format

2025-03-18 16:27:20 +01:00
parent 923ab37209
commit cc32af7b80
131 changed files with 2383 additions and 2224 deletions
--- a/systems/adam-site/disk-config.nix
+++ b/systems/adam-site/disk-config.nix
@@ -6,7 +6,7 @@
      device = lib.mkDefault "/dev/sda";
      type = "disk";
      content = {
-          type = "gpt";
+        type = "gpt";
        partitions = {
          boot = {
            name = "boot";
--- a/systems/amd-server-vm/configuration.nix
+++ b/systems/amd-server-vm/configuration.nix
@@ -1,7 +1,8 @@
 { config, pkgs, modulesPath, lib, ... }:

 {
-  imports = [ # Include the results of the hardware scan.
+  imports = [
+    # Include the results of the hardware scan.
    #./hardware-configuration.nix
    ../../modules/services/ssh.nix
    ../../modules/services/step-ca.nix
@@ -45,22 +46,24 @@
    };
    misc = {
      docker.enable = true;
-      backup = let
-        kavita = "/data/kavita";
-        gitolite = "/var/lib/gitolite";
-        syncthing = [ "/data/synced/default/" "/data/synced/work_drive/" ];
-        syncthingFull = syncthing
-          ++ [ "/data/synced/fh/" "/data/synced/books/" ];
-        backupPathsSmall = [ "/home" gitolite ] ++ syncthing;
-        backupPathsMedium = [ "/home" gitolite ] ++ syncthing;
-        backupPathsFull = [ "/home" kavita gitolite ] ++ syncthingFull;
-      in {
-        enable = true;
-        excludePaths = lib.mkOptionDefault [ "${kavita}/manga" ];
-        small = backupPathsSmall; # goes to backblaze
-        medium = backupPathsMedium; # goes to gdrive
-        large = backupPathsFull; # goes to local storage medium
-      };
+      backup =
+        let
+          kavita = "/data/kavita";
+          gitolite = "/var/lib/gitolite";
+          syncthing = [ "/data/synced/default/" "/data/synced/work_drive/" ];
+          syncthingFull = syncthing
+            ++ [ "/data/synced/fh/" "/data/synced/books/" ];
+          backupPathsSmall = [ "/home" gitolite ] ++ syncthing;
+          backupPathsMedium = [ "/home" gitolite ] ++ syncthing;
+          backupPathsFull = [ "/home" kavita gitolite ] ++ syncthingFull;
+        in
+        {
+          enable = true;
+          excludePaths = lib.mkOptionDefault [ "${kavita}/manga" ];
+          small = backupPathsSmall; # goes to backblaze
+          medium = backupPathsMedium; # goes to gdrive
+          large = backupPathsFull; # goes to local storage medium
+        };
    };
    services = {
      acme.enable = true;
--- a/systems/amd-server/configuration.nix
+++ b/systems/amd-server/configuration.nix
@@ -5,7 +5,8 @@
 { config, lib, pkgs, ... }:

 {
-  imports = [ # Include the results of the hardware scan.
+  imports = [
+    # Include the results of the hardware scan.
    ./hardware-configuration.nix
    ../../modules/kernel.nix
    ../../modules/services/ssh.nix
--- a/systems/laptop/configuration.nix
+++ b/systems/laptop/configuration.nix
@@ -1,5 +1,6 @@
 { config, pkgs, inputs, ... }: {
-  imports = [ # Include the results of the hardware scan.
+  imports = [
+    # Include the results of the hardware scan.
    ./hardware-configuration.nix
    ./modules/battery.nix
    ../../modules/ecryptfs.nix
@@ -86,19 +87,21 @@
  #  "d /docker-data 0755 kopatz users"
  #];

-  security.pki.certificates = [''
-    -----BEGIN CERTIFICATE-----
-    MIIBjTCCATKgAwIBAgIRAMVH2+JHZ3wm2fLUlKjTYDswCgYIKoZIzj0EAwIwJDEM
-    MAoGA1UEChMDS29wMRQwEgYDVQQDEwtLb3AgUm9vdCBDQTAeFw0yMzEyMDgxNDUx
-    MTZaFw0zMzEyMDUxNDUxMTZaMCQxDDAKBgNVBAoTA0tvcDEUMBIGA1UEAxMLS29w
-    IFJvb3QgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATdZBOkNynShXipzhuX
-    f6dUByD3chNupNWsagYC5AlPRJT9fAeHEIK/bxWkFwRtLBDopWvBu9lHahBgpHc7
-    y7rTo0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAdBgNV
-    HQ4EFgQU9AVtwipW5HDBLfZRH1KZCnIKCfowCgYIKoZIzj0EAwIDSQAwRgIhAMHj
-    AipNdhQKIYPvMt/h1uW4xP3NTkitnmshM09+rIasAiEAlSalGddXDkqJBHhPD+Fr
-    gpuVkfVkA8gQCXNs5F9TnxA=
-    -----END CERTIFICATE-----
-  ''];
+  security.pki.certificates = [
+    ''
+      -----BEGIN CERTIFICATE-----
+      MIIBjTCCATKgAwIBAgIRAMVH2+JHZ3wm2fLUlKjTYDswCgYIKoZIzj0EAwIwJDEM
+      MAoGA1UEChMDS29wMRQwEgYDVQQDEwtLb3AgUm9vdCBDQTAeFw0yMzEyMDgxNDUx
+      MTZaFw0zMzEyMDUxNDUxMTZaMCQxDDAKBgNVBAoTA0tvcDEUMBIGA1UEAxMLS29w
+      IFJvb3QgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATdZBOkNynShXipzhuX
+      f6dUByD3chNupNWsagYC5AlPRJT9fAeHEIK/bxWkFwRtLBDopWvBu9lHahBgpHc7
+      y7rTo0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAdBgNV
+      HQ4EFgQU9AVtwipW5HDBLfZRH1KZCnIKCfowCgYIKoZIzj0EAwIDSQAwRgIhAMHj
+      AipNdhQKIYPvMt/h1uW4xP3NTkitnmshM09+rIasAiEAlSalGddXDkqJBHhPD+Fr
+      gpuVkfVkA8gQCXNs5F9TnxA=
+      -----END CERTIFICATE-----
+    ''
+  ];

  system.stateVersion = "23.05"; # Did you read the comment?
 }
--- a/systems/laptop/hardware-configuration.nix
+++ b/systems/laptop/hardware-configuration.nix
@@ -5,7 +5,8 @@

 {
  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
    ];

  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "uas" "sd_mod" "rtsx_pci_sdmmc" ];
@@ -14,18 +15,19 @@
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/10537ea5-9d9f-4be8-8509-c7f9c9b978b8";
+    {
+      device = "/dev/disk/by-uuid/10537ea5-9d9f-4be8-8509-c7f9c9b978b8";
      fsType = "ext4";
    };

  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/C163-6BD5";
+    {
+      device = "/dev/disk/by-uuid/C163-6BD5";
      fsType = "vfat";
    };

  swapDevices =
-    [ { device = "/dev/disk/by-uuid/3ef4829c-e9ea-4cc0-85a1-bd8e704b9940"; }
-    ];
+    [{ device = "/dev/disk/by-uuid/3ef4829c-e9ea-4cc0-85a1-bd8e704b9940"; }];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
--- a/systems/mini-pc-proxmox/configuration.nix
+++ b/systems/mini-pc-proxmox/configuration.nix
@@ -5,7 +5,8 @@
 { config, pkgs, modulesPath, lib, ... }:

 {
-  imports = [ # Include the results of the hardware scan.
+  imports = [
+    # Include the results of the hardware scan.
    ./hardware-configuration.nix
    ../../modules/services/ssh.nix
    ../../modules/services/step-ca.nix
@@ -47,21 +48,23 @@
    };
    misc = {
      docker.enable = true;
-      backup = let
-        kavita = "/data/kavita";
-        gitolite = "/var/lib/gitolite";
-        syncthing = [ "/data/synced/default/" "/data/synced/work_drive/" ];
-        syncthingFull = syncthing
-          ++ [ "/data/synced/fh/" "/data/synced/books/" ];
-        backupPathsSmall = [ "/home" gitolite ] ++ syncthing;
-        backupPathsMedium = [ "/home" gitolite ] ++ syncthing;
-        backupPathsFull = [ "/home" kavita gitolite ] ++ syncthingFull;
-      in {
-        enable = true;
-        small = backupPathsSmall; # goes to backblaze
-        medium = backupPathsMedium; # goes to gdrive
-        large = backupPathsFull; # goes to local storage medium
-      };
+      backup =
+        let
+          kavita = "/data/kavita";
+          gitolite = "/var/lib/gitolite";
+          syncthing = [ "/data/synced/default/" "/data/synced/work_drive/" ];
+          syncthingFull = syncthing
+            ++ [ "/data/synced/fh/" "/data/synced/books/" ];
+          backupPathsSmall = [ "/home" gitolite ] ++ syncthing;
+          backupPathsMedium = [ "/home" gitolite ] ++ syncthing;
+          backupPathsFull = [ "/home" kavita gitolite ] ++ syncthingFull;
+        in
+        {
+          enable = true;
+          small = backupPathsSmall; # goes to backblaze
+          medium = backupPathsMedium; # goes to gdrive
+          large = backupPathsFull; # goes to local storage medium
+        };
    };
    services = {
      acme.enable = true;
--- a/systems/mini-pc-proxmox/hardware-configuration.nix
+++ b/systems/mini-pc-proxmox/hardware-configuration.nix
@@ -5,13 +5,15 @@

 {
  fileSystems."/data" =
-    { device = "/dev/disk/by-uuid/d117419d-fce9-4d52-85c7-e3481feaa22a";
+    {
+      device = "/dev/disk/by-uuid/d117419d-fce9-4d52-85c7-e3481feaa22a";
      fsType = "btrfs";
      options = [ "compress=zstd" "noatime" "nofail" ];
    };
  fileSystems."/1tbssd" =
-    { device = "/dev/disk/by-uuid/801d9217-9c38-4ca8-914e-e31361603892";
+    {
+      device = "/dev/disk/by-uuid/801d9217-9c38-4ca8-914e-e31361603892";
      fsType = "ext4";
-      options = ["defaults" "nofail" "noatime"];
+      options = [ "defaults" "nofail" "noatime" ];
    };
- }
+}
--- a/systems/mini-pc/configuration.nix
+++ b/systems/mini-pc/configuration.nix
@@ -5,7 +5,8 @@
 { config, pkgs, ... }:

 {
-  imports = [ # Include the results of the hardware scan.
+  imports = [
+    # Include the results of the hardware scan.
    ./hardware-configuration.nix
    ../../modules/services/ssh.nix
    ../../modules/services/step-ca.nix
@@ -38,20 +39,22 @@
    misc = {
      btrfs.enable = true;
      docker.enable = true;
-      backup = let
-        kavita = "/data/kavita";
-        gitolite = "/var/lib/gitolite";
-        syncthing = [ "/synced/default/" "/synced/work_drive/" ];
-        syncthingFull = syncthing ++ [ "/synced/fh/" "/synced/books/" ];
-        backupPathsSmall = [ "/home" gitolite ] ++ syncthing;
-        backupPathsMedium = [ "/home" gitolite ] ++ syncthing;
-        backupPathsFull = [ "/home" kavita gitolite ] ++ syncthingFull;
-      in {
-        enable = true;
-        small = backupPathsSmall; # goes to backblaze
-        medium = backupPathsMedium; # goes to gdrive
-        large = backupPathsFull; # goes to local storage medium
-      };
+      backup =
+        let
+          kavita = "/data/kavita";
+          gitolite = "/var/lib/gitolite";
+          syncthing = [ "/synced/default/" "/synced/work_drive/" ];
+          syncthingFull = syncthing ++ [ "/synced/fh/" "/synced/books/" ];
+          backupPathsSmall = [ "/home" gitolite ] ++ syncthing;
+          backupPathsMedium = [ "/home" gitolite ] ++ syncthing;
+          backupPathsFull = [ "/home" kavita gitolite ] ++ syncthingFull;
+        in
+        {
+          enable = true;
+          small = backupPathsSmall; # goes to backblaze
+          medium = backupPathsMedium; # goes to gdrive
+          large = backupPathsFull; # goes to local storage medium
+        };
    };
    services = {
      acme.enable = true;
--- a/systems/mini-pc/hardware-configuration.nix
+++ b/systems/mini-pc/hardware-configuration.nix
@@ -5,7 +5,8 @@

 {
  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
    ];

  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ehci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
@@ -14,7 +15,8 @@
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/193dfa08-bf89-4a8b-a159-592c0a0b4d6e";
+    {
+      device = "/dev/disk/by-uuid/193dfa08-bf89-4a8b-a159-592c0a0b4d6e";
      fsType = "ext4";
      options = [
        "defaults"
@@ -23,25 +25,27 @@
    };

  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/EEC1-C78B";
+    {
+      device = "/dev/disk/by-uuid/EEC1-C78B";
      fsType = "vfat";
      options = [ "fmask=0022" "dmask=0022" ];
    };

  fileSystems."/data" =
-    { device = "/dev/disk/by-uuid/d117419d-fce9-4d52-85c7-e3481feaa22a";
+    {
+      device = "/dev/disk/by-uuid/d117419d-fce9-4d52-85c7-e3481feaa22a";
      fsType = "btrfs";
      options = [ "compress=zstd" "noatime" "nofail" ];
    };
  fileSystems."/1tbssd" =
-    { device = "/dev/disk/by-uuid/801d9217-9c38-4ca8-914e-e31361603892";
+    {
+      device = "/dev/disk/by-uuid/801d9217-9c38-4ca8-914e-e31361603892";
      fsType = "ext4";
-      options = ["defaults" "nofail" "noatime"];
+      options = [ "defaults" "nofail" "noatime" ];
    };

  swapDevices =
-    [ { device = "/dev/disk/by-uuid/af6bf3d5-07a4-4139-9464-ffc1c4e23549"; }
-    ];
+    [{ device = "/dev/disk/by-uuid/af6bf3d5-07a4-4139-9464-ffc1c4e23549"; }];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
--- a/systems/pc/configuration.nix
+++ b/systems/pc/configuration.nix
@@ -3,7 +3,8 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).

 { config, pkgs, lib, inputs, ... }: {
-  imports = [ # Include the results of the hardware scan.
+  imports = [
+    # Include the results of the hardware scan.
    ./hardware-configuration.nix
    ../../modules/flatpak.nix
    ../../modules/gpg.nix
@@ -220,19 +221,21 @@
  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;

-  security.pki.certificates = [''
-    -----BEGIN CERTIFICATE-----
-    MIIBjTCCATKgAwIBAgIRAMVH2+JHZ3wm2fLUlKjTYDswCgYIKoZIzj0EAwIwJDEM
-    MAoGA1UEChMDS29wMRQwEgYDVQQDEwtLb3AgUm9vdCBDQTAeFw0yMzEyMDgxNDUx
-    MTZaFw0zMzEyMDUxNDUxMTZaMCQxDDAKBgNVBAoTA0tvcDEUMBIGA1UEAxMLS29w
-    IFJvb3QgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATdZBOkNynShXipzhuX
-    f6dUByD3chNupNWsagYC5AlPRJT9fAeHEIK/bxWkFwRtLBDopWvBu9lHahBgpHc7
-    y7rTo0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAdBgNV
-    HQ4EFgQU9AVtwipW5HDBLfZRH1KZCnIKCfowCgYIKoZIzj0EAwIDSQAwRgIhAMHj
-    AipNdhQKIYPvMt/h1uW4xP3NTkitnmshM09+rIasAiEAlSalGddXDkqJBHhPD+Fr
-    gpuVkfVkA8gQCXNs5F9TnxA=
-    -----END CERTIFICATE-----
-  ''];
+  security.pki.certificates = [
+    ''
+      -----BEGIN CERTIFICATE-----
+      MIIBjTCCATKgAwIBAgIRAMVH2+JHZ3wm2fLUlKjTYDswCgYIKoZIzj0EAwIwJDEM
+      MAoGA1UEChMDS29wMRQwEgYDVQQDEwtLb3AgUm9vdCBDQTAeFw0yMzEyMDgxNDUx
+      MTZaFw0zMzEyMDUxNDUxMTZaMCQxDDAKBgNVBAoTA0tvcDEUMBIGA1UEAxMLS29w
+      IFJvb3QgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATdZBOkNynShXipzhuX
+      f6dUByD3chNupNWsagYC5AlPRJT9fAeHEIK/bxWkFwRtLBDopWvBu9lHahBgpHc7
+      y7rTo0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAdBgNV
+      HQ4EFgQU9AVtwipW5HDBLfZRH1KZCnIKCfowCgYIKoZIzj0EAwIDSQAwRgIhAMHj
+      AipNdhQKIYPvMt/h1uW4xP3NTkitnmshM09+rIasAiEAlSalGddXDkqJBHhPD+Fr
+      gpuVkfVkA8gQCXNs5F9TnxA=
+      -----END CERTIFICATE-----
+    ''
+  ];

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
--- a/systems/pc/hardware-configuration.nix
+++ b/systems/pc/hardware-configuration.nix
@@ -5,7 +5,8 @@

 {
  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
    ];

  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
@@ -14,7 +15,8 @@
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/dd65bdf8-c003-439c-a1aa-d050cb20959d";
+    {
+      device = "/dev/disk/by-uuid/dd65bdf8-c003-439c-a1aa-d050cb20959d";
      fsType = "ext4";
      options = [
        "defaults"
@@ -23,7 +25,8 @@
    };

  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/CC7C-CF82";
+    {
+      device = "/dev/disk/by-uuid/CC7C-CF82";
      fsType = "vfat";
    };

--- a/systems/proxmox-test-vm/disk-config.nix
+++ b/systems/proxmox-test-vm/disk-config.nix
@@ -6,7 +6,7 @@
      device = lib.mkDefault "/dev/sda";
      type = "disk";
      content = {
-          type = "gpt";
+        type = "gpt";
        partitions = {
          boot = {
            name = "boot";
--- a/systems/userdata-default.nix
+++ b/systems/userdata-default.nix
@@ -1,3 +1 @@
-{
-
-}
+{ }
--- a/systems/wsl/configuration.nix
+++ b/systems/wsl/configuration.nix
@@ -5,12 +5,12 @@
 # NixOS-WSL specific options are documented on the NixOS-WSL repository:
 # https://github.com/nix-community/NixOS-WSL

-{ config, lib, pkgs, inputs, ... } : #nixos-wsl, ... }:
+{ config, lib, pkgs, inputs, ... }: #nixos-wsl, ... }:

 {
  imports = [
    # include NixOS-WSL modules
-#   <nixos-wsl/modules>
+    #   <nixos-wsl/modules>
  ];

  wsl = {
@@ -20,7 +20,7 @@
    wslConf = {
      automount.root = "/mnt";
      user.default = lib.mkForce "anon";
-      interop = { enabled = false; appendWindowsPath = false;};
+      interop = { enabled = false; appendWindowsPath = false; };
    };
  };

@@ -32,7 +32,7 @@
  };
  nix.settings.trusted-substituters = [ "https://ai.cachix.org" ];
  nix.settings.trusted-public-keys = [ "ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc=" ];
-  nix.settings.experimental-features = [ "nix-command" "flakes" ];  
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];

  environment.systemPackages = with pkgs; [
    openssh