foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-04-24 12:19:12 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

chore: reformat codebase

Browse Source
This commit is contained in:
Gabriel Arazas 2023-07-05 16:42:15 +08:00
parent 654f531b8d
commit c3bec31b86
No known key found for this signature in database
GPG Key ID: ADE0C41DAB221FCC
5 changed files with 33 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
flake.nix
View File

@ -442,18 +442,18 @@
metadata = users.${name}; metadata = users.${name};
username = metadata.deploy.username or name; username = metadata.deploy.username or name;
in in
lib'.nameValuePair "home-manager-${name}" { lib'.nameValuePair "home-manager-${name}" {
hostname = metadata.deploy.hostname or name; hostname = metadata.deploy.hostname or name;
autoRollback = metadata.deploy.auto-rollback or true; autoRollback = metadata.deploy.auto-rollback or true;
magicRollback = metadata.deploy.magic-rollback or true; magicRollback = metadata.deploy.magic-rollback or true;
fastConnection = metadata.deploy.fast-connection or true; fastConnection = metadata.deploy.fast-connection or true;
remoteBuild = metadata.deploy.remote-build or false; remoteBuild = metadata.deploy.remote-build or false;
profiles.home = { profiles.home = {
sshUser = metadata.deploy.ssh-user or username; sshUser = metadata.deploy.ssh-user or username;
user = metadata.deploy.user or username; user = metadata.deploy.user or username;
path = inputs.deploy.lib.${metadata.system or defaultSystem}.activate.home-manager value; path = inputs.deploy.lib.${metadata.system or defaultSystem}.activate.home-manager value;
}; };
}) })
self.homeConfigurations; self.homeConfigurations;
in in
nixosConfigurations // homeConfigurations; nixosConfigurations // homeConfigurations;

19
hosts/ni/modules/wireguard.nix
View File

@ -75,15 +75,16 @@ in
(lib.mkIf config.systemd.network.enable { (lib.mkIf config.systemd.network.enable {
# Just apply the appropriate permissions for systemd-networkd. # Just apply the appropriate permissions for systemd-networkd.
sops.secrets = let sops.secrets =
systemdNetworkFileAttrs = { let
group = config.users.users.systemd-network.group; systemdNetworkFileAttrs = {
reloadUnits = [ "systemd-networkd.service" ]; group = config.users.users.systemd-network.group;
mode = "0640"; reloadUnits = [ "systemd-networkd.service" ];
}; mode = "0640";
applySystemdAttr = secretPaths: lib.listToAttrs };
(builtins.map (path: lib.nameValuePair path systemdNetworkFileAttrs)) applySystemdAttr = secretPaths: lib.listToAttrs
secretPaths; (builtins.map (path: lib.nameValuePair path systemdNetworkFileAttrs))
secretPaths;
in in
applySystemdAttr [ applySystemdAttr [
"wireguard/private-key" "wireguard/private-key"

7
hosts/plover/modules/services/bind.nix
View File

@ -130,7 +130,7 @@ in
}; };
${cfg.extraConfig} ${cfg.extraConfig}
''; '';
extraOptions = '' extraOptions = ''
listen-on tls ${dnsSubdomain} { ${lib.concatMapStrings (interface: "${interface}; ") config.services.bind.listenOn} }; listen-on tls ${dnsSubdomain} { ${lib.concatMapStrings (interface: "${interface}; ") config.services.bind.listenOn} };
@ -187,7 +187,8 @@ in
domainZone' = zoneFile domain; domainZone' = zoneFile domain;
fqdnZone' = zoneFile fqdn; fqdnZone' = zoneFile fqdn;
secretPath = path: config.sops.secrets."dns/${path}".path; secretPath = path: config.sops.secrets."dns/${path}".path;
in lib.mkAfter '' in
lib.mkAfter ''
[ -f '${domainZone'}' ] || { [ -f '${domainZone'}' ] || {
install -Dm0600 '${domainZone}' '${domainZone'}' install -Dm0600 '${domainZone}' '${domainZone'}'
replace-secret #mailboxSecurityKey# '${secretPath "${domain}/mailbox-security-key"}' '${domainZone'}' replace-secret #mailboxSecurityKey# '${secretPath "${domain}/mailbox-security-key"}' '${domainZone'}'
@ -197,7 +198,7 @@ in
[ -f '${fqdnZone'}' ] || { [ -f '${fqdnZone'}' ] || {
install -Dm0600 '${fqdnZone}' '${fqdnZone'}' install -Dm0600 '${fqdnZone}' '${fqdnZone'}'
} }
''; '';
serviceConfig = { serviceConfig = {
# Additional service hardening. You can see most of the options # Additional service hardening. You can see most of the options

6
lib/private.nix
View File

@ -31,8 +31,10 @@ rec {
let let
getKey = key: { inherit key sopsFile; }; getKey = key: { inherit key sopsFile; };
in in
lib.mapAttrs (path: attrs: lib.mapAttrs
(getKey path) // attrs) secrets; (path: attrs:
(getKey path) // attrs)
secrets;
attachSopsPathPrefix = prefix: secrets: attachSopsPathPrefix = prefix: secrets:
lib.mapAttrs' lib.mapAttrs'

5
users/home-manager/foo-dogsquared/modules/email.nix
View File

@ -33,8 +33,9 @@
enable = true; enable = true;
perIdentitySettings = id: perIdentitySettings = id:
let let
identitySettings = attrs: lib.mapAttrs' (setting: value: identitySettings = attrs: lib.mapAttrs'
lib.nameValuePair "mail.identity.id${id}.${setting}" value) (setting: value:
lib.nameValuePair "mail.identity.id${id}.${setting}" value)
attrs; attrs;
in in
identitySettings { identitySettings {