foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-04-19 06:19:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: reformat codebase

Browse Source
This commit is contained in:
Gabriel Arazas 2023-07-05 16:42:15 +08:00
parent 654f531b8d
commit c3bec31b86
No known key found for this signature in database
GPG Key ID: ADE0C41DAB221FCC
5 changed files with 33 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
flake.nix
View File

@ -442,18 +442,18 @@
metadata = users.${name};
username = metadata.deploy.username or name;
in
lib'.nameValuePair "home-manager-${name}" {
hostname = metadata.deploy.hostname or name;
autoRollback = metadata.deploy.auto-rollback or true;
magicRollback = metadata.deploy.magic-rollback or true;
fastConnection = metadata.deploy.fast-connection or true;
remoteBuild = metadata.deploy.remote-build or false;
profiles.home = {
sshUser = metadata.deploy.ssh-user or username;
user = metadata.deploy.user or username;
path = inputs.deploy.lib.${metadata.system or defaultSystem}.activate.home-manager value;
};
})
lib'.nameValuePair "home-manager-${name}" {
hostname = metadata.deploy.hostname or name;
autoRollback = metadata.deploy.auto-rollback or true;
magicRollback = metadata.deploy.magic-rollback or true;
fastConnection = metadata.deploy.fast-connection or true;
remoteBuild = metadata.deploy.remote-build or false;
profiles.home = {
sshUser = metadata.deploy.ssh-user or username;
user = metadata.deploy.user or username;
path = inputs.deploy.lib.${metadata.system or defaultSystem}.activate.home-manager value;
};
})
self.homeConfigurations;
in
nixosConfigurations // homeConfigurations;

19
hosts/ni/modules/wireguard.nix
View File

@ -75,15 +75,16 @@ in
(lib.mkIf config.systemd.network.enable {
# Just apply the appropriate permissions for systemd-networkd.
sops.secrets = let
systemdNetworkFileAttrs = {
group = config.users.users.systemd-network.group;
reloadUnits = [ "systemd-networkd.service" ];
mode = "0640";
};
applySystemdAttr = secretPaths: lib.listToAttrs
(builtins.map (path: lib.nameValuePair path systemdNetworkFileAttrs))
secretPaths;
sops.secrets =
let
systemdNetworkFileAttrs = {
group = config.users.users.systemd-network.group;
reloadUnits = [ "systemd-networkd.service" ];
mode = "0640";
};
applySystemdAttr = secretPaths: lib.listToAttrs
(builtins.map (path: lib.nameValuePair path systemdNetworkFileAttrs))
secretPaths;
in
applySystemdAttr [
"wireguard/private-key"

7
hosts/plover/modules/services/bind.nix
View File

@ -130,7 +130,7 @@ in
};
${cfg.extraConfig}
'';
'';
extraOptions = ''
listen-on tls ${dnsSubdomain} { ${lib.concatMapStrings (interface: "${interface}; ") config.services.bind.listenOn} };
@ -187,7 +187,8 @@ in
domainZone' = zoneFile domain;
fqdnZone' = zoneFile fqdn;
secretPath = path: config.sops.secrets."dns/${path}".path;
in lib.mkAfter ''
in
lib.mkAfter ''
[ -f '${domainZone'}' ] || {
install -Dm0600 '${domainZone}' '${domainZone'}'
replace-secret #mailboxSecurityKey# '${secretPath "${domain}/mailbox-security-key"}' '${domainZone'}'
@ -197,7 +198,7 @@ in
[ -f '${fqdnZone'}' ] || {
install -Dm0600 '${fqdnZone}' '${fqdnZone'}'
}
'';
'';
serviceConfig = {
# Additional service hardening. You can see most of the options

6
lib/private.nix
View File

@ -31,8 +31,10 @@ rec {
let
getKey = key: { inherit key sopsFile; };
in
lib.mapAttrs (path: attrs:
(getKey path) // attrs) secrets;
lib.mapAttrs
(path: attrs:
(getKey path) // attrs)
secrets;
attachSopsPathPrefix = prefix: secrets:
lib.mapAttrs'

5
users/home-manager/foo-dogsquared/modules/email.nix
View File

@ -33,8 +33,9 @@
enable = true;
perIdentitySettings = id:
let
identitySettings = attrs: lib.mapAttrs' (setting: value:
lib.nameValuePair "mail.identity.id${id}.${setting}" value)
identitySettings = attrs: lib.mapAttrs'
(setting: value:
lib.nameValuePair "mail.identity.id${id}.${setting}" value)
attrs;
in
identitySettings {