From 86fc4d7f9f88ed60d5a3a4ff4113a29950ccda9a Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Sun, 19 Mar 2023 01:12:10 +0100 Subject: [PATCH] =?UTF-8?q?Don't=20want=20to=20list=20everything,=20a=20to?= =?UTF-8?q?n=20of=20stuff=20=F0=9F=A5=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .envrc | 2 +- checks/default.nix | 23 ++ flake.lock | 351 +++++++++++++++++++++++++-- flake.nix | 31 ++- formatting/default.nix | 11 - hmModules/firefox/default.nix | 2 +- hmModules/qutebrowser/default.nix | 4 +- hmModules/shell/default.nix | 5 + hmModules/sway/default.nix | 2 +- hosts/default.nix | 15 +- hosts/pbp/disko.nix | 73 ++++++ hosts/pbp/hardware-configuration.nix | 15 +- hosts/rock5b/default.nix | 9 +- modules/ccr/default.nix | 6 +- modules/mara/default.nix | 4 +- packages/default.nix | 5 +- shell/default.nix | 4 + 17 files changed, 492 insertions(+), 70 deletions(-) create mode 100644 checks/default.nix delete mode 100644 formatting/default.nix create mode 100644 hosts/pbp/disko.nix diff --git a/.envrc b/.envrc index afd3614..9ac933e 100644 --- a/.envrc +++ b/.envrc @@ -1,2 +1,2 @@ -nix_direnv_watch_file flake.nix utils/default.nix +nix_direnv_watch_file flake.nix shell checks use flake diff --git a/checks/default.nix b/checks/default.nix new file mode 100644 index 0000000..fe77096 --- /dev/null +++ b/checks/default.nix @@ -0,0 +1,23 @@ +{ + inputs, + self, + ... +}: { + imports = [ + inputs.treefmt-nix.flakeModule + inputs.pre-commit-hooks.flakeModule + ]; + + perSystem = _: { + treefmt.config = { + projectRootFile = ".git/config"; + programs.alejandra.enable = true; + }; + + pre-commit.settings.hooks = { + alejandra.enable = true; + # deadnix.enable = true; + # statix.enable = true; + }; + }; +} diff --git a/flake.lock b/flake.lock index 0c5c464..6dbaea0 100644 --- a/flake.lock +++ b/flake.lock @@ -19,6 +19,28 @@ "type": "github" } }, + "alejandra": { + "inputs": { + "fenix": "fenix", + "flakeCompat": "flakeCompat", + "nixpkgs": [ + "nixpkgsUnstable" + ] + }, + "locked": { + "lastModified": 1677033122, + "narHash": "sha256-woPhdK2AvHDWPHD2/Fu3xjJ3TEuHyYyflxAkBKdumfY=", + "owner": "kamadorueda", + "repo": "alejandra", + "rev": "a7005b0c500432549e2aa94fd817f5ff9b529f05", + "type": "github" + }, + "original": { + "owner": "kamadorueda", + "repo": "alejandra", + "type": "github" + } + }, "ccrEmacs": { "inputs": { "emacs-overlay": "emacs-overlay", @@ -103,6 +125,28 @@ "type": "github" } }, + "deadnix": { + "inputs": { + "naersk": "naersk_2", + "nixpkgs": [ + "nixpkgsUnstable" + ], + "utils": "utils_2" + }, + "locked": { + "lastModified": 1679102750, + "narHash": "sha256-ywM9F2VOx5lLxae1EuSQizXZVI9OKrTSTLqZiLafeEU=", + "owner": "astro", + "repo": "deadnix", + "rev": "66833f4c663cb9c24d1cefc70323bd8dba3582cc", + "type": "github" + }, + "original": { + "owner": "astro", + "repo": "deadnix", + "type": "github" + } + }, "devshell": { "flake": false, "locked": { @@ -119,6 +163,26 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgsUnstable" + ] + }, + "locked": { + "lastModified": 1679102303, + "narHash": "sha256-XeBi6u3sWN5lZ8qMsoML+az6yW1MXweafPdAy2QfXnE=", + "owner": "nix-community", + "repo": "disko", + "rev": "93672b9b1ef2b262e2bc49be0fc190ac31ea9c59", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, "dream2nix": { "inputs": { "alejandra": [ @@ -135,7 +199,7 @@ "nci", "devshell" ], - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts_2", "flake-utils-pre-commit": [ "helix", "nci" @@ -236,6 +300,50 @@ "type": "github" } }, + "fenix": { + "inputs": { + "nixpkgs": [ + "alejandra", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1668234453, + "narHash": "sha256-FmuZThToBvRsqCauYJ3l8HJoGLAY5cMULeYEKIaGrRw=", + "owner": "nix-community", + "repo": "fenix", + "rev": "8f219f6b36e8d0d56afa7f67e6e3df63ef013cdb", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "fenix_2": { + "inputs": { + "nixpkgs": [ + "statix", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src_2" + }, + "locked": { + "lastModified": 1645251813, + "narHash": "sha256-cQ66tGjnZclBCS3nD26mZ5fUH+3/HnysGffBiWXUSHk=", + "owner": "nix-community", + "repo": "fenix", + "rev": "9892337b588c38ec59466a1c89befce464aae7f8", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -268,6 +376,22 @@ "type": "github" } }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" @@ -287,24 +411,6 @@ } }, "flake-parts_2": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib_2" - }, - "locked": { - "lastModified": 1678379998, - "narHash": "sha256-TZdfNqftHhDuIFwBcN9MUThx5sQXCTeZk9je5byPKRw=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "c13d60b89adea3dc20704c045ec4d50dd964d447", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_3": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_3" }, @@ -322,7 +428,7 @@ "type": "github" } }, - "flake-parts_4": { + "flake-parts_3": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_4" }, @@ -399,6 +505,55 @@ "type": "indirect" } }, + "flake-utils_5": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flakeCompat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flakeParts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_2" + }, + "locked": { + "lastModified": 1678379998, + "narHash": "sha256-TZdfNqftHhDuIFwBcN9MUThx5sQXCTeZk9je5byPKRw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "c13d60b89adea3dc20704c045ec4d50dd964d447", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "gitignore": { "inputs": { "nixpkgs": [ @@ -421,6 +576,27 @@ "type": "github" } }, + "gitignore_2": { + "inputs": { + "nixpkgs": [ + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "helix": { "inputs": { "nci": "nci", @@ -446,7 +622,7 @@ "nixpkgs": [ "nixpkgsUnstable" ], - "utils": "utils_2" + "utils": "utils_3" }, "locked": { "lastModified": 1676367705, @@ -500,6 +676,28 @@ "type": "github" } }, + "naersk_2": { + "inputs": { + "nixpkgs": [ + "deadnix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1671096816, + "narHash": "sha256-ezQCsNgmpUHdZANDCILm3RvtO1xH8uujk/+EqNvzIOg=", + "owner": "nix-community", + "repo": "naersk", + "rev": "d998160d6a076cfe8f9741e56aeec7e267e3e114", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "naersk", + "type": "github" + } + }, "nci": { "inputs": { "devshell": "devshell", @@ -700,11 +898,11 @@ }, "nixpkgsUnstable": { "locked": { - "lastModified": 1677342105, - "narHash": "sha256-kv1fpkfCJGb0M+LZaCHFUuIS9kRIwyVgupHu86Y28nc=", + "lastModified": 1678898370, + "narHash": "sha256-xTICr1j+uat5hk9FyuPOFGxpWHdJRibwZC+ATi0RbtE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b1f87ca164a9684404c8829b851c3586c4d9f089", + "rev": "ac718d02867a84b42522a0ece52d841188208f2c", "type": "github" }, "original": { @@ -888,10 +1086,36 @@ "type": "github" } }, + "pre-commit-hooks_2": { + "inputs": { + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_5", + "gitignore": "gitignore_2", + "nixpkgs": [ + "nixpkgsUnstable" + ], + "nixpkgs-stable": [ + "nixpkgsStable" + ] + }, + "locked": { + "lastModified": 1678976941, + "narHash": "sha256-skNr08frCwN9NO+7I77MjOHHAw+L410/37JknNld+W4=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "32b1dbedfd77892a6e375737ef04d8efba634e9e", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "rock5b": { "inputs": { "fan-control": "fan-control", - "flake-parts": "flake-parts_4", + "flake-parts": "flake-parts_3", "kernel-src": "kernel-src", "nixpkgs": "nixpkgs_7", "nixpkgs-kernel": "nixpkgs-kernel", @@ -916,9 +1140,12 @@ "root": { "inputs": { "agenix": "agenix", + "alejandra": "alejandra", "ccrEmacs": "ccrEmacs", "comma": "comma", - "flake-parts": "flake-parts_2", + "deadnix": "deadnix", + "disko": "disko", + "flakeParts": "flakeParts", "helix": "helix", "homeManager": "homeManager", "nil": "nil", @@ -927,10 +1154,46 @@ "nixpkgsUnstable": "nixpkgsUnstable", "nom": "nom", "nur": "nur", + "pre-commit-hooks": "pre-commit-hooks_2", "rock5b": "rock5b", + "statix": "statix", "treefmt-nix": "treefmt-nix_2" } }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1668182250, + "narHash": "sha256-PYGaOCiFvnJdVz+ZCaKF8geGdffXjJUNcMwaBHv0FT4=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "45ec315e01dc8dd1146dfeb65f0ef6e5c2efed78", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "rust-analyzer-src_2": { + "flake": false, + "locked": { + "lastModified": 1645205556, + "narHash": "sha256-e4lZW3qRyOEJ+vLKFQP7m2Dxh5P44NrnekZYLxlucww=", + "owner": "rust-analyzer", + "repo": "rust-analyzer", + "rev": "acf5874b39f3dc5262317a6074d9fc7285081161", + "type": "github" + }, + "original": { + "owner": "rust-analyzer", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "rust-overlay": { "inputs": { "flake-utils": "flake-utils_2", @@ -978,6 +1241,27 @@ "type": "github" } }, + "statix": { + "inputs": { + "fenix": "fenix_2", + "nixpkgs": [ + "nixpkgsUnstable" + ] + }, + "locked": { + "lastModified": 1676888642, + "narHash": "sha256-C73LOMVVCkeL0jA5xN7klLEDEB4NkuiATEJY4A/tIyM=", + "owner": "nerdypepper", + "repo": "statix", + "rev": "3c7136a23f444db252a556928c1489869ca3ab4e", + "type": "github" + }, + "original": { + "owner": "nerdypepper", + "repo": "statix", + "type": "github" + } + }, "tow-boot": { "flake": false, "locked": { @@ -1052,6 +1336,21 @@ } }, "utils_2": { + "locked": { + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_3": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", diff --git a/flake.nix b/flake.nix index 200e510..0433804 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "A complete, declarative, and reproducible configuration of my entire Nix fleet"; inputs = { - flake-parts.url = "github:hercules-ci/flake-parts"; + flakeParts.url = "github:hercules-ci/flake-parts"; nixpkgsUnstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgsStable.url = "github:NixOS/nixpkgs/nixos-22.11"; nixosHardware.url = "github:NixOS/nixos-hardware"; @@ -10,6 +10,17 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgsUnstable"; }; + disko = { + url = "github:nix-community/disko"; + inputs.nixpkgs.follows = "nixpkgsUnstable"; + }; + pre-commit-hooks = { + url = "github:cachix/pre-commit-hooks.nix"; + inputs = { + nixpkgs.follows = "nixpkgsUnstable"; + nixpkgs-stable.follows = "nixpkgsStable"; + }; + }; nur.url = "github:nix-community/NUR"; agenix.url = "github:ryantm/agenix"; comma.url = "github:nix-community/comma"; @@ -22,17 +33,29 @@ url = "github:numtide/treefmt-nix"; inputs.nixpkgs.follows = "nixpkgsUnstable"; }; + statix = { + url = "github:nerdypepper/statix"; + inputs.nixpkgs.follows = "nixpkgsUnstable"; + }; + deadnix = { + url = "github:astro/deadnix"; + inputs.nixpkgs.follows = "nixpkgsUnstable"; + }; + alejandra = { + url = "github:kamadorueda/alejandra"; + inputs.nixpkgs.follows = "nixpkgsUnstable"; + }; }; - outputs = inputs @ {flake-parts, ...}: - flake-parts.lib.mkFlake {inherit inputs;} { + outputs = inputs @ {flakeParts, ...}: + flakeParts.lib.mkFlake {inherit inputs;} { imports = [ # ./modules # ./hmModules ./hosts ./packages ./shell - ./formatting + ./checks ]; systems = ["x86_64-linux" "aarch64-linux"]; }; diff --git a/formatting/default.nix b/formatting/default.nix deleted file mode 100644 index cba0a79..0000000 --- a/formatting/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{inputs, ...}: { - imports = [ - inputs.treefmt-nix.flakeModule - ]; - perSystem = {pkgs, ...}: { - treefmt.config = { - projectRootFile = ".git/config"; - programs.alejandra.enable = true; - }; - }; -} diff --git a/hmModules/firefox/default.nix b/hmModules/firefox/default.nix index 3d44c39..e21696f 100644 --- a/hmModules/firefox/default.nix +++ b/hmModules/firefox/default.nix @@ -23,7 +23,7 @@ octolinker org-capture browserpass - bypass-paywalls-clean + # bypass-paywalls-clean ghosttext # or edit-with-emacs? # fx_cast # TODO make PR to rycee NUR repo ]; diff --git a/hmModules/qutebrowser/default.nix b/hmModules/qutebrowser/default.nix index 7f541ca..4a4c68f 100644 --- a/hmModules/qutebrowser/default.nix +++ b/hmModules/qutebrowser/default.nix @@ -3,7 +3,7 @@ config, ... }: let - settings = config.programs.qutebrowser.settings; + inherit (config.programs.qutebrowser) settings; websites = { searx = "https://searx.be"; }; @@ -69,7 +69,7 @@ in { }; odd = { bg = lighter-gray; - fg = settings.colors.tabs.even.fg; + inherit (settings.colors.tabs.even) fg; }; }; completion = { diff --git a/hmModules/shell/default.nix b/hmModules/shell/default.nix index e80a267..903038c 100644 --- a/hmModules/shell/default.nix +++ b/hmModules/shell/default.nix @@ -131,7 +131,12 @@ [ $TERM = "dumb" ] && unsetopt zle && PS1='$ ' # for Emacs TRAMP mode ''; initExtra = '' + # Don't enable VIM emulation when in Emacs [[ -z $INSIDE_EMACS ]] && source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh + + # When enabling starship, home-manager add an `initExtra` rule to disable it when in Emacs but not with VTerm, + # since I use also `eat` besides `vterm` the following line is needed + [[ "$INSIDE_EMACS" =~ "eat" ]] && eval "$(${config.home.profileDirectory}/bin/starship init zsh)" ''; }; diff --git a/hmModules/sway/default.nix b/hmModules/sway/default.nix index 6904105..c42b9e8 100644 --- a/hmModules/sway/default.nix +++ b/hmModules/sway/default.nix @@ -43,7 +43,7 @@ enable = true; wrapperFeatures.gtk = true; config = { - modifier = modifier; + inherit modifier; menu = "${pkgs.fuzzel}/bin/fuzzel --background-color=253559cc --border-radius=5 --border-width=0"; output = let bg = "${./wallpaper.svg} fill"; diff --git a/hosts/default.nix b/hosts/default.nix index e520126..bbc0690 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -41,7 +41,7 @@ agenix.overlays.default comma.overlays.default nur.overlay - nil.overlays.default + nil.overlays.default # FIXME This shouldn't be here ]; }; extraModules = lib.mkOption { @@ -69,7 +69,7 @@ internal = true; default = hostname: config: inputs.nixpkgsUnstable.lib.nixosSystem { - system = config.system; + inherit (config) system; modules = [ ({lib, ...}: { @@ -98,6 +98,7 @@ specialArgs = { fleetModules = builtins.map (moduleName: "${self.outPath}/modules/${moduleName}"); fleetHmModules = builtins.map (moduleName: "${self.outPath}/hmModules/${moduleName}"); + fleetFlake = self; }; }; }; @@ -122,6 +123,16 @@ system = "aarch64-linux"; extraModules = [inputs.rock5b.nixosModules.default]; }; + pbp = { + system = "aarch64-linux"; + extraModules = with inputs; [ + nixosHardware.nixosModules.pine64-pinebook-pro + disko.nixosModules.disko + ]; + extraHmModules = [ + inputs.ccrEmacs.hmModules.default + ]; + }; }; flake.nixosConfigurations = diff --git a/hosts/pbp/disko.nix b/hosts/pbp/disko.nix new file mode 100644 index 0000000..31736ee --- /dev/null +++ b/hosts/pbp/disko.nix @@ -0,0 +1,73 @@ +_: { + disk = { + emmc = { + device = "/dev/mmcblk2"; + type = "disk"; + content = { + type = "table"; + format = "gpt"; + partitions = [ + { + name = "root"; + type = "partition"; + start = "1MiB"; + end = "-4G"; + part-type = "primary"; + bootable = false; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + } + { + name = "swap"; + type = "partition"; + start = "-4G"; + end = "100%"; + part-type = "primary"; + content = { + type = "swap"; + randomEncryption = true; + }; + } + ]; + }; + }; + ssd = { + device = "/dev/nvme0n1"; + type = "disk"; + content = { + type = "table"; + format = "gpt"; + partitions = [ + { + type = "partition"; + name = "ESP"; + start = "1MiB"; + end = "1024MiB"; + bootable = true; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + } + { + name = "home"; + type = "partition"; + start = "1024MiB"; + end = "100%"; + part-type = "primary"; + bootable = false; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/home"; + }; + } + ]; + }; + }; + }; +} diff --git a/hosts/pbp/hardware-configuration.nix b/hosts/pbp/hardware-configuration.nix index 3c6d6d0..e038154 100644 --- a/hosts/pbp/hardware-configuration.nix +++ b/hosts/pbp/hardware-configuration.nix @@ -4,6 +4,8 @@ pkgs, ... }: { + disko.devices = import ./disko.nix {}; + boot = { initrd.availableKernelModules = ["usbhid"]; extraModulePackages = with config.boot.kernelPackages; [ @@ -46,19 +48,6 @@ time.timeZone = "Europe/Rome"; - fileSystems = { - "/" = { - device = "/dev/disk/by-label/nixos"; - fsType = "btrfs"; - }; - "/boot" = { - device = "/dev/disk/by-label/boot"; - fsType = "vfat"; - }; - }; - - swapDevices = [{device = "/dev/disk/by-label/swap";}]; - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; services.logind.extraConfig = '' diff --git a/hosts/rock5b/default.nix b/hosts/rock5b/default.nix index e98d1ff..a88e78b 100644 --- a/hosts/rock5b/default.nix +++ b/hosts/rock5b/default.nix @@ -1,4 +1,5 @@ { + fleetFlake, fleetModules, lib, pkgs, @@ -17,11 +18,13 @@ ccr.enable = true; + # programs.sway.enable = true; + services.rock5b-fan-control.enable = true; - nixpkgs.config.permittedInsecurePackages = [ - "libav-11.12" - ]; + # nixpkgs.config.permittedInsecurePackages = [ + # "libav-11.12" + # ]; fileSystems."/mnt/film" = { device = "//ccr.ydns.eu/film"; diff --git a/modules/ccr/default.nix b/modules/ccr/default.nix index a15e8cc..31871e1 100644 --- a/modules/ccr/default.nix +++ b/modules/ccr/default.nix @@ -48,10 +48,10 @@ config = lib.mkIf config.ccr.enable { users.users.ccr = { uid = 1000; - hashedPassword = config.ccr.hashedPassword; + inherit (config.ccr) hashedPassword; description = "Andrea Ciceri"; isNormalUser = true; - extraGroups = config.ccr.extraGroups; + inherit (config.ccr) extraGroups; shell = pkgs.zsh; openssh.authorizedKeys.keys = config.ccr.authorizedKeys; }; @@ -69,7 +69,7 @@ ++ [ { _module.args = { - secrets = config.age.secrets; + inherit (config.age) secrets; }; } ]; diff --git a/modules/mara/default.nix b/modules/mara/default.nix index b8a5f07..773de1e 100644 --- a/modules/mara/default.nix +++ b/modules/mara/default.nix @@ -47,10 +47,10 @@ config = lib.mkIf config.mara.enable { users.users.mara = { uid = 1001; - hashedPassword = config.mara.hashedPassword; + inherit (config.mara) hashedPassword; description = "Mara Savastano"; isNormalUser = true; - extraGroups = config.mara.extraGroups; + inherit (config.mara) extraGroups; shell = pkgs.zsh; openssh.authorizedKeys.keys = config.mara.authorizedKeys; }; diff --git a/packages/default.nix b/packages/default.nix index 3851f20..d839330 100644 --- a/packages/default.nix +++ b/packages/default.nix @@ -19,7 +19,10 @@ agenix.overlays.default comma.overlays.default nur.overlay + deadnix.overlays.default + statix.overlays.default nil.overlays.default + alejandra.overlays.default ]; }; @@ -30,7 +33,7 @@ }: { _module.args.pkgs = lib.foldl - (legacyPackages: overlay: legacyPackages.extend overlay) + (legacyPackages: legacyPackages.extend) inputs.nixpkgsUnstable.legacyPackages.${system} config.fleet.overlays; }; diff --git a/shell/default.nix b/shell/default.nix index 3a9acc2..8363f3c 100644 --- a/shell/default.nix +++ b/shell/default.nix @@ -10,9 +10,13 @@ buildInputs = with pkgs; [ git agenix + deadnix + statix + alejandra ]; shellHook = '' export RULES="$(git rev-parse --show-toplevel)/secrets/default.nix"; + ${config.pre-commit.installationScript} ''; }; };