diff --git a/flake.nix b/flake.nix index 49b208c..57fea38 100644 --- a/flake.nix +++ b/flake.nix @@ -25,11 +25,11 @@ modules = [ ({ modulesPath, ... }: { - imports = [ - agenix.nixosModules.default + imports = [ + agenix.nixosModules.default ./system/containers.nix - ./system/hardware-configuration.nix + ./system/hardware-configuration.nix ./system/nix-configuration.nix ./system/security.nix ./system/services.nix diff --git a/secrets.nix b/secrets.nix index 7c19b8b..6e46e52 100644 --- a/secrets.nix +++ b/secrets.nix @@ -1,13 +1,10 @@ let - james = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7R6FstqVDjVuyKGEUmWolYJ/I/DDxYOQV/zKPkiAth james@eversole.co"; - eve-psr-nix0 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMyaPYK0HcKAjrD1g+FPqPEU9FJ0I6+iKYmQlWKE0zHp root@matri.cx"; + james = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7R6FstqVDjVuyKGEUmWolYJ/I/DDxYOQV/zKPkiAth james@eversole.co"; + eve-psr-nix0 = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMyaPYK0HcKAjrD1g+FPqPEU9FJ0I6+iKYmQlWKE0zHp root@matri.cx"; all = [ james eve-psr-nix0 ]; -in -{ - "secrets/keys.age" = { - publicKeys = all; - }; - "secrets/sezycei.age" = { - publicKeys = all; - }; +in { + "secrets/keys.age" = { publicKeys = all; }; + "secrets/sezycei.age" = { publicKeys = all; }; } diff --git a/system/containers.nix b/system/containers.nix index 76e6204..e64bade 100644 --- a/system/containers.nix +++ b/system/containers.nix @@ -88,7 +88,8 @@ "/etc/localtime:/etc/localtime:ro" "/home/torrent/data:/data" ]; - environmentFiles = [ /home/sezycei/srv/containerdata/transmission/.env ]; + environmentFiles = + [ /home/sezycei/srv/containerdata/transmission/.env ]; extraOptions = [ "--cap-add=NET_ADMIN" "--privileged" ]; }; }; diff --git a/system/nix-configuration.nix b/system/nix-configuration.nix index cf1731e..d22e7d1 100644 --- a/system/nix-configuration.nix +++ b/system/nix-configuration.nix @@ -1,5 +1,4 @@ -{ ... }: -{ +{ ... }: { nix = { buildMachines = [ ]; distributedBuilds = false; diff --git a/system/security.nix b/system/security.nix index 146012f..11a924c 100644 --- a/system/security.nix +++ b/system/security.nix @@ -1,4 +1 @@ -{ ... }: -{ - security.sudo.wheelNeedsPassword = false; -} +{ ... }: { security.sudo.wheelNeedsPassword = false; } diff --git a/system/services.nix b/system/services.nix index 112ba24..e2f9fba 100644 --- a/system/services.nix +++ b/system/services.nix @@ -1,9 +1,6 @@ -{ ... }: -{ +{ ... }: { services = { - openssh = { - enable = true; - }; + openssh = { enable = true; }; hydra = { enable = true; diff --git a/system/system.nix b/system/system.nix index b696de2..69121ff 100644 --- a/system/system.nix +++ b/system/system.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: -{ +{ pkgs, ... }: { boot = { loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; diff --git a/system/virtualisation.nix b/system/virtualisation.nix index f2cbe66..8323d6b 100644 --- a/system/virtualisation.nix +++ b/system/virtualisation.nix @@ -1,8 +1 @@ -{ ... }: -{ - virtualisation = { - oci-containers = { - backend = "podman"; - }; - }; -} +{ ... }: { virtualisation = { oci-containers = { backend = "podman"; }; }; } diff --git a/user/users.nix b/user/users.nix index b68a7f4..9410f65 100644 --- a/user/users.nix +++ b/user/users.nix @@ -1,18 +1,11 @@ -{ config, pkgs, ... }: -{ +{ config, pkgs, ... }: { users.users = { sezycei = { isNormalUser = true; passwordFile = config.age.secrets.sezycei.path; - extraGroups = [ "wheel" ]; - packages = with pkgs; [ - byobu - tmux - stack - ]; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ byobu tmux stack ]; }; - torrent = { - isNormalUser = true; - }; - }; + torrent = { isNormalUser = true; }; + }; }