nixfmt

nixos/common/common.nix

@@ -1,8 +1,5 @@
 { config, lib, pkgs, ... }: {
-  imports = [
+  imports = [ ./users ./modules ];
-    ./users
-    ./modules
-  ];
 
   # Clean /tmp on boot.
   boot.tmp.cleanOnBoot = true;

nixos/common/generic-lxc.nix

@@ -2,7 +2,11 @@ _: {
   # See also: https://blog.xirion.net/posts/nixos-proxmox-lxc/
 
   # Supress systemd services that don't work (correctly) on LXC
-  systemd.suppressedSystemUnits = [ "dev-mqueue.mount" "sys-kernel-debug.mount" "sys-fs-fuse-connections.mount" ];
+  systemd.suppressedSystemUnits = [
+    "dev-mqueue.mount"
+    "sys-kernel-debug.mount"
+    "sys-fs-fuse-connections.mount"
+  ];
 
   # https://github.com/NixOS/nixpkgs/issues/157449#issuecomment-1459299764
   boot.specialFileSystems."/run".options = [ "rshared" ];

nixos/common/hm-modules/catppuccin.nix

@@ -2,9 +2,7 @@
 with lib;
 let cfg = config.themes.v.catppuccin;
 in {
-  options.themes.v.catppuccin = {
+  options.themes.v.catppuccin = { enable = mkEnableOption "catppuccin"; };
-    enable = mkEnableOption "catppuccin";
-  };
   config = let
     theme = "Catppuccin-Pink-Dark";
     cursorTheme = config.home.pointerCursor.name;

nixos/common/hm-modules/default.nix

@@ -1,8 +1 @@
-{ ... }: {
+{ ... }: { imports = [ ./catppuccin.nix ./nvim.nix ./riff.nix ./vscode.nix ]; }
-  imports = [
-    ./catppuccin.nix
-    ./nvim.nix
-    ./riff.nix
-    ./vscode.nix
-  ];
-}

nixos/common/hm-modules/nvim.nix

@@ -2,9 +2,7 @@
 with lib;
 let cfg = config.programs.v.nvim;
 in {
-  options.programs.v.nvim = {
+  options.programs.v.nvim = { enable = mkEnableOption "nvim"; };
-    enable = mkEnableOption "nvim";
-  };
   config = mkIf cfg.enable {
     programs.nixvim = {
       enable = true;

nixos/common/modules/default.nix

@@ -1,9 +1,3 @@
 { ... }: {
-  imports = [
+  imports = [ ./dns.nix ./flood.nix ./gnome ./unpackerr.nix ./vault.nix ];
-    ./dns.nix
-    ./flood.nix
-    ./gnome
-    ./unpackerr.nix
-    ./vault.nix
-  ];
 }

nixos/common/modules/dns.nix

@@ -9,13 +9,13 @@ let
   ipv6Hosts = filter (hasAttr "ip6") flat_hosts;
 
   localData = { hostname, realm, ip, ... }: ''"${hostname}.${realm}. A ${ip}"'';
-  local6Data = { hostname, realm, ip6, ... }: ''"${hostname}.${realm}. AAAA ${ip6}"'';
+  local6Data = { hostname, realm, ip6, ... }:
+    ''"${hostname}.${realm}. AAAA ${ip6}"'';
   ptrData = { hostname, realm, ip, ... }: ''"${ip} ${hostname}.${realm}"'';
   ptr6Data = { hostname, realm, ip6, ... }: ''"${ip6} ${hostname}.${realm}"'';
 
   cfg = config.services.v.dns;
-in
+in {
-{
   options.services.v.dns = {
     enable = mkEnableOption "v.dns";
 
@@ -50,7 +50,8 @@ in
             use-syslog = "yes";
             module-config = ''"validator iterator"'';
 
-            local-zone = map (localdomain: ''"${localdomain}}." transparent'') domains;
+            local-zone =
+              map (localdomain: ''"${localdomain}}." transparent'') domains;
             local-data = (map localData ipv4Host) ++ (map local6Data ipv6Hosts);
             local-data-ptr = (map ptrData ipv4Host) ++ (map ptr6Data ipv6Hosts);
 
@@ -83,10 +84,7 @@ in
           })
           (mkIf (cfg.mode == "laptop") {
             interface = [ "127.0.0.1" "::1" ];
-            access-control = [
+            access-control = [ "127.0.0.1/32 allow_snoop" "::1 allow_snoop" ];
-              "127.0.0.1/32 allow_snoop"
-              "::1 allow_snoop"
-            ];
           })
         ];
       };

nixos/common/modules/flood.nix

@@ -147,6 +147,7 @@ in {
     };
 
     # This is needed to create the dataDir with the correct permissions.
-    systemd.tmpfiles.rules = [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ];
+    systemd.tmpfiles.rules =
+      [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ];
   };
 }

nixos/common/modules/gnome/hm.nix

@@ -48,8 +48,6 @@ in {
     "image/x-icns" = "org.gnome.eog.desktop";
   };
 
-
-
   dconf.settings = {
     "org/gnome/desktop/input-sources" = {
       sources = [ (mkTuple [ "xkb" "us+altgr-intl" ]) ];

nixos/common/modules/unpackerr.nix

@@ -57,8 +57,7 @@ let
       '';
     };
   };
-in
+in {
-{
   options.services.unpackerr = {
     enable = mkEnableOption "unpackerr";
 
@@ -258,8 +257,7 @@ in
       after = [ "network.target" ];
       description = "unpackerr system service";
       # Filter out all unset variables else unpackerr complains
-      environment = filterAttrs (_n: v: stringLength v > 0)
+      environment = filterAttrs (_n: v: stringLength v > 0) {
-        {
         # General options
         UN_DEBUG = "${toString cfg.debug}";
         UN_INTERVAL = "${cfg.interval}";

nixos/common/users/default.nix

@@ -1,9 +1,5 @@
-{ config, pkgs, lib, ... }:
+{ config, pkgs, lib, ... }: {
-{
+  imports = [ ./laura.nix ./victor.nix ];
-  imports = [
-    ./laura.nix
-    ./victor.nix
-  ];
 
   # Setup ZSH to use grml config
   programs.zsh = {
@@ -35,7 +31,8 @@
   # Configure the root account
   users.extraUsers.root = {
     # Allow my SSH keys for logging in as root.
-    openssh.authorizedKeys.keys = config.users.extraUsers.victor.openssh.authorizedKeys.keys;
+    openssh.authorizedKeys.keys =
+      config.users.extraUsers.victor.openssh.authorizedKeys.keys;
     # Also use zsh for root
     shell = pkgs.zsh;
   };

nixos/common/users/victor.nix

@@ -18,6 +18,7 @@
     ];
 
     # Make me admin
-    extraGroups = [ "systemd-journal" "wheel" "networkmanager" "libvirtd" "dialout" ];
+    extraGroups =
+      [ "systemd-journal" "wheel" "networkmanager" "libvirtd" "dialout" ];
   };
 }

nixos/hosts/hades/bastion/configuration.nix

@@ -1,5 +1,4 @@
-{ pkgs, lib, ... }:
+{ pkgs, lib, ... }: {
-{
   networking.interfaces.eth0.useDHCP = true;
 
   # mosh ssh

nixos/hosts/hades/bazarr/configuration.nix

@@ -1,5 +1,4 @@
-_:
+_: {
-{
   system.stateVersion = "22.11";
   networking.interfaces.eth0.useDHCP = true;
 

nixos/hosts/hades/dns/configuration.nix

@@ -1,5 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, ... }: {
-{
   imports = [ ];
 
   # This value determines the NixOS release from which the default

nixos/hosts/hades/docker-registry-proxy/configuration.nix

@@ -1,17 +1,19 @@
 { config, ... }:
-let vs = config.vault-secrets.secrets; in
+let vs = config.vault-secrets.secrets;
-{
+in {
   system.stateVersion = "22.05";
 
   networking.interfaces.eth0.useDHCP = true;
 
   # the registry port and metrics port
-  networking.firewall.allowedTCPPorts = [ config.services.dockerRegistry.port 5001 ];
+  networking.firewall.allowedTCPPorts =
+    [ config.services.dockerRegistry.port 5001 ];
 
   vault-secrets.secrets.docker-registry = { };
 
   # Sets the minio user and password
-  systemd.services.docker-registry.serviceConfig.EnvironmentFile = "${vs.docker-registry}/environment";
+  systemd.services.docker-registry.serviceConfig.EnvironmentFile =
+    "${vs.docker-registry}/environment";
 
   services.dockerRegistry = {
     enable = true;

nixos/hosts/hades/docker-registry/configuration.nix

@@ -1,17 +1,19 @@
 { config, ... }:
-let vs = config.vault-secrets.secrets; in
+let vs = config.vault-secrets.secrets;
-{
+in {
   system.stateVersion = "22.05";
 
   networking.interfaces.eth0.useDHCP = true;
 
   # the registry port and metrics port
-  networking.firewall.allowedTCPPorts = [ config.services.dockerRegistry.port 5001 ];
+  networking.firewall.allowedTCPPorts =
+    [ config.services.dockerRegistry.port 5001 ];
 
   vault-secrets.secrets.docker-registry = { };
 
   # Sets the minio user and password
-  systemd.services.docker-registry.serviceConfig.EnvironmentFile = "${vs.docker-registry}/environment";
+  systemd.services.docker-registry.serviceConfig.EnvironmentFile =
+    "${vs.docker-registry}/environment";
 
   services.dockerRegistry = {
     enable = true;
@@ -34,15 +36,13 @@ let vs = config.vault-secrets.secrets; in
       http.debug.prometheus.enabled = true;
 
       # Webhooks
-      notifications.endpoints = [
+      notifications.endpoints = [{
-        {
         name = "keel";
         url = "http://10.10.10.17:9300/v1/webhooks/registry";
         timeout = "500ms";
         treshold = 5;
         backoff = "1s";
-        }
+      }];
-      ];
     };
   };
 }

nixos/hosts/hades/jackett/configuration.nix

@@ -1,5 +1,4 @@
-_:
+_: {
-{
   system.stateVersion = "21.05";
   networking.interfaces.eth0.useDHCP = true;
 

nixos/hosts/hades/lucy/hardware-configuration.nix

@@ -4,22 +4,28 @@
 { lib, modulesPath, ... }:
 
 {
-  imports =
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
-    [ (modulesPath + "/profiles/qemu-guest.nix")
-    ];
 
-  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules = [
+    "uhci_hcd"
+    "ehci_pci"
+    "ahci"
+    "virtio_pci"
+    "virtio_scsi"
+    "sd_mod"
+    "sr_mod"
+  ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-uuid/749c02fd-209d-4974-917e-38b749d10ec2";
+    device = "/dev/disk/by-uuid/749c02fd-209d-4974-917e-38b749d10ec2";
     fsType = "ext4";
   };
 
-  fileSystems."/boot" =
+  fileSystems."/boot" = {
-    { device = "/dev/disk/by-uuid/D021-72EB";
+    device = "/dev/disk/by-uuid/D021-72EB";
     fsType = "vfat";
   };
 

nixos/hosts/hades/minio/configuration.nix

@@ -1,6 +1,5 @@
 { config, pkgs, ... }:
-let
+let vs = config.vault-secrets.secrets;
-  vs = config.vault-secrets.secrets;
 in {
   system.stateVersion = "22.11";
 

nixos/hosts/hades/nginx/configuration.nix

@@ -28,7 +28,6 @@ in {
   security.acme.acceptTerms = true;
   security.acme.preliminarySelfsigned = true;
 
-
   services.nginx = {
     enable = true;
     recommendedProxySettings = true;

nixos/hosts/hades/overseerr/configuration.nix

@@ -31,9 +31,7 @@
           # LOG_LEVEL = "debug";
           TZ = "Europe/Amsterdam";
         };
-        ports = [
+        ports = [ "5055:5055" ];
-          "5055:5055"
-        ];
         volumes = [ "/var/lib/overseerr/config:/app/config" ];
       };
     };

nixos/hosts/hades/prowlarr/configuration.nix

@@ -1,5 +1,4 @@
-_:
+_: {
-{
   networking.interfaces.eth0.useDHCP = true;
   system.stateVersion = "22.11";
 
@@ -15,9 +14,7 @@ _:
     containers = {
       flaresolverr = {
         image = "flaresolverr/flaresolverr:v3.1.2";
-        ports = [
+        ports = [ "8191:8191" ];
-          "8191:8191"
-        ];
       };
     };
   };

nixos/hosts/hades/rtorrent/rtorrent.nix

@@ -1,12 +1,11 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, ... }: {
-{
   services.rtorrent = {
     enable = true;
     port = 54945; # Port Forwarded in mullvad
     downloadDir = "/mnt/storage/torrents/r";
     package = pkgs.jesec-rtorrent;
-    configText = let cfg = config.services.rtorrent; in
+    configText = let cfg = config.services.rtorrent;
-      pkgs.lib.mkForce ''
+    in pkgs.lib.mkForce ''
       # rTorrent runtime directory (cfg.basedir) [default: "$HOME/.local/share/rtorrent"]
       method.insert = cfg.basedir, private|const|string, (cat,"${cfg.dataDir}/")
 

nixos/hosts/hades/sonarr/configuration.nix

@@ -1,5 +1,4 @@
-_:
+_: {
-{
   system.stateVersion = "21.05";
   networking.interfaces.eth0.useDHCP = true;
 

nixos/hosts/hades/unifi/configuration.nix

@@ -1,5 +1,4 @@
-{ pkgs, lib, ... }:
+{ pkgs, lib, ... }: {
-{
   system.stateVersion = "21.05";
   networking.interfaces.eth0.useDHCP = true;
 

nixos/hosts/hades/unpackerr/configuration.nix

@@ -1,7 +1,6 @@
 { config, ... }:
 let vs = config.vault-secrets.secrets;
-in
+in {
-{
   networking.interfaces.eth0.useDHCP = true;
 
   fileSystems."/mnt/storage" = {

nixos/hosts/olympus/bastion/hardware-configuration.nix

@@ -6,7 +6,8 @@
 {
   imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
 
-  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules =
+    [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ ];
   boot.extraModulePackages = [ ];
@@ -16,6 +17,7 @@
     fsType = "ext4";
   };
 
-  swapDevices = [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
 
 }

nixos/hosts/olympus/dns/configuration.nix

@@ -1,5 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, ... }: {
-{
   imports = [ ];
 
   # This value determines the NixOS release from which the default

nixos/hosts/olympus/gitea/configuration.nix

@@ -3,10 +3,8 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { lib, config, pkgs, ... }:
-let
+let vs = config.vault-secrets.secrets;
-  vs = config.vault-secrets.secrets;
+in {
-in
-{
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -22,7 +20,8 @@ in
 
   environment.noXlibs = lib.mkForce false;
 
-  networking.firewall.allowedTCPPorts = [ config.services.gitea.settings.server.HTTP_PORT ];
+  networking.firewall.allowedTCPPorts =
+    [ config.services.gitea.settings.server.HTTP_PORT ];
 
   services.openssh.startWhenNeeded = false;
 
@@ -37,10 +36,8 @@ in
   };
 
   system.activationScripts.gitea-theme =
-    let
+    let target_dir = "${config.services.gitea.stateDir}/custom/public/css/";
-      target_dir = "${config.services.gitea.stateDir}/custom/public/css/";
+    in lib.stringAfter [ "var" ] ''
-    in
-    lib.stringAfter [ "var" ] ''
       mkdir -p ${target_dir}
       ln -sf ${pkgs.v.gitea-agatheme} "${target_dir}/theme-agatheme.css"
     '';
@@ -54,9 +51,7 @@ in
     mailerPasswordFile = "${vs.gitea}/mailPassword";
 
     settings = {
-      actions = {
+      actions = { "ENABLED" = true; };
-        "ENABLED" = true;
-      };
       repository = {
         "ENABLE_PUSH_CREATE_USER" = true;
         "DEFAULT_PUSH_CREATE_PRIVATE" = false;

nixos/hosts/olympus/mailserver/configuration.nix

@@ -3,8 +3,8 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { config, pkgs, ... }:
-let vs = config.vault-secrets.secrets; in
+let vs = config.vault-secrets.secrets;
-{
+in {
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -22,9 +22,7 @@ let vs = config.vault-secrets.secrets; in
     10.42.42.6 vault.olympus
   '';
 
-  vault-secrets.secrets.mailserver = {
+  vault-secrets.secrets.mailserver = { services = [ "dovecot2" "postfix" ]; };
-    services = [ "dovecot2" "postfix" ];
-  };
 
   mailserver = {
     enable = true;
@@ -36,7 +34,8 @@ let vs = config.vault-secrets.secrets; in
       # People
       "v@0x76.dev" = {
         hashedPasswordFile = "${vs.mailserver}/v@0x76.dev";
-        aliases = [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ];
+        aliases =
+          [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ];
       };
       "laura@meowy.tech" = {
         hashedPasswordFile = "${vs.mailserver}/laura@meowy.tech";
@@ -79,7 +78,8 @@ let vs = config.vault-secrets.secrets; in
 
   services.roundcube = {
     enable = true;
-    package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]);
+    package =
+      pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]);
     plugins = [
       "archive"
       # "enigma"
@@ -98,9 +98,7 @@ let vs = config.vault-secrets.secrets; in
     '';
   };
 
-  services.nginx = {
+  services.nginx = { enable = true; };
-    enable = true;
-  };
 
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "v@0x76.dev";

nixos/hosts/olympus/minecraft/configuration.nix

@@ -2,8 +2,7 @@
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
-{ lib, pkgs, ... }:
+{ lib, pkgs, ... }: {
-{
   imports = [ ];
 
   # This value determines the NixOS release from which the default

nixos/hosts/olympus/mosquitto/configuration.nix

@@ -4,8 +4,7 @@
 
 { config, pkgs, ... }:
 let mosquittoPort = 1883;
-in
+in {
-{
   imports = [ ];
 
   # This value determines the NixOS release from which the default

nixos/hosts/olympus/ntfy/configuration.nix

@@ -20,7 +20,8 @@
 
   networking.firewall.allowedTCPPorts = [ 80 ];
 
-  services.ntfy-sh = let datadir = "/var/lib/ntfy"; in {
+  services.ntfy-sh = let datadir = "/var/lib/ntfy";
+  in {
     enable = true;
     settings = {
       base-url = "https://ntfy.0x76.dev";

nixos/hosts/olympus/outline/configuration.nix

@@ -3,8 +3,8 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { config, ... }:
-let vs = config.vault-secrets.secrets; in
+let vs = config.vault-secrets.secrets;
-{
+in {
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -16,9 +16,7 @@ let vs = config.vault-secrets.secrets; in
   system.stateVersion = "22.11"; # Did you read the comment?
 
   # Additional packages
-  networking.firewall.allowedTCPPorts = [
+  networking.firewall.allowedTCPPorts = [ config.services.outline.port ];
-    config.services.outline.port
-  ];
 
   vault-secrets.secrets.outline = {
     inherit (config.services.outline) user group;

nixos/hosts/olympus/synapse/configuration.nix

@@ -7,8 +7,7 @@ let
   vs = config.vault-secrets.secrets;
   port = 8008;
   metricsPort = 9000;
-in
+in {
-{
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -53,15 +52,15 @@ in
       "${vs.synapse}/email_password" # Also contains the rest of the email config
     ];
 
-    settings =
+    settings = let
-    let log_file = pkgs.writeText "log.yml" ''
+      log_file = pkgs.writeText "log.yml" ''
-version: 1
+        version: 1
 
-formatters:
+        formatters:
             structured:
                 class: synapse.logging.TerseJsonFormatter
 
-handlers:
+        handlers:
             file:
                 class: logging.handlers.TimedRotatingFileHandler
                 formatter: structured
@@ -70,21 +69,19 @@ handlers:
                 backupCount: 3  # Does not include the current log file.
                 encoding: utf8
 
-loggers:
+        loggers:
             synapse:
                 level: INFO
                 handlers: [file]
-    ''; in
+      '';
-      {
+    in {
       server_name = "meowy.tech";
       enable_registration = true;
       public_baseurl = "https://chat.meowy.tech";
       enable_metrics = true;
       max_upload_size = "100M";
       registration_requires_token = true;
-        media_retention = {
+      media_retention = { remote_media_lifetime = "90d"; };
-          remote_media_lifetime = "90d";
-        };
       log_config = "${log_file}";
       listeners = [
         {
@@ -93,24 +90,20 @@ loggers:
           type = "http";
           tls = false;
           x_forwarded = true;
-            resources = [
+          resources = [{
-              {
             names = [ "client" "federation" ];
             compress = true;
-              }
+          }];
-            ];
         }
         {
           port = metricsPort;
           bind_addresses = [ "0.0.0.0" ];
           type = "metrics";
           tls = false;
-            resources = [
+          resources = [{
-              {
             names = [ "metrics" ];
             compress = false;
-              }
+          }];
-            ];
         }
       ];
     };

nixos/hosts/olympus/victoriametrics/configuration.nix

@@ -6,8 +6,7 @@
 let
   vmPort = 8428;
   vs = config.vault-secrets.secrets;
-in
+in {
-{
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -21,7 +20,8 @@ in
   # Additional packages
   environment.systemPackages = with pkgs; [ ];
 
-  networking.firewall.allowedTCPPorts = [ vmPort config.services.grafana.settings.server.http_port ];
+  networking.firewall.allowedTCPPorts =
+    [ vmPort config.services.grafana.settings.server.http_port ];
   networking.firewall.allowedUDPPorts = [ vmPort ];
 
   services.victoriametrics = {
@@ -42,12 +42,10 @@ in
       scrape_configs = [
         {
           job_name = "nginx";
-          static_configs = [
+          static_configs = [{
-            {
             targets = [ "nginx.olympus:9113" ];
             labels.app = "nginx";
-            }
+          }];
-          ];
         }
         {
           job_name = "synapse";

nixos/hosts/thalassa/aoife/hardware-configuration.nix

@@ -4,29 +4,27 @@
 { config, lib, modulesPath, ... }:
 
 {
-  imports =
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
 
-  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot.initrd.availableKernelModules =
+    [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-uuid/c184866a-9a53-4a9f-9a1f-493792af7ea9";
+    device = "/dev/disk/by-uuid/c184866a-9a53-4a9f-9a1f-493792af7ea9";
     fsType = "btrfs";
     options = [ "subvol=@" ];
   };
 
-  fileSystems."/boot/efi" =
+  fileSystems."/boot/efi" = {
-    { device = "/dev/disk/by-uuid/5BB8-7503";
+    device = "/dev/disk/by-uuid/5BB8-7503";
     fsType = "vfat";
   };
 
   swapDevices =
-    [ { device = "/dev/disk/by-uuid/bedb5b75-578e-441f-a9eb-2ecff1f4cfca"; }
+    [{ device = "/dev/disk/by-uuid/bedb5b75-578e-441f-a9eb-2ecff1f4cfca"; }];
-    ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
@@ -36,6 +34,7 @@
   # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.amd.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
   # high-resolution display
 }

nixos/hosts/thalassa/eevee/configuration.nix

@@ -3,11 +3,8 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { pkgs, inputs, ... }: {
-  imports = [
+  imports =
-    ../../../common/desktop
+    [ ../../../common/desktop ./hardware-configuration.nix ./hardware.nix ];
-    ./hardware-configuration.nix
-    ./hardware.nix
-  ];
 
   # Bootloader.
   boot = {

nixos/hosts/thalassa/eevee/hardware-configuration.nix

@@ -4,29 +4,27 @@
 { config, lib, modulesPath, ... }:
 
 {
-  imports =
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-uuid/947a98af-9a4e-4811-a2ca-9aa00b319e9c";
+    device = "/dev/disk/by-uuid/947a98af-9a4e-4811-a2ca-9aa00b319e9c";
     fsType = "btrfs";
     options = [ "subvol=@" ];
   };
 
-  fileSystems."/boot/efi" =
+  fileSystems."/boot/efi" = {
-    { device = "/dev/disk/by-uuid/D883-F146";
+    device = "/dev/disk/by-uuid/D883-F146";
     fsType = "vfat";
   };
 
   swapDevices =
-    [ { device = "/dev/disk/by-uuid/a99402e1-6f2a-4c4b-b69f-aae2fd13ffc0"; }
+    [{ device = "/dev/disk/by-uuid/a99402e1-6f2a-4c4b-b69f-aae2fd13ffc0"; }];
-    ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
@@ -37,5 +35,6 @@
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

nixos/hosts/thalassa/null/hardware-configuration.nix

@@ -4,35 +4,34 @@
 { config, lib, modulesPath, ... }:
 
 {
-  imports =
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ];
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
+    device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
     fsType = "btrfs";
     options = [ "subvol=@" ];
   };
 
-  fileSystems."/nix" =
+  fileSystems."/nix" = {
-    { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
+    device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
     fsType = "btrfs";
     options = [ "subvol=@/nix" ];
   };
 
-  fileSystems."/home" =
+  fileSystems."/home" = {
-    { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
+    device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
     fsType = "btrfs";
     options = [ "subvol=@home" ];
   };
 
-  fileSystems."/boot/efi" =
+  fileSystems."/boot/efi" = {
-    { device = "/dev/disk/by-uuid/D478-6F66";
+    device = "/dev/disk/by-uuid/D478-6F66";
     fsType = "vfat";
   };
 
@@ -48,5 +47,6 @@
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

nixos/hosts/thalassa/null/home/neovim.nix

@@ -13,7 +13,7 @@
       treesitter = {
         enable = true;
         nixGrammars = false;
-        ensureInstalled = [];
+        ensureInstalled = [ ];
       };
       surround.enable = true;
       fugitive.enable = true;

nixos/hosts/thalassa/null/networking.nix

@@ -1,5 +1,4 @@
-_:
+_: {
-{
   services.v.dns = {
     enable = true;
     openFirewall = false;
@@ -30,21 +29,11 @@ _:
             ca_cert="/etc/ssl/certs/ca-bundle.crt"
           '';
         };
-        "Pikachu 5G" = {
+        "Pikachu 5G" = { psk = "@PIKACHU_PASSWORD@"; };
-          psk = "@PIKACHU_PASSWORD@";
+        "sha256('yeet')" = { psk = "@SHA256_PASSWORD@"; };
-        };
+        "wired" = { psk = "@WIRED_PASSWORD@"; };
-        "sha256('yeet')" = {
+        "meowy hotspot" = { psk = "@HOTSPOT_PASSWORD@"; };
-          psk = "@SHA256_PASSWORD@";
+        "WiFi Roest" = { psk = "@WIFI_ROEST_PASSWORD@"; };
-        };
-        "wired" = {
-          psk = "@WIRED_PASSWORD@";
-        };
-        "meowy hotspot" = {
-          psk = "@HOTSPOT_PASSWORD@";
-        };
-        "WiFi Roest" = {
-          psk = "@WIFI_ROEST_PASSWORD@";
-        };
       };
     };
 

nixos/hosts/thalassa/null/rescue-boot.nix

@@ -11,9 +11,7 @@ let
   module = {
     system.stateVersion = "22.11";
     boot.supportedFilesystems = [ "btrfs" "ext4" ];
-    environment.systemPackages = with pkgs; [
+    environment.systemPackages = with pkgs; [ git ];
-      git
-    ];
   };
 in {
   boot.loader.systemd-boot = {
@@ -22,7 +20,9 @@ in {
         title Rescue Boot
         linux /rescue-kernel
         initrd /rescue-initrd
-        options init=${netboot.config.system.build.toplevel}/init ${toString netboot.config.boot.kernelParams}
+        options init=${netboot.config.system.build.toplevel}/init ${
+          toString netboot.config.boot.kernelParams
+        }
       '';
     };
 

nixos/pkgs/dnd-5e-latex-template/default.nix

@@ -1,4 +1,5 @@
-{ stdenvNoCC, fetchFromGitHub }: stdenvNoCC.mkDerivation rec {
+{ stdenvNoCC, fetchFromGitHub }:
+stdenvNoCC.mkDerivation rec {
   pname = "dnd-5e-latex-template";
   version = "0.8.0";
   tlType = "run";
@@ -22,7 +23,5 @@
     runHook postInstall
   '';
 
-  meta = {
+  meta = { description = "DnD 5e latex template"; };
-    description = "DnD 5e latex template";
-  };
 }

nixos/pkgs/gitea-agatheme/default.nix

@@ -1,9 +1,11 @@
-{ stdenvNoCC, fetchurl }: stdenvNoCC.mkDerivation {
+{ stdenvNoCC, fetchurl }:
+stdenvNoCC.mkDerivation {
   pname = "gitea-agatheme";
   version = "1.2";
 
   src = fetchurl {
-    url = "https://git.lain.faith/attachments/290e2304-92a3-4991-8703-fbbf52f31340";
+    url =
+      "https://git.lain.faith/attachments/290e2304-92a3-4991-8703-fbbf52f31340";
     sha256 = "424f4e232c7d759485cdf1bcde9edde50f2992cf6bde61c21f71eae03a905543";
   };
 

nixos/pkgs/glitch-soc/default.nix

@@ -1,11 +1,9 @@
-{ lib, stdenv, nodejs-slim, bundlerEnv, nixosTests
+{ lib, stdenv, nodejs-slim, bundlerEnv, nixosTests, yarn, callPackage
-, yarn, callPackage, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript
+, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript, fetchYarnDeps
-, fetchYarnDeps, fixup_yarn_lock
+, fixup_yarn_lock
 
-  # Allow building a fork or custom version of Mastodon:
+# Allow building a fork or custom version of Mastodon:
-, pname ? "mastodon"
+, pname ? "mastodon", version ? import ./version.nix, srcOverride ? null
-, version ? import ./version.nix
-, srcOverride ? null
 , dependenciesDir ? ./. # Should contain gemset.nix, yarn.nix and package.json.
 }:
 
@@ -14,7 +12,8 @@ stdenv.mkDerivation rec {
 
   # Using overrideAttrs on src does not build the gems and modules with the overridden src.
   # Putting the callPackage up in the arguments list also does not work.
-  src = if srcOverride != null then srcOverride else callPackage ./source.nix {};
+  src =
+    if srcOverride != null then srcOverride else callPackage ./source.nix { };
 
   mastodon-gems = bundlerEnv {
     name = "${pname}-gems-${version}";
@@ -46,7 +45,13 @@ stdenv.mkDerivation rec {
       sha256 = "sha256-5KmPgKE1QRPoTjeSYidKt/z9vzWzTOoJVr5dNtofKJY=";
     };
 
-    nativeBuildInputs = [ fixup_yarn_lock nodejs-slim yarn mastodon-gems mastodon-gems.wrappedRuby ];
+    nativeBuildInputs = [
+      fixup_yarn_lock
+      nodejs-slim
+      yarn
+      mastodon-gems
+      mastodon-gems.wrappedRuby
+    ];
 
     RAILS_ENV = "production";
     NODE_ENV = "production";
@@ -114,11 +119,12 @@ stdenv.mkDerivation rec {
 
   passthru = {
     tests.mastodon = nixosTests.mastodon;
-    updateScript = callPackage ./update.nix {};
+    updateScript = callPackage ./update.nix { };
   };
 
   meta = with lib; {
-    description = "Self-hosted, globally interconnected microblogging software based on ActivityPub";
+    description =
+      "Self-hosted, globally interconnected microblogging software based on ActivityPub";
     homepage = "https://joinmastodon.org";
     license = licenses.agpl3Plus;
     platforms = [ "x86_64-linux" "i686-linux" "aarch64-linux" ];

nixos/pkgs/glitch-soc/source.nix

@@ -1,5 +1,6 @@
 # This file was generated by pkgs.mastodon.updateScript.
-{ fetchgit, applyPatches }: let
+{ fetchgit, applyPatches }:
+let
   src = fetchgit {
     url = "https://github.com/glitch-soc/mastodon.git";
     rev = "c18884de32b60152600ec95ed42cdf9c00fdab7a";
@@ -7,5 +8,5 @@
   };
 in applyPatches {
   inherit src;
-  patches = [];
+  patches = [ ];
 }

nixos/pkgs/glitch-soc/update.nix

@@ -1,24 +1,22 @@
-{ runCommand
+{ runCommand, lib, makeWrapper, yarn2nix, bundix, coreutils, diffutils
-, lib
+, nix-prefetch-git, gnused, jq }:
-, makeWrapper
-, yarn2nix
-, bundix
-, coreutils
-, diffutils
-, nix-prefetch-git
-, gnused
-, jq
-}:
 let
-  binPath = lib.makeBinPath [ yarn2nix bundix coreutils diffutils nix-prefetch-git gnused jq ];
+  binPath = lib.makeBinPath [
-in
+    yarn2nix
-runCommand "mastodon-update-script"
+    bundix
-{
+    coreutils
+    diffutils
+    nix-prefetch-git
+    gnused
+    jq
+  ];
+in runCommand "mastodon-update-script" {
   nativeBuildInputs = [ makeWrapper ];
 
   meta = {
     maintainers = with lib.maintainers; [ happy-river ];
-    description = "Utility to generate Nix expressions for Mastodon's dependencies";
+    description =
+      "Utility to generate Nix expressions for Mastodon's dependencies";
     platforms = lib.platforms.unix;
   };
 } ''

nixos/templates/iso-graphical.nix

@@ -6,9 +6,7 @@
   # use the latest Linux kernel
   boot.kernelPackages = pkgs.linuxPackages_latest;
 
-  environment.systemPackages = with pkgs; [
+  environment.systemPackages = with pkgs; [ git ];
-    git
-  ];
 
   # Needed for https://github.com/NixOS/nixpkgs/issues/58959
   boot.supportedFilesystems = lib.mkForce [ "btrfs" "ext4" ];

nixos/templates/iso.nix

@@ -1,15 +1,12 @@
 { pkgs, modulesPath, lib, ... }: {
-  imports = [
+  imports = [ "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" ];
-    "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
-  ];
 
   # use the latest Linux kernel
   boot.kernelPackages = pkgs.linuxPackages_latest;
 
-  environment.systemPackages = with pkgs; [
+  environment.systemPackages = with pkgs; [ git ];
-    git
-  ];
 
   # Needed for https://github.com/NixOS/nixpkgs/issues/58959
-  boot.supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
+  boot.supportedFilesystems =
+    lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
 }