use rfc-style formatter

2024-12-19 02:32:58 -05:00 · 2024-12-19 02:32:58 -05:00 · f57ed53bc5
commit f57ed53bc5
parent 993b457e0b
30 changed files with 324 additions and 176 deletions
--- a/hosts/ytnix/default.nix
+++ b/hosts/ytnix/default.nix
@ -2,7 +2,8 @@
  config,
  pkgs,
  ...
-}: {
+}:
+{
  imports = [
    ./hardware-configuration.nix
    ../common.nix
@ -53,11 +54,14 @@
      dns = "none";
      wifi.backend = "iwd";
    };
-    nameservers = ["31.59.129.225" "2a0f:85c1:840:2bfb::1"];
+    nameservers = [
+      "31.59.129.225"
+      "2a0f:85c1:840:2bfb::1"
+    ];
    resolvconf.enable = true;
    firewall = {
-      allowedUDPPorts = [51820]; # for wireguard
-      trustedInterfaces = ["wg0"];
+      allowedUDPPorts = [ 51820 ]; # for wireguard
+      trustedInterfaces = [ "wg0" ];
    };
  };
  programs.nm-applet.enable = true;
@ -76,7 +80,10 @@
        "bluez5.enable-sbc-xq" = true;
        "bluez5.enable-msbc" = true;
        "bluez5.enable-hw-volume" = true;
-        "bluez5.roles" = ["a2dp_sink" "a2dp_source"];
+        "bluez5.roles" = [
+          "a2dp_sink"
+          "a2dp_source"
+        ];
      };
    };
    # https://wiki.archlinux.org/title/Bluetooth_headset#Connecting_works,_sound_plays_fine_until_headphones_become_idle,_then_stutters
@ -100,7 +107,11 @@

  users.users.yt = {
    isNormalUser = true;
-    extraGroups = ["wheel" "libvirtd" "docker"];
+    extraGroups = [
+      "wheel"
+      "libvirtd"
+      "docker"
+    ];
    shell = pkgs.zsh;
  };
  programs.zsh.enable = true;
@ -168,7 +179,14 @@
  programs.sway.enable = true;

  services.borgbackup.jobs.ytnixRsync = {
-    paths = ["/root" "/home" "/var/lib" "/var/log" "/opt" "/etc"];
+    paths = [
+      "/root"
+      "/home"
+      "/var/lib"
+      "/var/log"
+      "/opt"
+      "/etc"
+    ];
    exclude = [
      "**/.cache"
      "**/node_modules"
@ -194,11 +212,13 @@
    };
    compression = "auto,zstd";
    startAt = "daily";
-    extraCreateArgs = ["--stats"];
+    extraCreateArgs = [ "--stats" ];
    # warnings are often not that serious
    failOnWarnings = false;
    postHook = ''
-      ${pkgs.curl}/bin/curl -u $(cat ${config.sops.secrets."services/ntfy".path}) -d "ytnixRsync: backup completed with exit code: $exitStatus
+      ${pkgs.curl}/bin/curl -u $(cat ${
+        config.sops.secrets."services/ntfy".path
+      }) -d "ytnixRsync: backup completed with exit code: $exitStatus
      $(journalctl -u borgbackup-job-ytnixRsync.service|tail -n 5)" \
      https://ntfy.cything.io/chunk
    '';
@ -211,8 +231,8 @@
      snapshot_preserve_min = "2d";
      snapshot_dir = "/snapshots";
      subvolume = {
-        "/home" = {};
-        "/" = {};
+        "/home" = { };
+        "/" = { };
      };
    };
  };
@ -286,12 +306,18 @@

  # wireguard setup
  networking.wg-quick.interfaces.wg0 = {
-    address = ["10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64"];
+    address = [
+      "10.0.0.2/24"
+      "fdc9:281f:04d7:9ee9::2/64"
+    ];
    privateKeyFile = config.sops.secrets."wireguard/private".path;
    peers = [
      {
        publicKey = "a16/F/wP7HQIUtFywebqPSXQAktPsLgsMLH9ZfevMy0=";
-        allowedIPs = ["0.0.0.0/0" "::/0"];
+        allowedIPs = [
+          "0.0.0.0/0"
+          "::/0"
+        ];
        endpoint = "31.59.129.225:51820";
        persistentKeepalive = 25;
        presharedKeyFile = config.sops.secrets."wireguard/psk".path;
--- a/hosts/ytnix/hardware-configuration.nix
+++ b/hosts/ytnix/hardware-configuration.nix
@ -7,42 +7,63 @@
  pkgs,
  modulesPath,
  ...
-}: {
-  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod"];
-  boot.initrd.kernelModules = [];
-  boot.kernelModules = ["kvm-intel"];
-  boot.extraModulePackages = [];
+}:
+{
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "nvme"
+    "usb_storage"
+    "sd_mod"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];

  fileSystems."/" = {
    device = "/dev/disk/by-uuid/17870658-6118-46af-837f-70c9175e09c3";
    fsType = "btrfs";
-    options = ["subvol=root" "compress=zstd"];
+    options = [
+      "subvol=root"
+      "compress=zstd"
+    ];
  };

-  boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/c6098a16-c8a6-4a97-8648-6f46ca919d13";
+  boot.initrd.luks.devices."cryptroot".device =
+    "/dev/disk/by-uuid/c6098a16-c8a6-4a97-8648-6f46ca919d13";

  fileSystems."/home" = {
    device = "/dev/disk/by-uuid/17870658-6118-46af-837f-70c9175e09c3";
    fsType = "btrfs";
-    options = ["subvol=home" "compress=zstd"];
+    options = [
+      "subvol=home"
+      "compress=zstd"
+    ];
  };

  fileSystems."/nix" = {
    device = "/dev/disk/by-uuid/17870658-6118-46af-837f-70c9175e09c3";
    fsType = "btrfs";
-    options = ["subvol=nix" "compress=zstd" "noatime"];
+    options = [
+      "subvol=nix"
+      "compress=zstd"
+      "noatime"
+    ];
  };

  fileSystems."/swap" = {
    device = "/dev/disk/by-uuid/17870658-6118-46af-837f-70c9175e09c3";
    fsType = "btrfs";
-    options = ["subvol=swap"];
+    options = [ "subvol=swap" ];
  };

  fileSystems."/boot" = {
    device = "/dev/disk/by-uuid/29B7-F46D";
    fsType = "vfat";
-    options = ["fmask=0022" "dmask=0022"];
+    options = [
+      "fmask=0022"
+      "dmask=0022"
+    ];
  };

  swapDevices = [
@ -52,7 +73,7 @@
  ];

  boot.resumeDevice = "/dev/disk/by-uuid/17870658-6118-46af-837f-70c9175e09c3";
-  boot.kernelParams = ["resume_offset=53224704"];
+  boot.kernelParams = [ "resume_offset=53224704" ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's