + config, + lib, + pkgs, + ... +}: let secrets = config.spacestation-secrets.lesser; deviceIp = config.services.tailscale.deviceIp; -in -{ +in { imports = [ ../modules/adguardhome.nix ]; diff --git a/services/caddy.nix b/services/caddy.nix new file mode 100644 index 0000000..08037a3 --- /dev/null +++ b/services/caddy.nix @@ -0,0 +1,20 @@ +{ + config, + lib, + ... +}: let + secrets = config.spacestation-secrets.lesser; + deviceIp = config.services.tailscale.deviceIp; +in { + imports = []; + + services.caddy.enable = true; + services.caddy.virtualHosts = + lib.attrsets.mapAttrs' + (name: service: { + name = service.domain; + value = {extraConfig = "reverse_proxy ${deviceIp}:${toString service.port}";}; + }) + secrets.services; + networking.firewall.allowedTCPPorts = [80 433]; +} diff --git a/services/containers/default.nix b/services/containers/default.nix index 6a444d3..9f14b56 100644 --- a/services/containers/default.nix +++ b/services/containers/default.nix @@ -1,4 +1,4 @@ -{ ... }: { +{...}: { imports = [ ./prata-music.nix ]; diff --git a/services/containers/prata-music.nix b/services/containers/prata-music.nix index d1424d6..3aed191 100644 --- a/services/containers/prata-music.nix +++ b/services/containers/prata-music.nix @@ -1,9 +1,10 @@ -{ config -, lib -, pkgs -, ... +{ + config, + lib, + pkgs, + ... }: { - imports = [ ]; + imports = []; virtualisation.oci-containers.containers.prata-music = { image = "codetheweb/muse:latest"; autoStart = true; diff --git a/services/default.nix b/services/default.nix index 0d4ef32..a00fbda 100644 --- a/services/default.nix +++ b/services/default.nix @@ -1,6 +1,7 @@ { ... }: { imports = [ ./adguardhome.nix + ./caddy.nix ./containers ./forgejo.nix ./tailscale.nix diff --git a/services/forgejo.nix b/services/forgejo.nix index 898a68c..59ee106 100644 --- a/services/forgejo.nix +++ b/services/forgejo.nix @@ -1,12 +1,11 @@ -{ config -, lib -, pkgs -, ... -}: -let - secrets = config.spacestation-secrets.lesser; -in { + config, + lib, + pkgs, + ... +}: let + secrets = config.spacestation-secrets.lesser; +in { imports = [ ../modules/forgejo ]; diff --git a/services/tailscale.nix b/services/tailscale.nix index a638b59..07af817 100644 --- a/services/tailscale.nix +++ b/services/tailscale.nix @@ -1,12 +1,11 @@ -{ config -, lib -, pkgs -, ... -}: -let - secrets = config.spacestation-secrets.lesser; -in { + config, + lib, + pkgs, + ... +}: let + secrets = config.spacestation-secrets.lesser; +in { imports = [ ../modules/tailscale.nix ];