introduce treefmt-nix

This commit is contained in:
Ingolf Wagner 2024-08-29 08:25:41 +07:00
parent 2bc86a4912
commit 200063fcb1
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
4 changed files with 340 additions and 310 deletions

View file

@ -843,7 +843,8 @@
"retiolum": "retiolum", "retiolum": "retiolum",
"srvos": "srvos", "srvos": "srvos",
"stylix": "stylix", "stylix": "stylix",
"taskshell": "taskshell" "taskshell": "taskshell",
"treefmt-nix": "treefmt-nix_3"
} }
}, },
"sops-nix": { "sops-nix": {
@ -1029,6 +1030,26 @@
"repo": "treefmt-nix", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }
},
"treefmt-nix_3": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1724833132,
"narHash": "sha256-F4djBvyNRAXGusJiNYInqR6zIMI3rvlp6WiKwsRISos=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "3ffd842a5f50f435d3e603312eefa4790db46af5",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

563
flake.nix
View file

@ -58,6 +58,11 @@
srvos.url = "github:nix-community/srvos"; srvos.url = "github:nix-community/srvos";
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
landingpage = { landingpage = {
#url = "git+file:///home/palo/dev/landingpage"; #url = "git+file:///home/palo/dev/landingpage";
url = "github:mrVanDalo/landingpage"; url = "github:mrVanDalo/landingpage";
@ -91,28 +96,30 @@
}; };
outputs = outputs =
inputs@{ self inputs@{
, clan-core self,
, clan-fact-generators clan-core,
, flake-parts clan-fact-generators,
, home-manager flake-parts,
, home-manager-utils home-manager,
, kmonad home-manager-utils,
, landingpage kmonad,
, nixos-anywhere landingpage,
, nixos-hardware nixos-anywhere,
, nixpkgs nixos-hardware,
, nixpkgs-legacy_2211 nixpkgs,
, nixpkgs-legacy_2311 nixpkgs-legacy_2211,
, nixpkgs-legacy_2405 nixpkgs-legacy_2311,
, nixpkgs-unstable-small nixpkgs-legacy_2405,
, permown nixpkgs-unstable-small,
, polygon-art permown,
, private_assets polygon-art,
, retiolum private_assets,
, srvos retiolum,
, stylix srvos,
, taskshell stylix,
taskshell,
treefmt-nix,
}: }:
let let
@ -165,7 +172,10 @@
inherit inputs; inherit inputs;
assets = ./assets; assets = ./assets;
factsGenerator = clan-fact-generators.lib { inherit pkgs; }; factsGenerator = clan-fact-generators.lib { inherit pkgs; };
clanLib = import ./lib/clanlib.nix { inherit (pkgs) lib; machineDir = ./machines; }; clanLib = import ./lib/clanlib.nix {
inherit (pkgs) lib;
machineDir = ./machines;
};
zerotierDeviceName = "ztbn67ogn2"; zerotierDeviceName = "ztbn67ogn2";
components = ./components; components = ./components;
features = ./features; features = ./features;
@ -173,57 +183,63 @@
}; };
clanSetup = clanSetup =
{ name {
, host name,
, modules host,
}: { modules,
}:
{
clan.core.networking.targetHost = lib.mkDefault "root@${host}"; clan.core.networking.targetHost = lib.mkDefault "root@${host}";
nixpkgs.pkgs = meta.pkgs; nixpkgs.pkgs = meta.pkgs;
nixpkgs.hostPlatform = meta.system; nixpkgs.hostPlatform = meta.system;
clan.core.facts.secretStore = "password-store"; clan.core.facts.secretStore = "password-store";
imports = modules ++ defaultModules ++ [ imports =
./machines/${name}/configuration.nix modules
++ defaultModules
++ [
./machines/${name}/configuration.nix
];
};
zerotierControllerModule = {
clan.core.networking.zerotier.controller = {
enable = true;
public = false;
};
};
zerotierModules =
{ pkgs, ... }:
{
imports = [
# this magically adds all my machines in the zero tier network
# and makes the controller accept them.
# will automatic look into `/machines/<name>/facts/zerotier-ip
inputs.clan-core.clanModules.zerotier-static-peers
# Statically configure the host names of machines based on their respective zerotier-ip.
inputs.clan-core.clanModules.static-hosts
# generate ssh host keys with facts
inputs.clan-core.clanModules.sshd
# manual configs
{
clan.static-hosts.topLevelDomain = "bear";
components.network.zerotier.enable = true;
environment.systemPackages = [
clan-core.packages.${pkgs.system}.clan-cli
(pkgs.writers.writeBashBin "zerotier-script-nodeid" ''
sudo ${pkgs.zerotierone}/bin/zerotier-cli info | cut -d " " -f 3
'')
];
}
]; ];
}; };
zerotierControllerModule =
{
clan.core.networking.zerotier.controller = {
enable = true;
public = false;
};
};
zerotierModules = { pkgs, ... }: {
imports = [
# this magically adds all my machines in the zero tier network
# and makes the controller accept them.
# will automatic look into `/machines/<name>/facts/zerotier-ip
inputs.clan-core.clanModules.zerotier-static-peers
# Statically configure the host names of machines based on their respective zerotier-ip.
inputs.clan-core.clanModules.static-hosts
# generate ssh host keys with facts
inputs.clan-core.clanModules.sshd
# manual configs
{
clan.static-hosts.topLevelDomain = "bear";
components.network.zerotier.enable = true;
environment.systemPackages = [
clan-core.packages.${pkgs.system}.clan-cli
(pkgs.writers.writeBashBin "zerotier-script-nodeid" ''
sudo ${pkgs.zerotierone}/bin/zerotier-cli info | cut -d " " -f 3
'')
];
}
];
};
defaultModules = [ defaultModules = [
# make flake inputs accessiable in NixOS # make flake inputs accessiable in NixOS
{ {
@ -231,15 +247,18 @@
_module.args.inputs = self.inputs; _module.args.inputs = self.inputs;
} }
# ssh keys # ssh keys
({ config, ... }: { (
users.users.root.openssh.authorizedKeys.keyFiles = [ { config, ... }:
# master key {
./assets/mrvandalo_rsa.pub users.users.root.openssh.authorizedKeys.keyFiles = [
# backup key # master key
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub" ./assets/mrvandalo_rsa.pub
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub" # backup key
]; "${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub"
}) "${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub"
];
}
)
{ {
# disable emergency mode everywhere, although it might be needed on laptops # disable emergency mode everywhere, although it might be needed on laptops
boot.initrd.systemd.emergencyAccess = false; boot.initrd.systemd.emergencyAccess = false;
@ -250,11 +269,20 @@
systemd.enableEmergencyMode = false; systemd.enableEmergencyMode = false;
} }
# configure nix # configure nix
({ pkgs, lib, clanLib, ... }: (
{
pkgs,
lib,
clanLib,
...
}:
{ {
nix.settings.substituters = [ "http://cache.orbi.wg0" ]; nix.settings.substituters = [ "http://cache.orbi.wg0" ];
nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ]; nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ];
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nix.settings.max-jobs = 1; nix.settings.max-jobs = 1;
# no channesl needed this way # no channesl needed this way
nix.nixPath = [ "nixpkgs=${pkgs.path}" ]; nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
@ -282,7 +310,8 @@
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10; boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10; boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10;
boot.loader.grub.configurationLimit = lib.mkDefault 10; boot.loader.grub.configurationLimit = lib.mkDefault 10;
}) }
)
# My Structure # My Structure
./components ./components
./features ./features
@ -293,210 +322,222 @@
permown.nixosModules.permown permown.nixosModules.permown
kmonad.nixosModules.default kmonad.nixosModules.default
# some default things I always want # some default things I always want
({ pkgs, ... }: { (
boot.tmp.useTmpfs = lib.mkDefault true; { pkgs, ... }:
environment.systemPackages = [ {
pkgs.nixpkgs-fmt boot.tmp.useTmpfs = lib.mkDefault true;
]; environment.systemPackages = [
}) pkgs.nixpkgs-fmt
];
}
)
]; ];
stylixModules = { pkgs, config, ... }: { stylixModules =
imports = [ stylix.nixosModules.stylix ]; { pkgs, config, ... }:
stylix.enable = true; {
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml"; imports = [ stylix.nixosModules.stylix ];
stylix.image = ./assets/wallpaper.png; stylix.enable = true;
stylix.fonts = { stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
serif = { stylix.image = ./assets/wallpaper.png;
package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; }; stylix.fonts = {
name = "Ubuntu"; serif = {
package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
name = "Ubuntu";
};
sansSerif = {
package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
name = "Ubuntu";
};
monospace = {
package = pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; };
name = "JetBrains Mono";
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
sizes.popups = 15;
}; };
sansSerif = {
package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
name = "Ubuntu";
};
monospace = {
package = pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; };
name = "JetBrains Mono";
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
sizes.popups = 15;
}; };
};
homeManagerModules = { pkgs, config, ... }: { homeManagerModules =
imports = [ { pkgs, config, ... }:
home-manager.nixosModules.home-manager {
]; imports = [
home-manager.extraSpecialArgs = { home-manager.nixosModules.home-manager
#inherit private_assets; ];
assets = ./assets; home-manager.extraSpecialArgs = {
#inherit private_assets;
assets = ./assets;
};
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.backupFileExtension = "backup";
home-manager.sharedModules = [
home-manager-utils.hmModule
];
}; };
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.backupFileExtension = "backup";
home-manager.sharedModules = [
home-manager-utils.hmModule
];
};
in in
flake-parts.lib.mkFlake { inherit inputs; } ({ self, pkgs, ... }: { flake-parts.lib.mkFlake { inherit inputs; } (
# We define our own systems below. you can still use this to add system specific outputs to your flake. { self, pkgs, ... }:
# See: https://flake.parts/getting-started {
systems = [ "x86_64-linux" ]; # We define our own systems below. you can still use this to add system specific outputs to your flake.
# See: https://flake.parts/getting-started
systems = [ "x86_64-linux" ];
# import clan-core modules # import clan-core modules
imports = [ imports = [
clan-core.flakeModules.default clan-core.flakeModules.default
]; ./nix/formatter.nix
];
perSystem = { pkgs, ... }: { perSystem =
packages.pkl = pkgs.callPackage ./pkgs/pkl { }; { pkgs, ... }:
}; {
packages.pkl = pkgs.callPackage ./pkgs/pkl { };
# Define your clan
clan = {
# Clan wide settings.
meta.name = "gummybears"; # Ensure to choose a unique name.
specialArgs = meta.specialArgs;
machines = {
cream = clanSetup {
name = "cream";
host = "cream.bear";
modules = [
zerotierModules
nixos-hardware.nixosModules.framework-12th-gen-intel
retiolum.nixosModules.retiolum
private_assets.nixosModules.cream
private_assets.nixosModules.yubikey
homeManagerModules
stylixModules
{ home-manager.users.mainUser.gui.enable = true; }
{
home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root;
}
{
clan.core.machineDescription = "Laptop";
}
];
}; };
cherry = clanSetup { # Define your clan
name = "cherry"; clan = {
host = "cherry.bear"; # Clan wide settings.
modules = [ meta.name = "gummybears"; # Ensure to choose a unique name.
zerotierModules specialArgs = meta.specialArgs;
nixos-hardware.nixosModules.framework-13th-gen-intel
retiolum.nixosModules.retiolum
private_assets.nixosModules.yubikey
private_assets.nixosModules.cherry
homeManagerModules
stylixModules
{ home-manager.users.mainUser.gui.enable = true; }
{
home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root;
}
{
clan.core.machineDescription = "Laptop";
}
];
};
chungus = clanSetup { machines = {
name = "chungus";
host = "chungus.bear";
modules = [
zerotierModules
zerotierControllerModule
homeManagerModules
stylixModules
retiolum.nixosModules.retiolum
private_assets.nixosModules.chungus
{
home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root;
}
{
clan.core.machineDescription = "Home Server";
}
];
};
orbi = clanSetup { cream = clanSetup {
name = "orbi"; name = "cream";
host = "orbi.bear"; host = "cream.bear";
#host = "95.216.66.212"; modules = [
modules = [ zerotierModules
homeManagerModules nixos-hardware.nixosModules.framework-12th-gen-intel
stylixModules retiolum.nixosModules.retiolum
zerotierModules private_assets.nixosModules.cream
srvos.nixosModules.hardware-hetzner-online-intel private_assets.nixosModules.yubikey
#srvos.nixosModules.server homeManagerModules
#srvos.nixosModules.mixins-terminfo stylixModules
{ { home-manager.users.mainUser.gui.enable = true; }
home-manager.users.mainUser = import ./homes/palo; {
home-manager.users.root = import ./homes/root; home-manager.users.mainUser = import ./homes/palo;
} home-manager.users.root = import ./homes/root;
{ }
clan.core.machineDescription = "Internet Server"; {
} clan.core.machineDescription = "Laptop";
]; }
}; ];
};
probe = clanSetup { cherry = clanSetup {
name = "probe"; name = "cherry";
#host = "167.235.205.150"; host = "cherry.bear";
host = "95.217.18.54"; modules = [
modules = [ zerotierModules
homeManagerModules nixos-hardware.nixosModules.framework-13th-gen-intel
stylixModules retiolum.nixosModules.retiolum
srvos.nixosModules.hardware-hetzner-cloud private_assets.nixosModules.yubikey
srvos.nixosModules.server private_assets.nixosModules.cherry
srvos.nixosModules.mixins-terminfo homeManagerModules
#inputs.clan-core.clanModules.sshd stylixModules
{ { home-manager.users.mainUser.gui.enable = true; }
home-manager.users.mainUser = import ./homes/palo; {
home-manager.users.root = import ./homes/root; home-manager.users.mainUser = import ./homes/palo;
} home-manager.users.root = import ./homes/root;
{ }
clan.core.machineDescription = "Dummy Internet Server"; {
} clan.core.machineDescription = "Laptop";
]; }
}; ];
};
chungus = clanSetup {
name = "chungus";
host = "chungus.bear";
modules = [
zerotierModules
zerotierControllerModule
homeManagerModules
stylixModules
retiolum.nixosModules.retiolum
private_assets.nixosModules.chungus
{
home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root;
}
{
clan.core.machineDescription = "Home Server";
}
];
};
orbi = clanSetup {
name = "orbi";
host = "orbi.bear";
#host = "95.216.66.212";
modules = [
homeManagerModules
stylixModules
zerotierModules
srvos.nixosModules.hardware-hetzner-online-intel
#srvos.nixosModules.server
#srvos.nixosModules.mixins-terminfo
{
home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root;
}
{
clan.core.machineDescription = "Internet Server";
}
];
};
probe = clanSetup {
name = "probe";
#host = "167.235.205.150";
host = "95.217.18.54";
modules = [
homeManagerModules
stylixModules
srvos.nixosModules.hardware-hetzner-cloud
srvos.nixosModules.server
srvos.nixosModules.mixins-terminfo
#inputs.clan-core.clanModules.sshd
{
home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root;
}
{
clan.core.machineDescription = "Dummy Internet Server";
}
];
};
usbstick = clanSetup {
name = "usbstick";
#host = "usbstick.bear";
host = "10.100.0.100";
modules = [
homeManagerModules
stylixModules
zerotierModules
{ home-manager.users.mainUser.gui.enable = true; }
{
home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root;
}
{
clan.core.machineDescription = "USB-Stick for Backup";
}
];
};
usbstick = clanSetup {
name = "usbstick";
#host = "usbstick.bear";
host = "10.100.0.100";
modules = [
homeManagerModules
stylixModules
zerotierModules
{ home-manager.users.mainUser.gui.enable = true; }
{
home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root;
}
{
clan.core.machineDescription = "USB-Stick for Backup";
}
];
}; };
}; };
}; }
);
});
} }

16
nix/formatter.nix Normal file
View file

@ -0,0 +1,16 @@
{ inputs, ... }:
{
imports = [ inputs.treefmt-nix.flakeModule ];
perSystem = _: {
treefmt = {
projectRootFile = ".git/config";
programs.nixfmt.enable = true;
programs.terraform.enable = true;
programs.hclfmt.enable = true;
programs.jsonfmt.enable = true;
programs.yamlfmt.enable = true;
programs.black.enable = true;
};
};
}

View file

@ -1,48 +0,0 @@
# One CLI to format the code tree - https://github.com/numtide/treefmt
[formatter.nix]
command = "nixpkgs-fmt"
includes = [ "*.nix"]
[formatter.shell]
command = "shfmt"
options = [
"-i",
"2", # indent 2
"-s", # simplify the code
"-w", # write back to the file
]
includes = ["*.sh"]
excludes = ["scripts/hetzner-dedicated-wipe-and-install-nixos.sh"]
#[formatter.shellcheck]
#command = "shellcheck"
#includes = ["*.sh"]
#excludes = ["./scripts/hetzner-dedicated-wipe-and-install-nixos.sh"]
[formatter.python]
command = "black"
includes = ["*.py"]
[formatter.media]
command = "prettier"
options = ["--write"]
includes = [
"*.json",
"*.md",
"*.yaml",
"*.yml",
]
[formatter.terragrunt]
command = "terragrunt"
options = [ "hclfmt" ]
includes = [ "*.hcl" ]
excludes = [ "*/.terraform" ]
[formatter.terraform]
command = "terraform"
options = [ "fmt" ]
includes = [ "*.tf" ]
excludes = [ "*/.terraform" ]