ahuston-0/nix-dotfiles
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

fix all statix warnings and re-enable statix pre-commit

Browse Source 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
This commit is contained in:
ahuston-0 2024-05-21 19:43:57 -04:00 committed by Richie Cahill
parent 0e090cb76a
commit 1b65b78d13
17 changed files with 181 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
checks.nix
View File

@ -22,7 +22,7 @@ forEachSystem (system: {
}; };
## static analysis checks for nix ## static analysis checks for nix
nil.enable = true; nil.enable = true;
statix.enable = false; statix.enable = true;
# json hooks # json hooks
check-json = { check-json = {

2
hydra/jobs.nix
View File

@ -5,6 +5,6 @@ let
getCfg = _: cfg: cfg.config.system.build.toplevel; getCfg = _: cfg: cfg.config.system.build.toplevel;
in in
{ {
inherit (outputs) formatter devShells;
hosts = mapAttrs getCfg outputs.nixosConfigurations; hosts = mapAttrs getCfg outputs.nixosConfigurations;
formatter = outputs.formatter;
} }

6
hydra/jobsets.nix
View File

@ -55,11 +55,11 @@ let
jobOfRef = jobOfRef =
name: name:
{ ref, ... }: { ref, ... }:
if isNull (builtins.match "^refs/heads/(.*)$" ref) then if ((builtins.match "^refs/heads/(.*)$" ref) == null) then
null null
else else
{ {
name = (builtins.replaceStrings [ "/" ] [ "-" ] "branch-${name}"); name = builtins.replaceStrings [ "/" ] [ "-" ] "branch-${name}";
value = makeJob { value = makeJob {
description = "Branch ${name}"; description = "Branch ${name}";
flake = "git+ssh://git@github.com/${repo}?ref=${ref}"; flake = "git+ssh://git@github.com/${repo}?ref=${ref}";
@ -81,7 +81,7 @@ let
# wrapper function for reading json from file # wrapper function for reading json from file
readJSONFile = f: builtins.fromJSON (builtins.readFile f); readJSONFile = f: builtins.fromJSON (builtins.readFile f);
# remove null values from a set, in-case of branches that don't exist # remove null values from a set, in-case of branches that don't exist
mapFilter = f: l: builtins.filter (x: !(isNull x)) (map f l); mapFilter = f: l: builtins.filter (x: (x != null)) (map f l);
# Create job set from PRs and branches # Create job set from PRs and branches
jobs = makeSpec ( jobs = makeSpec (

4
lib/default.nix
View File

@ -21,7 +21,7 @@
# #
# type: # type:
# mapGetAttr :: String -> AttrSet -> [Any] # mapGetAttr :: String -> AttrSet -> [Any]
mapGetAttr = (attr: set: lib.mapAttrsToList (_: attrset: lib.getAttr attr attrset) set); mapGetAttr = attr: set: lib.mapAttrsToList (_: attrset: lib.getAttr attr attrset) set;
# gets list of files and directories inside of a directory # gets list of files and directories inside of a directory
# #
@ -44,7 +44,7 @@
lsdir = lsdir =
dir: dir:
lib.optionals (builtins.pathExists dir) ( lib.optionals (builtins.pathExists dir) (
lib.attrNames (lib.filterAttrs (path: type: type == "directory") (builtins.readDir (dir))) lib.attrNames (lib.filterAttrs (path: type: type == "directory") (builtins.readDir dir))
); );
# return full paths of all files in a directory # return full paths of all files in a directory

2
lib/systems.nix
View File

@ -97,7 +97,7 @@ rec {
# type: # type:
# genNonX86 :: AttrSet -> [AttrSet] # genNonX86 :: AttrSet -> [AttrSet]
genNonX86 = genNonX86 =
{ ... }: { _ }:
[ [
{ {
config.nixpkgs = { config.nixpkgs = {

2
modules/autopull.nix
View File

@ -56,7 +56,7 @@ in
config = config =
let let
repos = lib.filterAttrs (_: { enable, ... }: enable == true) cfg.repo; repos = lib.filterAttrs (_: { enable, ... }: enable) cfg.repo;
in in
lib.mkIf cfg.enable { lib.mkIf cfg.enable {
environment.systemPackages = environment.systemPackages =

49
modules/pam-fingerprint-swap.nix
View File

@ -25,35 +25,36 @@ in
}; };
}; };
config = lib.mkIf (cfg.enable) { config = lib.mkIf cfg.enable {
# to generate this its going to look something like this # to generate this its going to look something like this
# rg "fprintd" --follow /etc/pam.d | sed -nr 's/\/etc\/pam.d\/(\w+)/\1/p' | cut -d ':' -f 1 | awk '{printf "security.pam.services.%s.rules.auth.fprintd.order=11501;\n",$1}' # rg "fprintd" --follow /etc/pam.d | sed -nr 's/\/etc\/pam.d\/(\w+)/\1/p' | cut -d ':' -f 1 | awk '{printf "security.pam.services.%s.rules.auth.fprintd.order=11501;\n",$1}'
# need to check if this one is needed... file doesnt exist when this module is disabled # need to check if this one is needed... file doesnt exist when this module is disabled
#security.pam.services.auth.rules.auth.fprintd.order = cfg.order; #security.pam.services.auth.rules.auth.fprintd.order = cfg.order;
security.pam.services = {
security.pam.services.passwd.rules.auth.fprintd.order = cfg.order; passwd.rules.auth.fprintd.order = cfg.order;
security.pam.services.chpasswd.rules.auth.fprintd.order = cfg.order; chpasswd.rules.auth.fprintd.order = cfg.order;
security.pam.services.groupdel.rules.auth.fprintd.order = cfg.order; groupdel.rules.auth.fprintd.order = cfg.order;
security.pam.services.groupadd.rules.auth.fprintd.order = cfg.order; groupadd.rules.auth.fprintd.order = cfg.order;
security.pam.services.useradd.rules.auth.fprintd.order = cfg.order; useradd.rules.auth.fprintd.order = cfg.order;
security.pam.services.i3lock.rules.auth.fprintd.order = cfg.order; i3lock.rules.auth.fprintd.order = cfg.order;
security.pam.services.systemd-user.rules.auth.fprintd.order = cfg.order; systemd-user.rules.auth.fprintd.order = cfg.order;
security.pam.services.sudo.rules.auth.fprintd.order = cfg.order; sudo.rules.auth.fprintd.order = cfg.order;
security.pam.services.userdel.rules.auth.fprintd.order = cfg.order; userdel.rules.auth.fprintd.order = cfg.order;
security.pam.services.chfn.rules.auth.fprintd.order = cfg.order; chfn.rules.auth.fprintd.order = cfg.order;
security.pam.services.su.rules.auth.fprintd.order = cfg.order; su.rules.auth.fprintd.order = cfg.order;
security.pam.services.usermod.rules.auth.fprintd.order = cfg.order; usermod.rules.auth.fprintd.order = cfg.order;
security.pam.services.groupmems.rules.auth.fprintd.order = cfg.order; groupmems.rules.auth.fprintd.order = cfg.order;
security.pam.services.chsh.rules.auth.fprintd.order = cfg.order; chsh.rules.auth.fprintd.order = cfg.order;
security.pam.services.i3lock-color.rules.auth.fprintd.order = cfg.order; i3lock-color.rules.auth.fprintd.order = cfg.order;
security.pam.services.xscreensaver.rules.auth.fprintd.order = cfg.order; xscreensaver.rules.auth.fprintd.order = cfg.order;
security.pam.services.xlock.rules.auth.fprintd.order = cfg.order; xlock.rules.auth.fprintd.order = cfg.order;
security.pam.services.polkit-1.rules.auth.fprintd.order = cfg.order; polkit-1.rules.auth.fprintd.order = cfg.order;
security.pam.services.vlock.rules.auth.fprintd.order = cfg.order; vlock.rules.auth.fprintd.order = cfg.order;
security.pam.services.runuser-l.rules.auth.fprintd.order = cfg.order; runuser-l.rules.auth.fprintd.order = cfg.order;
security.pam.services.groupmod.rules.auth.fprintd.order = cfg.order; groupmod.rules.auth.fprintd.order = cfg.order;
security.pam.services.runuser.rules.auth.fprintd.order = cfg.order; runuser.rules.auth.fprintd.order = cfg.order;
};
}; };
} }

40
systems/artemision/audio.nix
View File

@ -8,29 +8,31 @@
{ {
# rtkit is optional but recommended # rtkit is optional but recommended
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services = {
enable = true; pipewire = {
alsa.enable = true; enable = true;
alsa.support32Bit = true; alsa.enable = true;
pulse.enable = true; alsa.support32Bit = true;
# If you want to use JACK applications, uncomment this pulse.enable = true;
#jack.enable = true; # If you want to use JACK applications, uncomment this
}; #jack.enable = true;
};
services.pipewire.wireplumber.configPackages = [ pipewire.wireplumber.configPackages = [
(pkgs.writeTextDir "share/wireplumber/bluetooth.lua.d/51-bluez-config.lua" '' (pkgs.writeTextDir "share/wireplumber/bluetooth.lua.d/51-bluez-config.lua" ''
bluez_monitor.properties = { bluez_monitor.properties = {
["bluez5.enable-sbc-xq"] = true, ["bluez5.enable-sbc-xq"] = true,
["bluez5.enable-msbc"] = true, ["bluez5.enable-msbc"] = true,
["bluez5.enable-hw-volume"] = true, ["bluez5.enable-hw-volume"] = true,
["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
} }
'') '')
]; ];
blueman.enable = true;
};
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true; hardware.bluetooth.powerOnBoot = true;
services.blueman.enable = true;
environment.systemPackages = with pkgs; [ pavucontrol ]; environment.systemPackages = with pkgs; [ pavucontrol ];
} }

33
systems/artemision/configuration.nix
View File

@ -35,25 +35,28 @@
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
services.fwupd.package = services = {
(import (builtins.fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/bb2009ca185d97813e75736c2b8d1d8bb81bde05.tar.gz";
sha256 = "sha256:003qcrsq5g5lggfrpq31gcvj82lb065xvr7bpfa8ddsw8x4dnysk";
}) { inherit (pkgs) system; }).fwupd;
services.fprintd.enable = true; fwupd.package =
services.openssh.enable = false; (import (builtins.fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/bb2009ca185d97813e75736c2b8d1d8bb81bde05.tar.gz";
sha256 = "sha256:003qcrsq5g5lggfrpq31gcvj82lb065xvr7bpfa8ddsw8x4dnysk";
}) { inherit (pkgs) system; }).fwupd;
services.spotifyd = { fprintd.enable = true;
enable = true; openssh.enable = false;
settings = {
global = { spotifyd = {
username = "snowinginwonderland@gmail.com"; enable = true;
password_cmd = "cat ${config.sops.secrets."apps/spotify".path}"; settings = {
use_mpris = false; global = {
username = "snowinginwonderland@gmail.com";
password_cmd = "cat ${config.sops.secrets."apps/spotify".path}";
use_mpris = false;
};
}; };
#systemd.services.spotifyd.serviceConfig = systemd.services.spotifyd.
}; };
#systemd.services.spotifyd.serviceConfig = systemd.services.spotifyd.
}; };
system.autoUpgrade.enable = false; system.autoUpgrade.enable = false;

131
systems/artemision/hardware.nix
View File

@ -12,74 +12,79 @@
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ boot = {
"nvme" initrd.availableKernelModules = [
"xhci_pci" "nvme"
"thunderbolt" "xhci_pci"
"usb_storage" "thunderbolt"
"usbhid" "usb_storage"
"sd_mod" "usbhid"
]; "sd_mod"
boot.initrd.kernelModules = [ ];
"dm-snapshot" initrd.kernelModules = [
"r8152" "dm-snapshot"
]; "r8152"
boot.kernelModules = [ "kvm-amd" ]; ];
boot.extraModulePackages = [ ]; kernelModules = [ "kvm-amd" ];
boot.kernelParams = [ extraModulePackages = [ ];
"amdgpu.sg_display=0" kernelParams = [
"amdgpu.graphics_sg=0" "amdgpu.sg_display=0"
"amdgpu.abmlevel=3" "amdgpu.graphics_sg=0"
]; "amdgpu.abmlevel=3"
boot.kernelPatches = lib.mkIf (lib.versionOlder pkgs.linux.version "6.9") [ ];
{ kernelPatches = lib.mkIf (lib.versionOlder pkgs.linux.version "6.9") [
name = "add panel_power_savings sysfs entry to eDP connectors"; {
patch = ./kernel-patches/panel_power_savings.patch; name = "add panel_power_savings sysfs entry to eDP connectors";
} patch = ./kernel-patches/panel_power_savings.patch;
{ }
name = "respect the abmlevel module parameter value if it is set"; {
patch = ./kernel-patches/respect_abmlevel.patch; name = "respect the abmlevel module parameter value if it is set";
} patch = ./kernel-patches/respect_abmlevel.patch;
]; }
fileSystems."/" = {
device = "/dev/disk/by-uuid/f3c11d62-37f4-495e-b668-1ff49e0d3a47";
fsType = "ext4";
options = [
"noatime"
"nodiratime"
"discard"
]; ];
}; };
fileSystems."/home" = { fileSystems = {
device = "/dev/disk/by-uuid/720af942-464c-4c1e-be41-0438936264f0";
fsType = "ext4";
options = [
"noatime"
"nodiratime"
"discard"
];
};
fileSystems."/nix" = { "/" = {
device = "/dev/disk/by-uuid/035f23f8-d895-4b0c-bcf5-45885a5dbbd9"; device = "/dev/disk/by-uuid/f3c11d62-37f4-495e-b668-1ff49e0d3a47";
fsType = "ext4"; fsType = "ext4";
options = [ options = [
"noatime" "noatime"
"nodiratime" "nodiratime"
"discard" "discard"
]; ];
}; };
fileSystems."/boot" = { "/home" = {
device = "/dev/disk/by-uuid/5AD7-6005"; device = "/dev/disk/by-uuid/720af942-464c-4c1e-be41-0438936264f0";
fsType = "vfat"; fsType = "ext4";
options = [ options = [
"noatime" "noatime"
"nodiratime" "nodiratime"
"discard" "discard"
]; ];
};
"/nix" = {
device = "/dev/disk/by-uuid/035f23f8-d895-4b0c-bcf5-45885a5dbbd9";
fsType = "ext4";
options = [
"noatime"
"nodiratime"
"discard"
];
};
"/boot" = {
device = "/dev/disk/by-uuid/5AD7-6005";
fsType = "vfat";
options = [
"noatime"
"nodiratime"
"discard"
];
};
}; };
swapDevices = [ { device = "/dev/disk/by-uuid/7f0dba0f-d04e-4c94-9fba-1d0811673df1"; } ]; swapDevices = [ { device = "/dev/disk/by-uuid/7f0dba0f-d04e-4c94-9fba-1d0811673df1"; } ];

2
systems/artemision/zerotier.nix
View File

@ -1,4 +1,4 @@
{ ... }: { _ }:
{ {
services.zerotierone = { services.zerotierone = {
enable = true; enable = true;

2
systems/jeeves-jr/default.nix
View File

@ -1,4 +1,4 @@
{ ... }: { _ }:
{ {
users = [ users = [
"alice" "alice"

2
systems/jeeves/default.nix
View File

@ -1,4 +1,4 @@
{ ... }: { _ }:
{ {
users = [ users = [
"alice" "alice"

30
systems/jeeves/hardware.nix
View File

@ -12,20 +12,22 @@
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ boot = {
"mpt3sas" initrd.availableKernelModules = [
"nvme" "mpt3sas"
"xhci_pci" "nvme"
"ahci" "xhci_pci"
"uas" "ahci"
"usb_storage" "uas"
"usbhid" "usb_storage"
"sd_mod" "usbhid"
"sr_mod" "sd_mod"
]; "sr_mod"
boot.initrd.kernelModules = [ "dm-snapshot" ]; ];
boot.kernelModules = [ "kvm-amd" ]; initrd.kernelModules = [ "dm-snapshot" ];
boot.extraModulePackages = [ ]; kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/0f78fa87-30be-4173-b0fa-eaa956cf83aa"; device = "/dev/disk/by-uuid/0f78fa87-30be-4173-b0fa-eaa956cf83aa";

21
systems/rhapsody-in-green/hardware.nix
View File

@ -12,15 +12,18 @@
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ boot = {
"nvme"
"xhci_pci" initrd.availableKernelModules = [
"thunderbolt" "nvme"
"usbhid" "xhci_pci"
]; "thunderbolt"
boot.initrd.kernelModules = [ ]; "usbhid"
boot.kernelModules = [ "kvm-amd" ]; ];
boot.extraModulePackages = [ ]; initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/c5cc486b-0076-40b0-9402-7ddb2b4a7fdf"; device = "/dev/disk/by-uuid/c5cc486b-0076-40b0-9402-7ddb2b4a7fdf";

14
users/alice/home/doom/default.nix
View File

@ -6,10 +6,12 @@
}: }:
{ {
xdg.configFile."doom/config.el".source = ./config.el; xdg.configFile = {
xdg.configFile."doom/custom.el".source = ./custom.el; "doom/config.el".source = ./config.el;
xdg.configFile."doom/init.el".source = ./init.el; "doom/custom.el".source = ./custom.el;
xdg.configFile."doom/packages.el".source = ./packages.el; "doom/init.el".source = ./init.el;
xdg.configFile."doom/snippets/cc-mode/cc-doxy".source = ./snippets/cc-mode/cc-doxy; "doom/packages.el".source = ./packages.el;
xdg.configFile."doom/snippets/cc-mode/README.md".source = ./snippets/cc-mode/README.md; "doom/snippets/cc-mode/cc-doxy".source = ./snippets/cc-mode/cc-doxy;
"doom/snippets/cc-mode/README.md".source = ./snippets/cc-mode/README.md;
};
} }

2
users/alice/home/gammastep.nix
View File

@ -1,4 +1,4 @@
{ ... }: { _ }:
{ {
services.gammastep = { services.gammastep = {
enable = true; enable = true;