From 1b65b78d13226a3f3f85acdb14b02c9c58ef203c Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Tue, 21 May 2024 19:43:57 -0400 Subject: [PATCH] fix all statix warnings and re-enable statix pre-commit Signed-off-by: ahuston-0 --- checks.nix | 2 +- hydra/jobs.nix | 2 +- hydra/jobsets.nix | 6 +- lib/default.nix | 4 +- lib/systems.nix | 2 +- modules/autopull.nix | 2 +- modules/pam-fingerprint-swap.nix | 49 ++++----- systems/artemision/audio.nix | 40 ++++---- systems/artemision/configuration.nix | 33 ++++--- systems/artemision/hardware.nix | 131 +++++++++++++------------ systems/artemision/zerotier.nix | 2 +- systems/jeeves-jr/default.nix | 2 +- systems/jeeves/default.nix | 2 +- systems/jeeves/hardware.nix | 30 +++--- systems/rhapsody-in-green/hardware.nix | 21 ++-- users/alice/home/doom/default.nix | 14 +-- users/alice/home/gammastep.nix | 2 +- 17 files changed, 181 insertions(+), 163 deletions(-) diff --git a/checks.nix b/checks.nix index 3512f4a..66fca37 100644 --- a/checks.nix +++ b/checks.nix @@ -22,7 +22,7 @@ forEachSystem (system: { }; ## static analysis checks for nix nil.enable = true; - statix.enable = false; + statix.enable = true; # json hooks check-json = { diff --git a/hydra/jobs.nix b/hydra/jobs.nix index 43a67f5..cb70d1b 100644 --- a/hydra/jobs.nix +++ b/hydra/jobs.nix @@ -5,6 +5,6 @@ let getCfg = _: cfg: cfg.config.system.build.toplevel; in { + inherit (outputs) formatter devShells; hosts = mapAttrs getCfg outputs.nixosConfigurations; - formatter = outputs.formatter; } diff --git a/hydra/jobsets.nix b/hydra/jobsets.nix index a6003ed..2918536 100644 --- a/hydra/jobsets.nix +++ b/hydra/jobsets.nix @@ -55,11 +55,11 @@ let jobOfRef = name: { ref, ... }: - if isNull (builtins.match "^refs/heads/(.*)$" ref) then + if ((builtins.match "^refs/heads/(.*)$" ref) == null) then null else { - name = (builtins.replaceStrings [ "/" ] [ "-" ] "branch-${name}"); + name = builtins.replaceStrings [ "/" ] [ "-" ] "branch-${name}"; value = makeJob { description = "Branch ${name}"; flake = "git+ssh://git@github.com/${repo}?ref=${ref}"; @@ -81,7 +81,7 @@ let # wrapper function for reading json from file readJSONFile = f: builtins.fromJSON (builtins.readFile f); # remove null values from a set, in-case of branches that don't exist - mapFilter = f: l: builtins.filter (x: !(isNull x)) (map f l); + mapFilter = f: l: builtins.filter (x: (x != null)) (map f l); # Create job set from PRs and branches jobs = makeSpec ( diff --git a/lib/default.nix b/lib/default.nix index dc15a27..240ebb3 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -21,7 +21,7 @@ # # type: # mapGetAttr :: String -> AttrSet -> [Any] - mapGetAttr = (attr: set: lib.mapAttrsToList (_: attrset: lib.getAttr attr attrset) set); + mapGetAttr = attr: set: lib.mapAttrsToList (_: attrset: lib.getAttr attr attrset) set; # gets list of files and directories inside of a directory # @@ -44,7 +44,7 @@ lsdir = dir: lib.optionals (builtins.pathExists dir) ( - lib.attrNames (lib.filterAttrs (path: type: type == "directory") (builtins.readDir (dir))) + lib.attrNames (lib.filterAttrs (path: type: type == "directory") (builtins.readDir dir)) ); # return full paths of all files in a directory diff --git a/lib/systems.nix b/lib/systems.nix index 3a15482..a31970a 100644 --- a/lib/systems.nix +++ b/lib/systems.nix @@ -97,7 +97,7 @@ rec { # type: # genNonX86 :: AttrSet -> [AttrSet] genNonX86 = - { ... }: + { _ }: [ { config.nixpkgs = { diff --git a/modules/autopull.nix b/modules/autopull.nix index bcae5c8..0a112c3 100644 --- a/modules/autopull.nix +++ b/modules/autopull.nix @@ -56,7 +56,7 @@ in config = let - repos = lib.filterAttrs (_: { enable, ... }: enable == true) cfg.repo; + repos = lib.filterAttrs (_: { enable, ... }: enable) cfg.repo; in lib.mkIf cfg.enable { environment.systemPackages = diff --git a/modules/pam-fingerprint-swap.nix b/modules/pam-fingerprint-swap.nix index c3ac1ad..446f64c 100644 --- a/modules/pam-fingerprint-swap.nix +++ b/modules/pam-fingerprint-swap.nix @@ -25,35 +25,36 @@ in }; }; - config = lib.mkIf (cfg.enable) { + config = lib.mkIf cfg.enable { # to generate this its going to look something like this # rg "fprintd" --follow /etc/pam.d | sed -nr 's/\/etc\/pam.d\/(\w+)/\1/p' | cut -d ':' -f 1 | awk '{printf "security.pam.services.%s.rules.auth.fprintd.order=11501;\n",$1}' # need to check if this one is needed... file doesnt exist when this module is disabled #security.pam.services.auth.rules.auth.fprintd.order = cfg.order; - - security.pam.services.passwd.rules.auth.fprintd.order = cfg.order; - security.pam.services.chpasswd.rules.auth.fprintd.order = cfg.order; - security.pam.services.groupdel.rules.auth.fprintd.order = cfg.order; - security.pam.services.groupadd.rules.auth.fprintd.order = cfg.order; - security.pam.services.useradd.rules.auth.fprintd.order = cfg.order; - security.pam.services.i3lock.rules.auth.fprintd.order = cfg.order; - security.pam.services.systemd-user.rules.auth.fprintd.order = cfg.order; - security.pam.services.sudo.rules.auth.fprintd.order = cfg.order; - security.pam.services.userdel.rules.auth.fprintd.order = cfg.order; - security.pam.services.chfn.rules.auth.fprintd.order = cfg.order; - security.pam.services.su.rules.auth.fprintd.order = cfg.order; - security.pam.services.usermod.rules.auth.fprintd.order = cfg.order; - security.pam.services.groupmems.rules.auth.fprintd.order = cfg.order; - security.pam.services.chsh.rules.auth.fprintd.order = cfg.order; - security.pam.services.i3lock-color.rules.auth.fprintd.order = cfg.order; - security.pam.services.xscreensaver.rules.auth.fprintd.order = cfg.order; - security.pam.services.xlock.rules.auth.fprintd.order = cfg.order; - security.pam.services.polkit-1.rules.auth.fprintd.order = cfg.order; - security.pam.services.vlock.rules.auth.fprintd.order = cfg.order; - security.pam.services.runuser-l.rules.auth.fprintd.order = cfg.order; - security.pam.services.groupmod.rules.auth.fprintd.order = cfg.order; - security.pam.services.runuser.rules.auth.fprintd.order = cfg.order; + security.pam.services = { + passwd.rules.auth.fprintd.order = cfg.order; + chpasswd.rules.auth.fprintd.order = cfg.order; + groupdel.rules.auth.fprintd.order = cfg.order; + groupadd.rules.auth.fprintd.order = cfg.order; + useradd.rules.auth.fprintd.order = cfg.order; + i3lock.rules.auth.fprintd.order = cfg.order; + systemd-user.rules.auth.fprintd.order = cfg.order; + sudo.rules.auth.fprintd.order = cfg.order; + userdel.rules.auth.fprintd.order = cfg.order; + chfn.rules.auth.fprintd.order = cfg.order; + su.rules.auth.fprintd.order = cfg.order; + usermod.rules.auth.fprintd.order = cfg.order; + groupmems.rules.auth.fprintd.order = cfg.order; + chsh.rules.auth.fprintd.order = cfg.order; + i3lock-color.rules.auth.fprintd.order = cfg.order; + xscreensaver.rules.auth.fprintd.order = cfg.order; + xlock.rules.auth.fprintd.order = cfg.order; + polkit-1.rules.auth.fprintd.order = cfg.order; + vlock.rules.auth.fprintd.order = cfg.order; + runuser-l.rules.auth.fprintd.order = cfg.order; + groupmod.rules.auth.fprintd.order = cfg.order; + runuser.rules.auth.fprintd.order = cfg.order; + }; }; } diff --git a/systems/artemision/audio.nix b/systems/artemision/audio.nix index a81e0dd..a72fb51 100644 --- a/systems/artemision/audio.nix +++ b/systems/artemision/audio.nix @@ -8,29 +8,31 @@ { # rtkit is optional but recommended security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; - }; + services = { + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + }; - services.pipewire.wireplumber.configPackages = [ - (pkgs.writeTextDir "share/wireplumber/bluetooth.lua.d/51-bluez-config.lua" '' - bluez_monitor.properties = { - ["bluez5.enable-sbc-xq"] = true, - ["bluez5.enable-msbc"] = true, - ["bluez5.enable-hw-volume"] = true, - ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" - } - '') - ]; + pipewire.wireplumber.configPackages = [ + (pkgs.writeTextDir "share/wireplumber/bluetooth.lua.d/51-bluez-config.lua" '' + bluez_monitor.properties = { + ["bluez5.enable-sbc-xq"] = true, + ["bluez5.enable-msbc"] = true, + ["bluez5.enable-hw-volume"] = true, + ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" + } + '') + ]; + blueman.enable = true; + }; hardware.bluetooth.enable = true; hardware.bluetooth.powerOnBoot = true; - services.blueman.enable = true; environment.systemPackages = with pkgs; [ pavucontrol ]; } diff --git a/systems/artemision/configuration.nix b/systems/artemision/configuration.nix index f55cd2f..88f1135 100644 --- a/systems/artemision/configuration.nix +++ b/systems/artemision/configuration.nix @@ -35,25 +35,28 @@ sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - services.fwupd.package = - (import (builtins.fetchTarball { - url = "https://github.com/NixOS/nixpkgs/archive/bb2009ca185d97813e75736c2b8d1d8bb81bde05.tar.gz"; - sha256 = "sha256:003qcrsq5g5lggfrpq31gcvj82lb065xvr7bpfa8ddsw8x4dnysk"; - }) { inherit (pkgs) system; }).fwupd; + services = { - services.fprintd.enable = true; - services.openssh.enable = false; + fwupd.package = + (import (builtins.fetchTarball { + url = "https://github.com/NixOS/nixpkgs/archive/bb2009ca185d97813e75736c2b8d1d8bb81bde05.tar.gz"; + sha256 = "sha256:003qcrsq5g5lggfrpq31gcvj82lb065xvr7bpfa8ddsw8x4dnysk"; + }) { inherit (pkgs) system; }).fwupd; - services.spotifyd = { - enable = true; - settings = { - global = { - username = "snowinginwonderland@gmail.com"; - password_cmd = "cat ${config.sops.secrets."apps/spotify".path}"; - use_mpris = false; + fprintd.enable = true; + openssh.enable = false; + + spotifyd = { + enable = true; + settings = { + global = { + username = "snowinginwonderland@gmail.com"; + password_cmd = "cat ${config.sops.secrets."apps/spotify".path}"; + use_mpris = false; + }; }; + #systemd.services.spotifyd.serviceConfig = systemd.services.spotifyd. }; - #systemd.services.spotifyd.serviceConfig = systemd.services.spotifyd. }; system.autoUpgrade.enable = false; diff --git a/systems/artemision/hardware.nix b/systems/artemision/hardware.nix index a806ef9..0831ec8 100644 --- a/systems/artemision/hardware.nix +++ b/systems/artemision/hardware.nix @@ -12,74 +12,79 @@ { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ - "nvme" - "xhci_pci" - "thunderbolt" - "usb_storage" - "usbhid" - "sd_mod" - ]; - boot.initrd.kernelModules = [ - "dm-snapshot" - "r8152" - ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - boot.kernelParams = [ - "amdgpu.sg_display=0" - "amdgpu.graphics_sg=0" - "amdgpu.abmlevel=3" - ]; - boot.kernelPatches = lib.mkIf (lib.versionOlder pkgs.linux.version "6.9") [ - { - name = "add panel_power_savings sysfs entry to eDP connectors"; - patch = ./kernel-patches/panel_power_savings.patch; - } - { - name = "respect the abmlevel module parameter value if it is set"; - patch = ./kernel-patches/respect_abmlevel.patch; - } - ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/f3c11d62-37f4-495e-b668-1ff49e0d3a47"; - fsType = "ext4"; - options = [ - "noatime" - "nodiratime" - "discard" + boot = { + initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "thunderbolt" + "usb_storage" + "usbhid" + "sd_mod" + ]; + initrd.kernelModules = [ + "dm-snapshot" + "r8152" + ]; + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; + kernelParams = [ + "amdgpu.sg_display=0" + "amdgpu.graphics_sg=0" + "amdgpu.abmlevel=3" + ]; + kernelPatches = lib.mkIf (lib.versionOlder pkgs.linux.version "6.9") [ + { + name = "add panel_power_savings sysfs entry to eDP connectors"; + patch = ./kernel-patches/panel_power_savings.patch; + } + { + name = "respect the abmlevel module parameter value if it is set"; + patch = ./kernel-patches/respect_abmlevel.patch; + } ]; }; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/720af942-464c-4c1e-be41-0438936264f0"; - fsType = "ext4"; - options = [ - "noatime" - "nodiratime" - "discard" - ]; - }; + fileSystems = { - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/035f23f8-d895-4b0c-bcf5-45885a5dbbd9"; - fsType = "ext4"; - options = [ - "noatime" - "nodiratime" - "discard" - ]; - }; + "/" = { + device = "/dev/disk/by-uuid/f3c11d62-37f4-495e-b668-1ff49e0d3a47"; + fsType = "ext4"; + options = [ + "noatime" + "nodiratime" + "discard" + ]; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/5AD7-6005"; - fsType = "vfat"; - options = [ - "noatime" - "nodiratime" - "discard" - ]; + "/home" = { + device = "/dev/disk/by-uuid/720af942-464c-4c1e-be41-0438936264f0"; + fsType = "ext4"; + options = [ + "noatime" + "nodiratime" + "discard" + ]; + }; + + "/nix" = { + device = "/dev/disk/by-uuid/035f23f8-d895-4b0c-bcf5-45885a5dbbd9"; + fsType = "ext4"; + options = [ + "noatime" + "nodiratime" + "discard" + ]; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/5AD7-6005"; + fsType = "vfat"; + options = [ + "noatime" + "nodiratime" + "discard" + ]; + }; }; swapDevices = [ { device = "/dev/disk/by-uuid/7f0dba0f-d04e-4c94-9fba-1d0811673df1"; } ]; diff --git a/systems/artemision/zerotier.nix b/systems/artemision/zerotier.nix index 6bd43fd..c185ab7 100644 --- a/systems/artemision/zerotier.nix +++ b/systems/artemision/zerotier.nix @@ -1,4 +1,4 @@ -{ ... }: +{ _ }: { services.zerotierone = { enable = true; diff --git a/systems/jeeves-jr/default.nix b/systems/jeeves-jr/default.nix index 01f0304..ca97be7 100644 --- a/systems/jeeves-jr/default.nix +++ b/systems/jeeves-jr/default.nix @@ -1,4 +1,4 @@ -{ ... }: +{ _ }: { users = [ "alice" diff --git a/systems/jeeves/default.nix b/systems/jeeves/default.nix index 01f0304..ca97be7 100644 --- a/systems/jeeves/default.nix +++ b/systems/jeeves/default.nix @@ -1,4 +1,4 @@ -{ ... }: +{ _ }: { users = [ "alice" diff --git a/systems/jeeves/hardware.nix b/systems/jeeves/hardware.nix index 5a125d0..6407767 100644 --- a/systems/jeeves/hardware.nix +++ b/systems/jeeves/hardware.nix @@ -12,20 +12,22 @@ { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ - "mpt3sas" - "nvme" - "xhci_pci" - "ahci" - "uas" - "usb_storage" - "usbhid" - "sd_mod" - "sr_mod" - ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot = { + initrd.availableKernelModules = [ + "mpt3sas" + "nvme" + "xhci_pci" + "ahci" + "uas" + "usb_storage" + "usbhid" + "sd_mod" + "sr_mod" + ]; + initrd.kernelModules = [ "dm-snapshot" ]; + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; + }; fileSystems."/" = { device = "/dev/disk/by-uuid/0f78fa87-30be-4173-b0fa-eaa956cf83aa"; diff --git a/systems/rhapsody-in-green/hardware.nix b/systems/rhapsody-in-green/hardware.nix index 8975723..4fd80b7 100644 --- a/systems/rhapsody-in-green/hardware.nix +++ b/systems/rhapsody-in-green/hardware.nix @@ -12,15 +12,18 @@ { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ - "nvme" - "xhci_pci" - "thunderbolt" - "usbhid" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot = { + + initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "thunderbolt" + "usbhid" + ]; + initrd.kernelModules = [ ]; + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; + }; fileSystems."/" = { device = "/dev/disk/by-uuid/c5cc486b-0076-40b0-9402-7ddb2b4a7fdf"; diff --git a/users/alice/home/doom/default.nix b/users/alice/home/doom/default.nix index 1d30635..b0b8c4a 100644 --- a/users/alice/home/doom/default.nix +++ b/users/alice/home/doom/default.nix @@ -6,10 +6,12 @@ }: { - xdg.configFile."doom/config.el".source = ./config.el; - xdg.configFile."doom/custom.el".source = ./custom.el; - xdg.configFile."doom/init.el".source = ./init.el; - xdg.configFile."doom/packages.el".source = ./packages.el; - xdg.configFile."doom/snippets/cc-mode/cc-doxy".source = ./snippets/cc-mode/cc-doxy; - xdg.configFile."doom/snippets/cc-mode/README.md".source = ./snippets/cc-mode/README.md; + xdg.configFile = { + "doom/config.el".source = ./config.el; + "doom/custom.el".source = ./custom.el; + "doom/init.el".source = ./init.el; + "doom/packages.el".source = ./packages.el; + "doom/snippets/cc-mode/cc-doxy".source = ./snippets/cc-mode/cc-doxy; + "doom/snippets/cc-mode/README.md".source = ./snippets/cc-mode/README.md; + }; } diff --git a/users/alice/home/gammastep.nix b/users/alice/home/gammastep.nix index 92b8801..571aefb 100644 --- a/users/alice/home/gammastep.nix +++ b/users/alice/home/gammastep.nix @@ -1,4 +1,4 @@ -{ ... }: +{ _ }: { services.gammastep = { enable = true;