format

2025-08-03 20:35:48 +02:00
parent ffc78043e6
commit 2ddffc74c9
17 changed files with 476 additions and 333 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -32,15 +32,40 @@
      flake = false;
    };
  };
-  outputs = { self, darwin, nix-homebrew, homebrew-bundle, homebrew-core, homebrew-cask, home-manager, nixpkgs, disko, agenix, secrets } @inputs:
+  outputs =
+    {
+      self,
+      darwin,
+      nix-homebrew,
+      homebrew-bundle,
+      homebrew-core,
+      homebrew-cask,
+      home-manager,
+      nixpkgs,
+      disko,
+      agenix,
+      secrets,
+    }@inputs:
    let
      user = "cschmatzler";
      linuxSystems = [ "x86_64-linux" ];
      darwinSystems = [ "aarch64-darwin" ];
      forAllSystems = f: nixpkgs.lib.genAttrs (linuxSystems ++ darwinSystems) f;
-      devShell = system: let pkgs = nixpkgs.legacyPackages.${system}; in {
-        default = with pkgs; mkShell {
-          nativeBuildInputs = with pkgs; [ bashInteractive git age age-plugin-yubikey ];
+      devShell =
+        system:
+        let
+          pkgs = nixpkgs.legacyPackages.${system};
+        in
+        {
+          default =
+            with pkgs;
+            mkShell {
+              nativeBuildInputs = with pkgs; [
+                bashInteractive
+                git
+                age
+                age-plugin-yubikey
+              ];
              shellHook = with pkgs; ''
                export EDITOR=vim
              '';
@@ -48,12 +73,14 @@
        };
      mkApp = scriptName: system: {
        type = "app";
-        program = "${(nixpkgs.legacyPackages.${system}.writeScriptBin scriptName ''
+        program = "${
+          (nixpkgs.legacyPackages.${system}.writeScriptBin scriptName ''
            #!/usr/bin/env bash
            PATH=${nixpkgs.legacyPackages.${system}.git}/bin:$PATH
            echo "Running ${scriptName} for ${system}"
            exec ${self}/apps/${system}/${scriptName}
-        '')}/bin/${scriptName}";
+          '')
+        }/bin/${scriptName}";
      };
      mkLinuxApps = system: {
        "apply" = mkApp "apply" system;
@@ -76,9 +103,11 @@
    in
    {
      devShells = forAllSystems devShell;
-      apps = nixpkgs.lib.genAttrs linuxSystems mkLinuxApps // nixpkgs.lib.genAttrs darwinSystems mkDarwinApps;
+      apps =
+        nixpkgs.lib.genAttrs linuxSystems mkLinuxApps // nixpkgs.lib.genAttrs darwinSystems mkDarwinApps;

-      darwinConfigurations = nixpkgs.lib.genAttrs darwinSystems (system:
+      darwinConfigurations = nixpkgs.lib.genAttrs darwinSystems (
+        system:
        darwin.lib.darwinSystem {
          inherit system;
          specialArgs = inputs;
@@ -103,12 +132,15 @@
        }
      );

-      nixosConfigurations = nixpkgs.lib.genAttrs linuxSystems (system: nixpkgs.lib.nixosSystem {
+      nixosConfigurations = nixpkgs.lib.genAttrs linuxSystems (
+        system:
+        nixpkgs.lib.nixosSystem {
          inherit system;
          specialArgs = inputs;
          modules = [
            disko.nixosModules.disko
-          home-manager.nixosModules.home-manager {
+            home-manager.nixosModules.home-manager
+            {
              home-manager = {
                useGlobalPkgs = true;
                useUserPackages = true;
@@ -117,6 +149,7 @@
            }
            ./hosts/nixos
          ];
-     });
+        }
+      );
    };
 }
--- a/hosts/darwin/default.nix
+++ b/hosts/darwin/default.nix
@@ -1,6 +1,13 @@
-{ agenix, config, pkgs, ... }:
+{
+  agenix,
+  config,
+  pkgs,
+  ...
+}:

-let user = "cschmatzler"; in
+let
+  user = "cschmatzler";
+in
 {

  imports = [
@@ -13,13 +20,23 @@ let user = "cschmatzler"; in
  nix = {
    package = pkgs.nix;
    settings = {
-      trusted-users = [ "@admin" "${user}" ];
-      substituters = [ "https://nix-community.cachix.org" "https://cache.nixos.org" ];
+      trusted-users = [
+        "@admin"
+        "${user}"
+      ];
+      substituters = [
+        "https://nix-community.cachix.org"
+        "https://cache.nixos.org"
+      ];
      trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
    };
    gc = {
      automatic = true;
-      interval = { Weekday = 0; Hour = 2; Minute = 0; };
+      interval = {
+        Weekday = 0;
+        Hour = 2;
+        Minute = 0;
+      };
      options = "--delete-older-than 30d";
    };
    extraOptions = ''
@@ -27,9 +44,12 @@ let user = "cschmatzler"; in
    '';
  };

-  environment.systemPackages = with pkgs; [
+  environment.systemPackages =
+    with pkgs;
+    [
      agenix.packages."${pkgs.system}".default
-  ] ++ (import ../../modules/shared/packages.nix { inherit pkgs; });
+    ]
+    ++ (import ../../modules/shared/packages.nix { inherit pkgs; });

  system = {
    checks.verifyNixPath = false;
--- a/hosts/nixos/default.nix
+++ b/hosts/nixos/default.nix
@@ -1,7 +1,15 @@
-{ config, inputs, pkgs, agenix, ... }:
+{
+  config,
+  inputs,
+  pkgs,
+  agenix,
+  ...
+}:

-let user = "cschmatzler";
-    keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOk8iAnIaa1deoc7jw8YACPNVka1ZFJxhnU4G74TmS+p" ]; in
+let
+  user = "cschmatzler";
+  keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOk8iAnIaa1deoc7jw8YACPNVka1ZFJxhnU4G74TmS+p" ];
+in
 {
  imports = [
    ../../modules/nixos/secrets.nix
@@ -19,7 +27,14 @@ let user = "cschmatzler";
      };
      efi.canTouchEfiVariables = true;
    };
-    initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+    initrd.availableKernelModules = [
+      "xhci_pci"
+      "ahci"
+      "nvme"
+      "usbhid"
+      "usb_storage"
+      "sd_mod"
+    ];
    # Uncomment for AMD GPU
    # initrd.kernelModules = [ "amdgpu" ];
    kernelPackages = pkgs.linuxPackages_latest;
@@ -42,8 +57,14 @@ let user = "cschmatzler";
    nixPath = [ "nixos-config=/home/${user}/.local/share/src/nixos-config:/etc/nixos" ];
    settings = {
      allowed-users = [ "${user}" ];
-      trusted-users = [ "@admin" "${user}" ];
-      substituters = [ "https://nix-community.cachix.org" "https://cache.nixos.org" ];
+      trusted-users = [
+        "@admin"
+        "${user}"
+      ];
+      substituters = [
+        "https://nix-community.cachix.org"
+        "https://cache.nixos.org"
+      ];
      trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
    };

@@ -206,12 +227,29 @@ let user = "cschmatzler";
        log-level = "info";

        wintypes = {
-          normal = { fade = true; shadow = false; };
-          tooltip = { fade = true; shadow = false; opacity = 0.75; focus = true; full-shadow = false; };
-          dock = { shadow = false; };
-          dnd = { shadow = false; };
-          popup_menu = { opacity = 1.0; };
-          dropdown_menu = { opacity = 1.0; };
+          normal = {
+            fade = true;
+            shadow = false;
+          };
+          tooltip = {
+            fade = true;
+            shadow = false;
+            opacity = 0.75;
+            focus = true;
+            full-shadow = false;
+          };
+          dock = {
+            shadow = false;
+          };
+          dnd = {
+            shadow = false;
+          };
+          popup_menu = {
+            opacity = 1.0;
+          };
+          dropdown_menu = {
+            opacity = 1.0;
+          };
        };
      };
    };
@@ -241,7 +279,6 @@ let user = "cschmatzler";
    ledger.enable = true;
  };

-
  # Add docker daemon
  virtualisation.docker.enable = true;
  virtualisation.docker.logDriver = "json-file";
@@ -266,7 +303,8 @@ let user = "cschmatzler";
  # Don't require password for users in `wheel` group for these commands
  security.sudo = {
    enable = true;
-    extraRules = [{
+    extraRules = [
+      {
        commands = [
          {
            command = "${pkgs.systemd}/bin/reboot";
@@ -274,7 +312,8 @@ let user = "cschmatzler";
          }
        ];
        groups = [ "wheel" ];
-    }];
+      }
+    ];
  };

  fonts.packages = with pkgs; [
--- a/modules/darwin/casks.nix
+++ b/modules/darwin/casks.nix
@@ -1,2 +1 @@
-_:
-[]
+_: [ ]
--- a/modules/darwin/files.nix
+++ b/modules/darwin/files.nix
@@ -1,2 +1,7 @@
-{ user, config, pkgs, ... }:
+{
+  user,
+  config,
+  pkgs,
+  ...
+}:
 { }
--- a/modules/darwin/home-manager.nix
+++ b/modules/darwin/home-manager.nix
@@ -1,4 +1,10 @@
-{ config, pkgs, lib, home-manager, ... }:
+{
+  config,
+  pkgs,
+  lib,
+  home-manager,
+  ...
+}:

 let
  user = "cschmatzler";
@@ -28,7 +34,14 @@ in

  home-manager = {
    useGlobalPkgs = true;
-    users.${user} = { pkgs, config, lib, ... }:{
+    users.${user} =
+      {
+        pkgs,
+        config,
+        lib,
+        ...
+      }:
+      {
        home = {
          enableNixpkgsReleaseCheck = false;
          packages = pkgs.callPackage ./packages.nix { };
--- a/modules/darwin/packages.nix
+++ b/modules/darwin/packages.nix
@@ -1,8 +1,11 @@
 { pkgs }:

 with pkgs;
-let shared-packages = import ../shared/packages.nix { inherit pkgs; }; in
-shared-packages ++ [
+let
+  shared-packages = import ../shared/packages.nix { inherit pkgs; };
+in
+shared-packages
++ [
  dockutil
  _1password-gui
  raycast
--- a/modules/darwin/secrets.nix
+++ b/modules/darwin/secrets.nix
@@ -1,6 +1,14 @@
-{ config, pkgs, agenix, secrets, ... }:
+{
+  config,
+  pkgs,
+  agenix,
+  secrets,
+  ...
+}:

-let user = "cschmatzler"; in
+let
+  user = "cschmatzler";
+in
 {
  age.identityPaths = [
    "/Users/${user}/.ssh/id_ed25519"
--- a/modules/nixos/files.nix
+++ b/modules/nixos/files.nix
@@ -4,7 +4,8 @@ let
  home = builtins.getEnv "HOME";
  xdg_configHome = "${home}/.config";
  xdg_dataHome = "${home}/.local/share";
-  xdg_stateHome  = "${home}/.local/state"; in
+  xdg_stateHome = "${home}/.local/state";
+in
 {

  "${xdg_configHome}/bspwm/bspwmrc" = {
--- a/modules/nixos/home-manager.nix
+++ b/modules/nixos/home-manager.nix
@@ -1,4 +1,9 @@
-{ config, pkgs, lib, ... }:
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:

 let
  user = "cschmatzler";
@@ -6,13 +11,15 @@ let
  shared-programs = import ../shared/home-manager.nix { inherit config pkgs lib; };
  shared-files = import ../shared/files.nix { inherit config pkgs; };

-  polybar-user_modules = builtins.readFile (pkgs.replaceVars ./config/polybar/user_modules.ini {
+  polybar-user_modules = builtins.readFile (
+    pkgs.replaceVars ./config/polybar/user_modules.ini {
      packages = "${xdg_configHome}/polybar/bin/check-nixos-updates.sh";
      searchpkgs = "${xdg_configHome}/polybar/bin/search-nixos-updates.sh";
      launcher = "${xdg_configHome}/polybar/bin/launcher.sh";
      powermenu = "${xdg_configHome}/rofi/bin/powermenu.sh";
      calendar = "${xdg_configHome}/polybar/bin/popup-calendar.sh";
-  });
+    }
+  );

  polybar-config = pkgs.replaceVars ./config/polybar/config.ini {
    font0 = "DejaVu Sans:size=12;3";
@@ -112,6 +119,8 @@ in
    };
  };

-  programs = shared-programs // { gpg.enable = true; };
+  programs = shared-programs // {
+    gpg.enable = true;
+  };

 }
--- a/modules/nixos/packages.nix
+++ b/modules/nixos/packages.nix
@@ -1,8 +1,11 @@
 { pkgs }:

 with pkgs;
-let shared-packages = import ../shared/packages.nix { inherit pkgs; }; in
-shared-packages ++ [
+let
+  shared-packages = import ../shared/packages.nix { inherit pkgs; };
+in
+shared-packages
++ [

  # Security and authentication
  yubikey-agent
--- a/modules/nixos/secrets.nix
+++ b/modules/nixos/secrets.nix
@@ -1,6 +1,14 @@
-{ config, pkgs, agenix, secrets, ... }:
+{
+  config,
+  pkgs,
+  agenix,
+  secrets,
+  ...
+}:

-let user = "cschmatzler"; in
+let
+  user = "cschmatzler";
+in
 {
  age.identityPaths = [
    "/home/${user}/.ssh/id_ed25519"
--- a/modules/shared/default.nix
+++ b/modules/shared/default.nix
@@ -9,10 +9,14 @@
    };

    overlays =
-      let path = ../../overlays; in with builtins;
-      map (n: import (path + ("/" + n)))
-          (filter (n: match ".*\\.nix" n != null ||
-                      pathExists (path + ("/" + n + "/default.nix")))
-                  (attrNames (readDir path)));
+      let
+        path = ../../overlays;
+      in
+      with builtins;
+      map (n: import (path + ("/" + n))) (
+        filter (n: match ".*\\.nix" n != null || pathExists (path + ("/" + n + "/default.nix"))) (
+          attrNames (readDir path)
+        )
+      );
  };
 }
--- a/modules/shared/files.nix
+++ b/modules/shared/files.nix
@@ -1,2 +1 @@
-{ pkgs, config, ... }:
-{}
+{ pkgs, config, ... }: { }
--- a/modules/shared/home-manager.nix
+++ b/modules/shared/home-manager.nix
@@ -1,8 +1,15 @@
-{ config, pkgs, lib, ... }:
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:

-let name = "Christoph Schmatzler";
+let
+  name = "Christoph Schmatzler";
  user = "cschmatzler";
-    email = "christoph@schmatzler.com"; in
+  email = "christoph@schmatzler.com";
+in
 {
  zsh = {
    enable = true;
@@ -86,23 +93,15 @@ let name = "Christoph Schmatzler";
  ssh = {
    enable = true;
    includes = [
-      (lib.mkIf pkgs.stdenv.hostPlatform.isLinux
-        "/home/${user}/.ssh/config_external"
-      )
-      (lib.mkIf pkgs.stdenv.hostPlatform.isDarwin
-        "/Users/${user}/.ssh/config_external"
-      )
+      (lib.mkIf pkgs.stdenv.hostPlatform.isLinux "/home/${user}/.ssh/config_external")
+      (lib.mkIf pkgs.stdenv.hostPlatform.isDarwin "/Users/${user}/.ssh/config_external")
    ];
    matchBlocks = {
      "github.com" = {
        identitiesOnly = true;
        identityFile = [
-          (lib.mkIf pkgs.stdenv.hostPlatform.isLinux
-            "/home/${user}/.ssh/id_github"
-          )
-          (lib.mkIf pkgs.stdenv.hostPlatform.isDarwin
-            "/Users/${user}/.ssh/id_github"
-          )
+          (lib.mkIf pkgs.stdenv.hostPlatform.isLinux "/home/${user}/.ssh/id_github")
+          (lib.mkIf pkgs.stdenv.hostPlatform.isDarwin "/Users/${user}/.ssh/id_github")
        ];
      };
    };
--- a/modules/shared/packages.nix
+++ b/modules/shared/packages.nix
@@ -1,6 +1,7 @@
 { pkgs }:

-with pkgs; [
+with pkgs;
+[
  age
  age-plugin-yubikey
  bat
--- a/1
+++ b/1
@@ -1 +0,0 @@
-/nix/store/n2fqwnq3a9v4l273ka2hbn1b3c72v6x2-darwin-system-25.11.e04a388
				`@@ -1 +0,0 @@`
				`/nix/store/n2fqwnq3a9v4l273ka2hbn1b3c72v6x2-darwin-system-25.11.e04a388`