diff --git a/default.nix b/default.nix index 8f6fa12..70b837d 100644 --- a/default.nix +++ b/default.nix @@ -1,12 +1,13 @@ let nix-pre-commit-hooks = import (builtins.fetchTarball "https://github.com/cachix/pre-commit-hooks.nix/tarball/master"); -in { +in +{ pre-commit-check = nix-pre-commit-hooks.run { src = ./.; hooks = { shellcheck.enable = true; - nixfmt.enable = true; + nixpkgs-fmt.enable = true; }; }; } diff --git a/flake.nix b/flake.nix index ce51231..70c3993 100644 --- a/flake.nix +++ b/flake.nix @@ -13,54 +13,56 @@ }; outputs = { self, darwin, home-manager, nixpkgs, nixos-hardware }: { - nixosConfigurations = let - defaultModules = [ - home-manager.nixosModules.home-manager - ./main/desktop.nix - ./main/fonts.nix - ./main/general.nix - ./main/kernel.nix - ./main/netdata/default.nix - ./main/networking.nix - ./main/packages.nix - ./main/printing.nix + nixosConfigurations = + let + defaultModules = [ + home-manager.nixosModules.home-manager + ./main/desktop.nix + ./main/fonts.nix + ./main/general.nix + ./main/kernel.nix + ./main/netdata/default.nix + ./main/networking.nix + ./main/packages.nix + ./main/printing.nix - ({ config, lib, lib', ... }: { - config = { - _module.args = { - lib' = lib // import ./lib { inherit config lib; }; + ({ config, lib, lib', ... }: { + config = { + _module.args = { + lib' = lib // import ./lib { inherit config lib; }; + }; + + nix = { + autoOptimiseStore = true; + binaryCaches = [ "https://davegallant.cachix.org" ]; + binaryCachePublicKeys = [ + "davegallant.cachix.org-1:SsUMqL4+tF2R3/G6X903E9laLlY1rES2QKFfePegF08=" + ]; + useSandbox = false; + registry = { nixpkgs.flake = nixpkgs; }; + trustedUsers = [ "root" "dave" ]; + }; + + nixpkgs.overlays = [ (import ./overlays) ]; + + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.dave.imports = [ ./home/default.nix ]; + }; }; - - nix = { - autoOptimiseStore = true; - binaryCaches = [ "https://davegallant.cachix.org" ]; - binaryCachePublicKeys = [ - "davegallant.cachix.org-1:SsUMqL4+tF2R3/G6X903E9laLlY1rES2QKFfePegF08=" - ]; - useSandbox = false; - registry = { nixpkgs.flake = nixpkgs; }; - trustedUsers = [ "root" "dave" ]; - }; - - nixpkgs.overlays = [ (import ./overlays) ]; - - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - users.dave.imports = [ ./home/default.nix ]; - }; - }; - }) - ]; - in { - hephaestus = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./machines/hephaestus/configuration.nix - ./machines/hephaestus/hardware.nix - ] ++ defaultModules; + }) + ]; + in + { + hephaestus = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./machines/hephaestus/configuration.nix + ./machines/hephaestus/hardware.nix + ] ++ defaultModules; + }; }; - }; darwinConfigurations = { demeter = darwin.lib.darwinSystem { modules = [ diff --git a/home/default.nix b/home/default.nix index 59a5402..8964590 100644 --- a/home/default.nix +++ b/home/default.nix @@ -11,9 +11,8 @@ let }; }; inherit (pkgs) stdenv; -in { - - home = { sessionVariables = { EDITOR = "vim"; }; }; +in +{ services = { gpg-agent = { @@ -115,6 +114,7 @@ in { export PATH=$PATH:~/.local/bin export PATH=$PATH:~/go/bin export PAGER=less + export EDITOR=vim eval "$(direnv hook zsh)" eval "$(_RFD_COMPLETE=source_zsh rfd)" @@ -244,7 +244,7 @@ in { extraConfig = '' set -g @plugin 'seebi/tmux-colors-solarized' set -g @colors-solarized 'dark' - ''; + ''; } ]; extraConfig = '' diff --git a/machines/hephaestus/configuration.nix b/machines/hephaestus/configuration.nix index 5bda5e9..0b7aa10 100644 --- a/machines/hephaestus/configuration.nix +++ b/machines/hephaestus/configuration.nix @@ -15,6 +15,7 @@ address = "192.168.0.1"; interface = "enp34s0"; }; + firewall = { allowedTCPPorts = [ 8001 ]; }; }; # Enable the OpenSSH server. diff --git a/main/netdata/default.nix b/main/netdata/default.nix index e8568c9..7c0e118 100644 --- a/main/netdata/default.nix +++ b/main/netdata/default.nix @@ -3,7 +3,8 @@ let netdata = pkgs.netdata; netdataConf = ./netdata.conf; netdataDir = "/var/lib/netdata"; -in { +in +{ users.extraGroups.netdata.gid = 220008; users.extraUsers.netdata = { description = "Netdata server user"; diff --git a/main/packages.nix b/main/packages.nix index ebacd82..76bdf95 100644 --- a/main/packages.nix +++ b/main/packages.nix @@ -1,7 +1,8 @@ { config, lib, pkgs, ... }: let inherit (pkgs) stdenv; -in { +in +{ # System-wide packages to install. environment.systemPackages = with pkgs; let @@ -58,7 +59,7 @@ in { netdata procs - # databases + # data tools postgresql # password managers @@ -100,7 +101,7 @@ in { nmap openssl openvpn - sshfs + sshfs # mac requires https://osxfuse.github.io/ vpngate whois wireshark @@ -179,6 +180,7 @@ in { # Unsupported on darwin but likely should be: bandwhich brave + datasette deluge discord firefox @@ -192,7 +194,8 @@ in { yuzu zoom-us ]); - in common; + in + common; # Install GnuPG agent. programs.gnupg.agent.enable = true; diff --git a/overlays/changedetection.io/default.nix b/overlays/changedetection.io/default.nix index c222f28..8d6a3e3 100644 --- a/overlays/changedetection.io/default.nix +++ b/overlays/changedetection.io/default.nix @@ -22,7 +22,8 @@ let }; }; }; -in with py.pkgs; +in +with py.pkgs; buildPythonApplication rec { pname = "changedetection.io"; version = "0.30"; diff --git a/overlays/lastpass/default.nix b/overlays/lastpass/default.nix index d76a055..759e20d 100644 --- a/overlays/lastpass/default.nix +++ b/overlays/lastpass/default.nix @@ -1,5 +1,16 @@ -{ stdenv, lib, fetchFromGitHub, asciidoc, cmake, docbook_xsl, pkgconfig -, bash-completion, curl, openssl, libxml2, libxslt }: +{ stdenv +, lib +, fetchFromGitHub +, asciidoc +, cmake +, docbook_xsl +, pkgconfig +, bash-completion +, curl +, openssl +, libxml2 +, libxslt +}: stdenv.mkDerivation rec { pname = "lpass"; diff --git a/overlays/rfd/default.nix b/overlays/rfd/default.nix index 07aa998..3edc4f7 100644 --- a/overlays/rfd/default.nix +++ b/overlays/rfd/default.nix @@ -2,7 +2,8 @@ let py = python3.override { }; -in with py.pkgs; +in +with py.pkgs; buildPythonApplication rec { pname = "rfd"; version = "v0.7.1";