diff options
| author | Franck Cuny <franck@fcuny.net> | 2024-12-19 12:54:16 -0800 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2024-12-19 12:54:16 -0800 |
| commit | bc40b7e0ad2ef5960b7f1695b4520909252a0e49 (patch) | |
| tree | f22e9e5001720bbc82055a5d4d3b24077b9647de /nix/machines | |
| parent | use treefmt to format all the files (diff) | |
| download | infra-bc40b7e0ad2ef5960b7f1695b4520909252a0e49.tar.gz | |
switch to the newer version of nixfmt
`nixfmt-rfc-style' replaces `nixfmt-classic'. It's actively
maintained, but also changes the style, so this commit touches all the
files in the repository.
Diffstat (limited to 'nix/machines')
| -rw-r--r-- | nix/machines/darwin-shared.nix | 18 | ||||
| -rw-r--r-- | nix/machines/hq-c02fk3q7md6t/default.nix | 3 | ||||
| -rw-r--r-- | nix/machines/mba-m2/default.nix | 3 | ||||
| -rw-r--r-- | nix/machines/vm-aarch64/default.nix | 8 | ||||
| -rw-r--r-- | nix/machines/vm-aarch64/hardware.nix | 13 | ||||
| -rw-r--r-- | nix/machines/vm-hetzner/default.nix | 71 | ||||
| -rw-r--r-- | nix/machines/vm-hetzner/hardware.nix | 11 | ||||
| -rw-r--r-- | nix/machines/vm-shared.nix | 24 | ||||
| -rw-r--r-- | nix/machines/vm-synology/ddns.nix | 6 | ||||
| -rw-r--r-- | nix/machines/vm-synology/default.nix | 11 | ||||
| -rw-r--r-- | nix/machines/vm-synology/git.nix | 37 | ||||
| -rw-r--r-- | nix/machines/vm-synology/hardware.nix | 15 | ||||
| -rw-r--r-- | nix/machines/vm-synology/web.nix | 11 |
13 files changed, 159 insertions, 72 deletions
diff --git a/nix/machines/darwin-shared.nix b/nix/machines/darwin-shared.nix index 344ff00..b56670d 100644 --- a/nix/machines/darwin-shared.nix +++ b/nix/machines/darwin-shared.nix @@ -1,9 +1,16 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ nix = { package = pkgs.nixVersions.stable; settings = { - trusted-users = [ "@admin" "fcuny" ]; - experimental-features = [ "nix-command" "flakes" ]; + trusted-users = [ + "@admin" + "fcuny" + ]; + experimental-features = [ + "nix-command" + "flakes" + ]; }; }; @@ -58,7 +65,10 @@ ''; # Required for homebrew on aarch64 - environment.systemPath = [ "/opt/homebrew/bin" "/opt/homebrew/sbin" ]; + environment.systemPath = [ + "/opt/homebrew/bin" + "/opt/homebrew/sbin" + ]; homebrew = { enable = true; diff --git a/nix/machines/hq-c02fk3q7md6t/default.nix b/nix/machines/hq-c02fk3q7md6t/default.nix index 001f3d5..5910d09 100644 --- a/nix/machines/hq-c02fk3q7md6t/default.nix +++ b/nix/machines/hq-c02fk3q7md6t/default.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ imports = [ ../darwin-shared.nix ]; system.stateVersion = 5; diff --git a/nix/machines/mba-m2/default.nix b/nix/machines/mba-m2/default.nix index 72a4e8b..04c5780 100644 --- a/nix/machines/mba-m2/default.nix +++ b/nix/machines/mba-m2/default.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ imports = [ ../darwin-shared.nix ]; system.stateVersion = 5; diff --git a/nix/machines/vm-aarch64/default.nix b/nix/machines/vm-aarch64/default.nix index b1444cc..86382af 100644 --- a/nix/machines/vm-aarch64/default.nix +++ b/nix/machines/vm-aarch64/default.nix @@ -1,5 +1,9 @@ -{ ... }: { - imports = [ ./hardware.nix ../vm-shared.nix ]; +{ ... }: +{ + imports = [ + ./hardware.nix + ../vm-shared.nix + ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; diff --git a/nix/machines/vm-aarch64/hardware.nix b/nix/machines/vm-aarch64/hardware.nix index 084cc74..67dc249 100644 --- a/nix/machines/vm-aarch64/hardware.nix +++ b/nix/machines/vm-aarch64/hardware.nix @@ -1,10 +1,14 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ lib, modulesPath, ... }: { +{ lib, modulesPath, ... }: +{ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "sr_mod" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "sr_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; @@ -17,7 +21,10 @@ fileSystems."/boot" = { device = "/dev/disk/by-label/boot"; fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; + options = [ + "fmask=0022" + "dmask=0022" + ]; }; swapDevices = [ ]; diff --git a/nix/machines/vm-hetzner/default.nix b/nix/machines/vm-hetzner/default.nix index 889b00d..c7ab4c8 100644 --- a/nix/machines/vm-hetzner/default.nix +++ b/nix/machines/vm-hetzner/default.nix @@ -1,5 +1,9 @@ -{ pkgs, lib, ... }: { - imports = [ ./hardware.nix ../vm-shared.nix ]; +{ pkgs, lib, ... }: +{ + imports = [ + ./hardware.nix + ../vm-shared.nix + ]; boot.tmp.cleanOnBoot = true; zramSwap.enable = true; @@ -14,8 +18,11 @@ # This file was populated at runtime with the networking # details gathered from the active system. networking = { - nameservers = - [ "2a01:4ff:ff00::add:2" "2a01:4ff:ff00::add:1" "185.12.64.1" ]; + nameservers = [ + "2a01:4ff:ff00::add:2" + "2a01:4ff:ff00::add:1" + "185.12.64.1" + ]; defaultGateway = "172.31.1.1"; defaultGateway6 = { address = "fe80::1"; @@ -25,10 +32,12 @@ usePredictableInterfaceNames = lib.mkForce false; interfaces = { eth0 = { - ipv4.addresses = [{ - address = "5.78.87.68"; - prefixLength = 32; - }]; + ipv4.addresses = [ + { + address = "5.78.87.68"; + prefixLength = 32; + } + ]; ipv6.addresses = [ { address = "2a01:4ff:1f0:d1a3::1"; @@ -39,14 +48,18 @@ prefixLength = 64; } ]; - ipv4.routes = [{ - address = "172.31.1.1"; - prefixLength = 32; - }]; - ipv6.routes = [{ - address = "fe80::1"; - prefixLength = 128; - }]; + ipv4.routes = [ + { + address = "172.31.1.1"; + prefixLength = 32; + } + ]; + ipv6.routes = [ + { + address = "fe80::1"; + prefixLength = 128; + } + ]; }; }; @@ -73,8 +86,7 @@ # TODO(fcuny): I could create the configuration file to set the default branch services.gitolite = { enable = true; - adminPubkey = - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"; + adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"; user = "git"; group = "git"; extraGitoliteRc = '' @@ -102,10 +114,8 @@ readme = ":README.md"; project-list = "/var/lib/gitolite/projects.list"; about-filter = "${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh"; - source-filter = - "${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py"; - clone-url = - (lib.concatStringsSep " " [ "https://git.fcuny.net/$CGIT_REPO_URL" ]); + source-filter = "${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py"; + clone-url = (lib.concatStringsSep " " [ "https://git.fcuny.net/$CGIT_REPO_URL" ]); enable-log-filecount = 1; enable-log-linecount = 1; enable-git-config = 1; @@ -129,7 +139,9 @@ virtualisation.oci-containers.containers.excalidraw = { autoStart = true; image = "excalidraw/excalidraw:latest"; - environment = { TZ = "America/Los_Angeles"; }; + environment = { + TZ = "America/Los_Angeles"; + }; ports = [ "127.0.0.1:3030:80" ]; extraOptions = [ "--pull=always" ]; }; @@ -151,7 +163,9 @@ forceSSL = true; enableACME = true; locations = { - "/" = { root = "/srv/www/fcuny.net"; }; + "/" = { + root = "/srv/www/fcuny.net"; + }; "/.well-known/acme-challenge" = { root = "/var/lib/acme/acme-challenges"; }; @@ -190,8 +204,13 @@ "/var/lib/gitolite/.ssh" "/var/lib/gitolite/.viminfo" ]; - extraBackupArgs = [ "--exclude-caches" "--compression=max" ]; - timerConfig = { OnCalendar = "*:0/30"; }; + extraBackupArgs = [ + "--exclude-caches" + "--compression=max" + ]; + timerConfig = { + OnCalendar = "*:0/30"; + }; pruneOpts = [ "--keep-hourly 36" "--keep-daily 7" diff --git a/nix/machines/vm-hetzner/hardware.nix b/nix/machines/vm-hetzner/hardware.nix index 89a92a9..351c991 100644 --- a/nix/machines/vm-hetzner/hardware.nix +++ b/nix/machines/vm-hetzner/hardware.nix @@ -1,8 +1,13 @@ -{ modulesPath, ... }: { +{ modulesPath, ... }: +{ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = - [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "xen_blkfront" + "vmw_pvscsi" + ]; boot.loader.grub = { enable = true; diff --git a/nix/machines/vm-shared.nix b/nix/machines/vm-shared.nix index 01dbaac..7586987 100644 --- a/nix/machines/vm-shared.nix +++ b/nix/machines/vm-shared.nix @@ -1,11 +1,18 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ boot.kernelPackages = pkgs.linuxPackages_latest; nix = { package = pkgs.nixVersions.latest; settings = { - trusted-users = [ "@admin" "fcuny" ]; - experimental-features = [ "nix-command" "flakes" ]; + trusted-users = [ + "@admin" + "fcuny" + ]; + experimental-features = [ + "nix-command" + "flakes" + ]; }; }; @@ -18,14 +25,21 @@ virtualisation.docker.enable = true; # Select internationalisation properties. - i18n = { defaultLocale = "en_US.UTF-8"; }; + i18n = { + defaultLocale = "en_US.UTF-8"; + }; # Define a user account. Don't forget to set a password with ‘passwd’. users.mutableUsers = false; # List packages installed in system profile. To search, run: # $ nix search wget - environment.systemPackages = with pkgs; [ curl git vim jq ]; + environment.systemPackages = with pkgs; [ + curl + git + vim + jq + ]; # Enable the OpenSSH daemon. services.openssh.enable = true; diff --git a/nix/machines/vm-synology/ddns.nix b/nix/machines/vm-synology/ddns.nix index df59793..837bfa7 100644 --- a/nix/machines/vm-synology/ddns.nix +++ b/nix/machines/vm-synology/ddns.nix @@ -1,4 +1,5 @@ -{ ... }: { +{ ... }: +{ age.secrets.ddns-updater = { file = ../../../secrets/ddns-updater.age; owner = "root"; @@ -16,6 +17,5 @@ }; # https://systemd.io/CREDENTIALS/ - systemd.services.ddns-updater.serviceConfig.LoadCredential = - "config.json:/run/agenix/ddns-updater"; + systemd.services.ddns-updater.serviceConfig.LoadCredential = "config.json:/run/agenix/ddns-updater"; } diff --git a/nix/machines/vm-synology/default.nix b/nix/machines/vm-synology/default.nix index 68952c6..8e8dfc5 100644 --- a/nix/machines/vm-synology/default.nix +++ b/nix/machines/vm-synology/default.nix @@ -1,5 +1,12 @@ -{ ... }: { - imports = [ ./hardware.nix ../vm-shared.nix ./ddns.nix ./web.nix ./git.nix ]; +{ ... }: +{ + imports = [ + ./hardware.nix + ../vm-shared.nix + ./ddns.nix + ./web.nix + ./git.nix + ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; diff --git a/nix/machines/vm-synology/git.nix b/nix/machines/vm-synology/git.nix index 698f375..1e6a9e6 100644 --- a/nix/machines/vm-synology/git.nix +++ b/nix/machines/vm-synology/git.nix @@ -1,10 +1,10 @@ -{ pkgs, lib, ... }: { +{ pkgs, lib, ... }: +{ # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/misc/gitolite.nix services.gitolite = { enable = true; - adminPubkey = - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"; + adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"; user = "git"; group = "git"; extraGitoliteRc = '' @@ -19,12 +19,10 @@ # let's make sure the default branch is `main'. systemd.tmpfiles.rules = [ - "C /var/lib/gitolite/.gitconfig - git git 0644 ${ - pkgs.writeText "gitolite-gitconfig" '' - [init] - defaultBranch = main - '' - }" + "C /var/lib/gitolite/.gitconfig - git git 0644 ${pkgs.writeText "gitolite-gitconfig" '' + [init] + defaultBranch = main + ''}" ]; services.cgit.main = { @@ -43,10 +41,8 @@ readme = ":README.md"; project-list = "/var/lib/gitolite/projects.list"; about-filter = "${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh"; - source-filter = - "${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py"; - clone-url = - (lib.concatStringsSep " " [ "https://git.fcuny.net/$CGIT_REPO_URL" ]); + source-filter = "${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py"; + clone-url = (lib.concatStringsSep " " [ "https://git.fcuny.net/$CGIT_REPO_URL" ]); enable-log-filecount = 1; enable-log-linecount = 1; enable-git-config = 1; @@ -88,8 +84,17 @@ "/var/lib/gitolite/.ssh" "/var/lib/gitolite/.viminfo" ]; - extraBackupArgs = [ "--exclude-caches" "--compression=max" ]; - timerConfig = { OnCalendar = "daily"; }; - pruneOpts = [ "--keep-daily 7" "--keep-weekly 4" "--keep-monthly 3" ]; + extraBackupArgs = [ + "--exclude-caches" + "--compression=max" + ]; + timerConfig = { + OnCalendar = "daily"; + }; + pruneOpts = [ + "--keep-daily 7" + "--keep-weekly 4" + "--keep-monthly 3" + ]; }; } diff --git a/nix/machines/vm-synology/hardware.nix b/nix/machines/vm-synology/hardware.nix index 5511e98..cd1d5e7 100644 --- a/nix/machines/vm-synology/hardware.nix +++ b/nix/machines/vm-synology/hardware.nix @@ -6,8 +6,14 @@ { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = - [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; @@ -20,7 +26,10 @@ fileSystems."/boot" = { device = "/dev/disk/by-label/boot"; fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; + options = [ + "fmask=0022" + "dmask=0022" + ]; }; swapDevices = [ ]; diff --git a/nix/machines/vm-synology/web.nix b/nix/machines/vm-synology/web.nix index f9c34cc..03fe831 100644 --- a/nix/machines/vm-synology/web.nix +++ b/nix/machines/vm-synology/web.nix @@ -1,9 +1,12 @@ -{ ... }: { +{ ... }: +{ # container for excalidraw virtualisation.oci-containers.containers.excalidraw = { autoStart = true; image = "excalidraw/excalidraw:latest"; - environment = { TZ = "America/Los_Angeles"; }; + environment = { + TZ = "America/Los_Angeles"; + }; ports = [ "127.0.0.1:3030:80" ]; extraOptions = [ "--pull=always" ]; }; @@ -30,7 +33,9 @@ forceSSL = true; enableACME = true; locations = { - "/" = { root = "/srv/www/fcuny.net"; }; + "/" = { + root = "/srv/www/fcuny.net"; + }; "/.well-known/acme-challenge" = { root = "/var/lib/acme/acme-challenges"; }; |