From ceda4f179159b0ff062e2e73035d5bdcb29f1b10 Mon Sep 17 00:00:00 2001 From: Grimmauld Date: Wed, 27 Nov 2024 09:47:58 +0100 Subject: [PATCH] add fmt to flake, reduce abstraction layers --- common/hardware/tlp.nix | 2 +- common/printing.nix | 10 +++------- common/tooling/apparmor/default.nix | 3 +-- configuration.nix | 2 -- flake.nix | 9 +++++++++ modules/nextcloud.nix | 2 +- modules/nix_cache.nix | 2 +- modules/prometheus.nix | 2 +- specific/grimm-nixos-laptop/configuration.nix | 4 +++- specific/grimm-nixos-ssd/configuration.nix | 5 ++++- 10 files changed, 24 insertions(+), 17 deletions(-) diff --git a/common/hardware/tlp.nix b/common/hardware/tlp.nix index 67c54de..0a01d25 100644 --- a/common/hardware/tlp.nix +++ b/common/hardware/tlp.nix @@ -23,7 +23,7 @@ let sway ; inherit (config.boot.kernelPackages) x86_energy_perf_policy cpupower; - enable_perf_policy = (elem system x86_energy_perf_policy.meta.platforms); + enable_perf_policy = false; # (elem system x86_energy_perf_policy.meta.platforms); powersave = writeShellScriptBin "powersave-mode" ( concatLines ( diff --git a/common/printing.nix b/common/printing.nix index c2f5c42..916614e 100644 --- a/common/printing.nix +++ b/common/printing.nix @@ -5,12 +5,10 @@ ... }: let - inherit (config.grimmShared) enable printing graphical; + inherit (config.grimmShared) enable graphical; in { - config = lib.mkIf (enable && printing) { - # Enable CUPS to print documents. - services.printing.enable = true; + config = lib.mkIf (enable && config.services.printing.enable) { services.printing.drivers = with pkgs; [ brgenml1lpr brgenml1cupswrapper @@ -20,7 +18,7 @@ in nssmdns4 = true; openFirewall = true; }; - services.printing.cups-pdf.enable = true; + # services.printing.cups-pdf.enable = true; hardware.sane.brscan4.enable = true; # enables support for SANE scanners environment.systemPackages = ( @@ -30,6 +28,4 @@ in ] ); }; - - options.grimmShared.printing = lib.mkEnableOption "Enables print and scan related options"; } diff --git a/common/tooling/apparmor/default.nix b/common/tooling/apparmor/default.nix index 67e7879..c3a1a17 100644 --- a/common/tooling/apparmor/default.nix +++ b/common/tooling/apparmor/default.nix @@ -11,11 +11,10 @@ in { imports = [ ./apparmor-d-module.nix ]; # ./aa-alias-module.nix ]; - config = mkIf (enable && tooling.enable) { + config = mkIf (enable && tooling.enable && config.security.apparmor.enable) { services.dbus.apparmor = "enabled"; security.auditd.enable = true; - security.apparmor.enable = true; security.apparmor.enableCache = true; security.apparmor.includes."tunables/alias.d/programs" = '' diff --git a/configuration.nix b/configuration.nix index 4e45193..531bcea 100644 --- a/configuration.nix +++ b/configuration.nix @@ -18,8 +18,6 @@ nix.package = pkgs.lix; nixpkgs.config.allowUnfree = true; - services.flatpak.enable = true; - grimmShared = { enable = true; locale = true; diff --git a/flake.nix b/flake.nix index 30d8ebd..4f2fd34 100644 --- a/flake.nix +++ b/flake.nix @@ -75,8 +75,17 @@ } // definitions ); + + systems = [ + "x86_64-linux" + "aarch64-linux" + ]; + + forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system); in { + formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style); + nixosConfigurations = { grimmauld-nixos = customNixosSystem "x86_64-linux" { modules = [ diff --git a/modules/nextcloud.nix b/modules/nextcloud.nix index 99cf03b..85f169d 100644 --- a/modules/nextcloud.nix +++ b/modules/nextcloud.nix @@ -47,7 +47,7 @@ in enable = true; https = true; hostName = vhosts.nextcloud_host.host; - package = pkgs.nextcloud29; + package = pkgs.nextcloud30; caching.redis = true; extraApps = { diff --git a/modules/nix_cache.nix b/modules/nix_cache.nix index 0c7be45..43d1e35 100644 --- a/modules/nix_cache.nix +++ b/modules/nix_cache.nix @@ -5,7 +5,7 @@ in { services.harmonia = { enable = true; - signKeyPath = "/var/cache-priv-key.pem"; + signKeyPaths = [ "/var/cache-priv-key.pem" ]; settings.bind = "[::]:${builtins.toString vhosts.nix_cache_host.port}"; }; } diff --git a/modules/prometheus.nix b/modules/prometheus.nix index 5a980c7..32488fe 100644 --- a/modules/prometheus.nix +++ b/modules/prometheus.nix @@ -23,7 +23,7 @@ in in map (v: "127.0.0.1:${builtins.toString v.port}") ( filter (v: (isAttrs v) && v.enable) ( - attrValues (filterAttrs (n: v: n != "minio") config.services.prometheus.exporters) + attrValues (filterAttrs (n: v: n != "minio" && n != "tor") config.services.prometheus.exporters) ) ); } diff --git a/specific/grimm-nixos-laptop/configuration.nix b/specific/grimm-nixos-laptop/configuration.nix index 414d785..9d2c3e4 100644 --- a/specific/grimm-nixos-laptop/configuration.nix +++ b/specific/grimm-nixos-laptop/configuration.nix @@ -14,12 +14,14 @@ networking.hostId = "2ea79333"; boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages; + services.printing.cups-pdf.enable = true; # implies printing enable + # services.printing.enable = true; + grimmShared = { tooling = { pass = true; }; gaming = true; - printing = true; portals = true; sound = { enable = true; diff --git a/specific/grimm-nixos-ssd/configuration.nix b/specific/grimm-nixos-ssd/configuration.nix index 817f73d..642a916 100644 --- a/specific/grimm-nixos-ssd/configuration.nix +++ b/specific/grimm-nixos-ssd/configuration.nix @@ -42,6 +42,10 @@ RUN+="${lib.getExe exitSway}" # ''; + services.printing.cups-pdf.enable = true; # implies printing enable + # services.printing.enable = true; + security.apparmor.enable = true; + # RUN+="${lib.getExe' pkgs.systemd "loginctl"} lock-sessions" # networking.hostId = "2ea79333"; @@ -52,7 +56,6 @@ pass = true; }; gaming = true; - printing = true; portals = true; sound = { enable = true;