hektor/nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor(statix): resolve 'statix check' issues

Browse Source
This commit is contained in:
Hektor Misplon
2026-01-26 10:28:35 +01:00
parent 68eecd01c7
commit b827b518cd
24 changed files with 206 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dots/.config/nvim/flake.nix
View File

@@ -174,7 +174,7 @@
packageDefinitions = { packageDefinitions = {
nvim = nvim =
{ ... }: _:
{ {
settings = { settings = {
suffix-path = true; suffix-path = true;

2
flake.nix
View File

@@ -56,7 +56,7 @@
}@inputs: }@inputs:
let let
inherit (self) outputs; inherit (self) outputs;
lib = inputs.nixpkgs.lib; inherit (inputs.nixpkgs) lib;
utils = import ./utils { inherit lib; }; utils = import ./utils { inherit lib; };
hostDirNames = utils.dirNames ./hosts; hostDirNames = utils.dirNames ./hosts;
system = "x86_64-linux"; system = "x86_64-linux";

8
home/hosts/andromache/default.nix
View File

@@ -27,9 +27,11 @@ in
../../modules/shell ../../modules/shell
]; ];
home.stateVersion = "25.05"; home = {
home.username = username; stateVersion = "25.05";
home.homeDirectory = "/home/${username}"; inherit username;
homeDirectory = "/home/${username}";
};
xdg.userDirs.createDirectories = false; xdg.userDirs.createDirectories = false;
xdg.userDirs.download = "${config.home.homeDirectory}/dl"; xdg.userDirs.download = "${config.home.homeDirectory}/dl";

8
home/hosts/astyanax/default.nix
View File

@@ -23,9 +23,11 @@ in
../../modules/shell ../../modules/shell
]; ];
home.stateVersion = "25.05"; home = {
home.username = username; stateVersion = "25.05";
home.homeDirectory = "/home/${username}"; inherit username;
homeDirectory = "/home/${username}";
};
xdg.userDirs.createDirectories = false; xdg.userDirs.createDirectories = false;
xdg.userDirs.download = "${config.home.homeDirectory}/dl"; xdg.userDirs.download = "${config.home.homeDirectory}/dl";

10
home/hosts/work/default.nix
View File

@@ -45,12 +45,14 @@ in
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
home.stateVersion = "25.05"; home = {
home.username = username; stateVersion = "25.05";
home.homeDirectory = "/home/${username}"; inherit username;
homeDirectory = "/home/${username}";
};
targets.genericLinux.nixGL = { targets.genericLinux.nixGL = {
packages = inputs.nixgl.packages; inherit (inputs.nixgl) packages;
defaultWrapper = "mesa"; defaultWrapper = "mesa";
}; };

2
home/hosts/work/packages.nix
View File

@@ -13,4 +13,4 @@ let
[ ]; [ ];
in in
[ ] ++ localPackages localPackages

2
home/modules/shell/bash.nix
View File

@@ -7,7 +7,7 @@
}: }:
let let
cfg = config.shell.bash; cfg = config.shell.bash;
username = config.home.username; inherit (config.home) username;
in in
{ {
options.shell.bash = { options.shell.bash = {

55
hosts/andromache/default.nix
View File

@@ -27,7 +27,7 @@ in
../../modules/desktops/niri ../../modules/desktops/niri
../../modules/bluetooth ../../modules/bluetooth
../../modules/keyboard ../../modules/keyboard
(import ../../modules/networking { hostName = hostName; }) (import ../../modules/networking { inherit hostName; })
../../modules/users ../../modules/users
../../modules/audio ../../modules/audio
../../modules/localization ../../modules/localization
@@ -93,36 +93,37 @@ in
inputs.nvim.packages.x86_64-linux.nvim inputs.nvim.packages.x86_64-linux.nvim
]; ];
services.xserver = { services = {
videoDrivers = [ "nvidia" ]; xserver = {
}; videoDrivers = [ "nvidia" ];
};
services.openssh = { openssh = {
enable = true; enable = true;
harden = true; harden = true;
}; };
services.syncthing = { syncthing = {
enable = true; enable = true;
openDefaultPorts = true; openDefaultPorts = true;
settings = { settings = {
devices = { devices = {
# "device1" = { # "device1" = {
# id = "DEVICE-ID-GOES-HERE"; # id = "DEVICE-ID-GOES-HERE";
# }; # };
}; };
folders = { folders = {
"/home/${username}/sync" = { "/home/${username}/sync" = {
id = "sync"; id = "sync";
devices = [ ]; devices = [ ];
};
}; };
}; };
}; };
}; locate = {
enable = true;
services.locate = { package = pkgs.plocate;
enable = true; };
package = pkgs.plocate;
}; };
networking = { networking = {
@@ -131,7 +132,7 @@ in
interfaces = { interfaces = {
eno1 = { eno1 = {
wakeOnLan.enable = true; wakeOnLan.enable = true;
macAddress = wolInterfaces.eno1.macAddress; inherit (wolInterfaces.eno1) macAddress;
}; };
}; };
firewall = { firewall = {

28
hosts/andromache/hard.nix
View File

@@ -14,19 +14,21 @@
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ boot = {
"vmd" initrd.availableKernelModules = [
"xhci_pci" "vmd"
"ahci" "xhci_pci"
"nvme" "ahci"
"usbhid" "nvme"
"usb_storage" "usbhid"
"uas" "usb_storage"
"sd_mod" "uas"
]; "sd_mod"
boot.initrd.kernelModules = [ ]; ];
boot.kernelModules = [ "kvm-intel" ]; initrd.kernelModules = [ ];
boot.extraModulePackages = [ ]; kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

2
hosts/astyanax/default.nix
View File

@@ -27,7 +27,7 @@ in
../../modules/desktops/niri ../../modules/desktops/niri
../../modules/bluetooth ../../modules/bluetooth
../../modules/keyboard ../../modules/keyboard
(import ../../modules/networking { hostName = hostName; }) (import ../../modules/networking { inherit hostName; })
../../modules/users ../../modules/users
../../modules/audio ../../modules/audio
../../modules/localization ../../modules/localization

22
hosts/astyanax/hard.nix
View File

@@ -14,16 +14,18 @@
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ boot = {
"xhci_pci" initrd.availableKernelModules = [
"thunderbolt" "xhci_pci"
"nvme" "thunderbolt"
"uas" "nvme"
"sd_mod" "uas"
]; "sd_mod"
boot.initrd.kernelModules = [ ]; ];
boot.kernelModules = [ "kvm-intel" ]; initrd.kernelModules = [ ];
boot.extraModulePackages = [ ]; kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

26
hosts/hecuba/hard.nix
View File

@@ -14,17 +14,21 @@
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
]; ];
boot.initrd.availableKernelModules = [ boot = {
"ahci" initrd = {
"xhci_pci" availableKernelModules = [
"virtio_pci" "ahci"
"virtio_scsi" "xhci_pci"
"sd_mod" "virtio_pci"
"sr_mod" "virtio_scsi"
]; "sd_mod"
boot.initrd.kernelModules = [ ]; "sr_mod"
boot.kernelModules = [ ]; ];
boot.extraModulePackages = [ ]; kernelModules = [ ];
};
kernelModules = [ ];
extraModulePackages = [ ];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

23
hosts/vm/default.nix
View File

@@ -18,7 +18,7 @@ in
./disk.nix ./disk.nix
../../modules/boot/bootloader.nix ../../modules/boot/bootloader.nix
../../modules/keyboard ../../modules/keyboard
(import ../../modules/networking { hostName = hostName; }) (import ../../modules/networking { inherit hostName; })
../../modules/users ../../modules/users
../../modules/audio ../../modules/audio
../../modules/localization ../../modules/localization
@@ -42,9 +42,11 @@ in
environment.systemPackages = [ inputs.nvim.packages.x86_64-linux.nvim ]; environment.systemPackages = [ inputs.nvim.packages.x86_64-linux.nvim ];
disko = { disko = {
devices.disk.main.device = "/dev/vda"; devices.disk.main = {
devices.disk.main.imageName = "nixos-vm"; device = "/dev/vda";
devices.disk.main.imageSize = "32G"; imageName = "nixos-vm";
imageSize = "32G";
};
}; };
virtualisation.vmVariantWithDisko = { virtualisation.vmVariantWithDisko = {
@@ -59,11 +61,12 @@ in
}; };
}; };
services.qemuGuest.enable = true; services = {
services.spice-vdagentd.enable = true; qemuGuest.enable = true;
spice-vdagentd.enable = true;
services.openssh = { openssh = {
enable = true; enable = true;
harden = true; harden = true;
};
}; };
} }

24
hosts/vm/hard.nix
View File

@@ -14,16 +14,20 @@
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
]; ];
boot.initrd.availableKernelModules = [ boot = {
"ahci" initrd = {
"xhci_pci" availableKernelModules = [
"virtio_pci" "ahci"
"sr_mod" "xhci_pci"
"virtio_blk" "virtio_pci"
]; "sr_mod"
boot.initrd.kernelModules = [ ]; "virtio_blk"
boot.kernelModules = [ "kvm-intel" ]; ];
boot.extraModulePackages = [ ]; kernelModules = [ ];
};
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

18
modules/audio/default.nix
View File

@@ -1,13 +1,15 @@
{ ... }: _:
{ {
services.pulseaudio.enable = false;
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services = {
enable = true; pulseaudio.enable = false;
alsa.enable = true; pipewire = {
alsa.support32Bit = true; enable = true;
pulse.enable = true; alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
pulseaudio.extraConfig = "load-module module-switch-on-connect";
}; };
services.pulseaudio.extraConfig = "load-module module-switch-on-connect";
} }

2
modules/boot/bootloader.nix
View File

@@ -1,4 +1,4 @@
{ ... }: _:
{ {
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;

26
modules/common/default.nix
View File

@@ -1,4 +1,9 @@
{ inputs, outputs, dotsPath, ... }: {
inputs,
outputs,
dotsPath,
...
}:
{ {
imports = [ imports = [
@@ -23,15 +28,16 @@
}; };
}; };
nix.optimise = { nix = {
automatic = true; optimise = {
dates = [ "05:00" ]; automatic = true;
}; dates = [ "05:00" ];
};
nix.gc = { gc = {
automatic = true; automatic = true;
dates = "weekly"; dates = "weekly";
options = "--delete-older-than 30d"; options = "--delete-older-than 30d";
};
}; };
system.autoUpgrade = { system.autoUpgrade = {

18
modules/desktops/niri/default.nix
View File

@@ -1,14 +1,16 @@
{ {
programs.niri.enable = true; programs.niri.enable = true;
services.dbus.enable = true; services = {
services.logind.settings.Login = { dbus.enable = true;
HandleLidSwitch = "suspend"; logind.settings.Login = {
IdleAction = "suspend"; HandleLidSwitch = "suspend";
IdleActionSec = 1800; IdleAction = "suspend";
}; IdleActionSec = 1800;
};
services.displayManager.ly = { displayManager.ly = {
enable = true; enable = true;
};
}; };
} }

2
modules/disko/zfs-encrypted-root.nix
View File

@@ -11,7 +11,7 @@
disk = { disk = {
root = { root = {
type = "disk"; type = "disk";
device = config.device; inherit (config) device;
content = { content = {
type = "gpt"; type = "gpt";
partitions = { partitions = {

2
modules/localization/default.nix
View File

@@ -1,4 +1,4 @@
{ ... }: _:
{ {
time.timeZone = "Europe/Brussels"; time.timeZone = "Europe/Brussels";

2
modules/networking/default.nix
View File

@@ -5,7 +5,7 @@
{ {
networking = { networking = {
hostName = hostName; inherit hostName;
wireless.iwd.enable = true; wireless.iwd.enable = true;
networkmanager.wifi.backend = "iwd"; networkmanager.wifi.backend = "iwd";
nftables.enable = true; nftables.enable = true;

90
modules/secrets/default.nix
View File

@@ -34,56 +34,58 @@ in
"opencode_api_key".owner = config.users.users.${cfg.username}.name; "opencode_api_key".owner = config.users.users.${cfg.username}.name;
}; };
templates."taskrc.d/sync" = { templates = {
owner = config.users.users.${cfg.username}.name; "taskrc.d/sync" = {
content = '' owner = config.users.users.${cfg.username}.name;
sync.server.url=${config.sops.placeholder."taskwarrior_sync_server_url"} content = ''
sync.server.client_id=${config.sops.placeholder."taskwarrior_sync_server_client_id"} sync.server.url=${config.sops.placeholder."taskwarrior_sync_server_url"}
sync.encryption_secret=${config.sops.placeholder."taskwarrior_sync_encryption_secret"} sync.server.client_id=${config.sops.placeholder."taskwarrior_sync_server_client_id"}
''; sync.encryption_secret=${config.sops.placeholder."taskwarrior_sync_encryption_secret"}
}; '';
};
templates.".gitconfig.email" = { ".gitconfig.email" = {
owner = config.users.users.${cfg.username}.name; owner = config.users.users.${cfg.username}.name;
path = "/home/${cfg.username}/.gitconfig.email"; path = "/home/${cfg.username}/.gitconfig.email";
content = '' content = ''
[user] [user]
email = ${config.sops.placeholder."email_personal"} email = ${config.sops.placeholder."email_personal"}
''; '';
}; };
templates.".gitconfig.work.email" = { ".gitconfig.work.email" = {
owner = config.users.users.${cfg.username}.name; owner = config.users.users.${cfg.username}.name;
path = "/home/${cfg.username}/.gitconfig.work.email"; path = "/home/${cfg.username}/.gitconfig.work.email";
content = '' content = ''
[user] [user]
email = ${config.sops.placeholder."email_work"} email = ${config.sops.placeholder."email_work"}
''; '';
}; };
templates."hcloud/cli.toml" = { "hcloud/cli.toml" = {
owner = config.users.users.${cfg.username}.name; owner = config.users.users.${cfg.username}.name;
path = "/home/${cfg.username}/.config/hcloud/cli.toml"; path = "/home/${cfg.username}/.config/hcloud/cli.toml";
content = '' content = ''
active_context = "server" active_context = "server"
[[contexts]] [[contexts]]
name = "server" name = "server"
token = "${config.sops.placeholder."hcloud"}" token = "${config.sops.placeholder."hcloud"}"
''; '';
}; };
templates."opencode/auth.json" = { "opencode/auth.json" = {
owner = config.users.users.${cfg.username}.name; owner = config.users.users.${cfg.username}.name;
path = "/home/${cfg.username}/.local/share/opencode/auth.json"; path = "/home/${cfg.username}/.local/share/opencode/auth.json";
content = '' content = ''
{ {
"zai-coding-plan": { "zai-coding-plan": {
"type": "api", "type": "api",
"key": "${config.sops.placeholder."opencode_api_key"}" "key": "${config.sops.placeholder."opencode_api_key"}"
}
} }
} '';
''; };
}; };
}; };
}; };

2
modules/ssh/extract-keys.nix
View File

@@ -1,6 +1,6 @@
{ lib, config, ... }: { lib, config, ... }:
let let
username = config.ssh.username; inherit (config.ssh) username;
in in
{ {
# auto extract SSH keys # auto extract SSH keys

2
modules/x/default.nix
View File

@@ -1,4 +1,4 @@
{ ... }: _:
{ {
services.xserver.windowManager.xmonad = { services.xserver.windowManager.xmonad = {