alejandra: initial repo format

2022-08-15 17:32:25 +10:00 · 2022-08-15 17:32:25 +10:00 · 584f00ed86
parent 180d6bc1a5
commit 584f00ed86
13 changed files with 426 additions and 435 deletions
--- a/hardware/linode_vm.nix
+++ b/hardware/linode_vm.nix
@ -1,18 +1,20 @@
 # Configuration common to all JFDIC Linode VMs
 { config, pkgs, lib, ... }:
 {
  config,
  pkgs,
  lib,
  ...
 }: {
  imports = [
    # Import the NixOS Qemu guest settings
    <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
  ];
-  boot.initrd.availableKernelModules = [ "virtio_pci" "ahci" "sd_mod" ];
+  boot.initrd.availableKernelModules = ["virtio_pci" "ahci" "sd_mod"];
-  boot.initrd.kernelModules = [ ];
+  boot.initrd.kernelModules = [];
-  boot.kernelModules = [ ];
+  boot.kernelModules = [];
-  boot.extraModulePackages = [ ];
+  boot.extraModulePackages = [];
-  boot.kernelParams = [ "console=ttyS0,19200n8" ];
+  boot.kernelParams = ["console=ttyS0,19200n8"];
  boot.loader = {
    grub = {
      extraConfig = ''
@ -26,8 +28,8 @@
  };
  # File systems configuration for the Linode VMs
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/sda";
+    device = "/dev/sda";
    fsType = "ext4";
  };
--- a/networks/linode-common.nix
+++ b/networks/linode-common.nix
@ -1,10 +1,11 @@
 # NixOps configuration common to Linode VMs
 { config, pkgs, lib, ... }:
 {
-  imports =
+  config,
-    [
+  pkgs,
  lib,
  ...
 }: {
  imports = [
    ../profiles/host_common.nix
    ../profiles/server_common.nix
  ];
@ -29,9 +30,8 @@
    interfaces.eth0.useDHCP = true;
    firewall = {
      enable = true;
-      allowedTCPPorts = [ 80 443 ];
+      allowedTCPPorts = [80 443];
-      trustedInterfaces = [ "lo" ];
+      trustedInterfaces = ["lo"];
    };
  };
 }
--- a/networks/linode.nix
+++ b/networks/linode.nix
@ -1,10 +1,11 @@
 # NixOps configuration for the Linode VMs
 { config, pkgs, lib, ... }:
 {
-  imports =
+  config,
-    [
+  pkgs,
  lib,
  ...
 }: {
  imports = [
    ../hardware/linode_vm.nix
    ./linode-common.nix
  ];
--- a/profiles/bash.nix
+++ b/profiles/bash.nix
@ -1,9 +1,5 @@
 # Configuration common to all JFDIC servers
-
+{config, ...}: {
 { config, ... }:
 {
  # Program defaults for all hosts
  programs.bash = {
    interactiveShellInit = ''
@ -15,5 +11,4 @@
    '';
    vteIntegration = true;
  };
 }
--- a/profiles/chrony.nix
+++ b/profiles/chrony.nix
@ -1,11 +1,6 @@
 # NixOps configuration for the hosts running a Chrony service
-
+{config, ...}: {
 { config, ... }:
 {
  services.chrony = {
    enable = true; # Enable Chrony
  };
 }
--- a/profiles/gitea.nix
+++ b/profiles/gitea.nix
@ -1,9 +1,10 @@
 # NixOps configuration for the hosts running Gitea
 { config, pkgs, lib, ... }:
 {
-
+  config,
  pkgs,
  lib,
  ...
 }: {
  services.gitea = {
    enable = true; # Enable Gitea
    appName = "JFDI Collective: Gitea Service"; # Give the site a name
@ -16,8 +17,8 @@
    rootUrl = "https://source.jfdic.org/"; # Root web URL
    httpPort = 3002; # Provided unique port
    settings = let
-      docutils =
+      docutils = pkgs.python37.withPackages (ps:
-        pkgs.python37.withPackages (ps: with ps; [
+        with ps; [
          docutils # Provides rendering of ReStructured Text files
          pygments # Provides syntax highlighting
        ]);
@ -49,15 +50,17 @@
    authentication = ''
      local gitea all ident map=gitea-users
    '';
-    identMap =                    # Map the gitea user to postgresql
+    identMap =
      # Map the gitea user to postgresql
      ''
        gitea-users gitea gitea
      '';
-    ensureDatabases = [ "gitea" ];    # Ensure the database persists
+    ensureDatabases = ["gitea"]; # Ensure the database persists
    ensureUsers = [
      {
        name = "gitea"; # Ensure the database user persists
-        ensurePermissions = {         # Ensure the database permissions persist
+        ensurePermissions = {
          # Ensure the database permissions persist
          "DATABASE gitea" = "ALL PRIVILEGES";
          "ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
        };
@ -71,7 +74,8 @@
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
-    virtualHosts."source.jfdic.org" = {                  # Gitea hostname
+    virtualHosts."source.jfdic.org" = {
      # Gitea hostname
      enableACME = true; # Use ACME certs
      forceSSL = true; # Force SSL
      locations."/".proxyPass = "http://localhost:3002/"; # Proxy Gitea
@ -85,6 +89,5 @@
    };
  };
-  users.groups.keys.members = [ "gitea" ];   # Required due to NixOps issue #1204
+  users.groups.keys.members = ["gitea"]; # Required due to NixOps issue #1204
 }
--- a/profiles/host_common.nix
+++ b/profiles/host_common.nix
@ -1,9 +1,10 @@
 # Configuration common to all JFDIC servers
 { config, pkgs, lib, ... }:
 {
-
+  config,
  pkgs,
  lib,
  ...
 }: {
  imports = [
    ../profiles/bash.nix
    ../profiles/chrony.nix
@ -52,7 +53,8 @@
      # Ruin the config so we don't accidentally run
      # nixos-rebuild switch on the host
      (let
-        cfg = pkgs.writeText "configuration.nix"
+        cfg =
          pkgs.writeText "configuration.nix"
          ''
            assert builtins.trace "This system is managed by NixOps." false;
            {}
@ -81,7 +83,7 @@
  environment.etc.host-nix-channel.source = pkgs.path;
  environment.variables = {
-    BAT_THEME="Dracula";
+    BAT_THEME = "Dracula";
  };
  # Set the system-wide environment
--- a/profiles/logrotate.nix
+++ b/profiles/logrotate.nix
@ -1,11 +1,6 @@
 # logrotate configuration for NixOS / NixOps
-
+{config, ...}: {
 { config, ... }:
 {
  services.logrotate = {
    enable = true; # Enable the logrotate service
  };
 }
--- a/profiles/neovim.nix
+++ b/profiles/neovim.nix
@ -1,9 +1,9 @@
-{ pkgs, ... }:
+{pkgs, ...}: {
-{
+  environment.variables = {EDITOR = "vim";};
  environment.variables = { EDITOR = "vim"; };
  environment.systemPackages = with pkgs; [
-    (neovim.override {
+    (
      neovim.override {
        vimAlias = true;
        configure = {
          packages.myPlugins = with pkgs.vimPlugins; {
@ -296,5 +296,6 @@
          '';
        };
      }
-  )];
+    )
  ];
 }
--- a/profiles/nix-direnv.nix
+++ b/profiles/nix-direnv.nix
@ -1,9 +1,10 @@
 # NixOps configuration nix-direnv
 { config, pkgs, lib, ... }:
 {
-
+  config,
  pkgs,
  lib,
  ...
 }: {
  nix = {
    extraOptions = ''
      keep-outputs = true
@ -23,7 +24,6 @@
  };
  nixpkgs.overlays = [
-    (self: super: { nix-direnv = super.nix-direnv.override { enableFlakes = true; }; } )
+    (self: super: {nix-direnv = super.nix-direnv.override {enableFlakes = true;};})
  ];
 }
--- a/profiles/server_common.nix
+++ b/profiles/server_common.nix
@ -1,11 +1,11 @@
 # Configuration common to all JFDIC servers
 { config, pkgs, lib, ... }:
 {
-
+  config,
-  imports =
+  pkgs,
-    [
+  lib,
  ...
 }: {
  imports = [
    ../profiles/openssh.nix
    ../secrets/user-fiscalvelvetpoet.nix
    ../secrets/user-root.nix
@ -15,5 +15,4 @@
    enable = true;
    withUtempter = true;
  };
 }
--- a/profiles/starship.nix
+++ b/profiles/starship.nix
@ -1,6 +1,4 @@
-{ pkgs, ... }:
+{pkgs, ...}: {
 {
  environment.systemPackages = with pkgs; [
    starship # A minimal, blazing fast, and extremely customizable prompt for any shell
  ];
--- a/profiles/zsh.nix
+++ b/profiles/zsh.nix
@ -1,9 +1,10 @@
 # Configuration common to all JFDIC servers
 { config, pkgs, lib, ... }:
 {
-
+  config,
  pkgs,
  lib,
  ...
 }: {
  # Program defaults for all hosts
  programs.zsh = {
    enable = true; # Also enables & installs nix-zsh-completions
@ -38,5 +39,4 @@
  ];
  users.defaultUserShell = pkgs.zsh; # Set the default shell for all users
 }