From b7ca0e002065504e38281a40ceb89c288c35c937 Mon Sep 17 00:00:00 2001 From: Don Harper Date: Thu, 21 Aug 2025 12:33:46 -0500 Subject: [PATCH] formating --- home/work/citrix.nix | 19 +++-- hosts/book/default.nix | 9 ++- hosts/workstation/default.nix | 146 +++++++++++++++++++--------------- 3 files changed, 103 insertions(+), 71 deletions(-) diff --git a/home/work/citrix.nix b/home/work/citrix.nix index 66f0316..5966ac0 100644 --- a/home/work/citrix.nix +++ b/home/work/citrix.nix @@ -1,10 +1,19 @@ -{ lib, config, pkgs, inputs, outputs, home-manager, ... }: -with lib; -let cfg = config.roles.citrix; +{ + lib, + config, + pkgs, + inputs, + outputs, + home-manager, + ... +}: +with lib; let + cfg = config.roles.citrix; in { - options.roles.citrix = { enable = lib.mkEnableOption "citrix tools"; }; + options.roles.citrix = {enable = lib.mkEnableOption "citrix tools";}; config = mkIf cfg.enable { - home-manager.users.don.home.packages = with pkgs; [ citrix_workspace ]; + home-manager.users.don.home.packages = with pkgs; [citrix_workspace]; + nixpkgs.config.permittedInsecurePackages = ["libsoup-2.74.3"]; # home-manager.users.don.home.packages = with pkgs; # [ citrix_workspace_24_11_0 ]; home-manager.users.don.home.file."ICAClient" = { diff --git a/hosts/book/default.nix b/hosts/book/default.nix index 9821ac4..41e3fb2 100644 --- a/hosts/book/default.nix +++ b/hosts/book/default.nix @@ -1,4 +1,11 @@ -{ inputs, outputs, lib, config, pkgs, ... }: { +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { imports = [ inputs.nixos-hardware.nixosModules.google-pixelbook ./hardware-configuration.nix diff --git a/hosts/workstation/default.nix b/hosts/workstation/default.nix index 2dd4aeb..a084f70 100644 --- a/hosts/workstation/default.nix +++ b/hosts/workstation/default.nix @@ -1,5 +1,11 @@ -{ inputs, outputs, lib, config, pkgs, ... }: -let +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: let my-python-packages = python-packages: with python-packages; [ # pipx @@ -15,10 +21,10 @@ let in { nix = { settings = { - experimental-features = [ "nix-command" "flakes" ]; + # experimental-features = ["nix-command" "flakes"]; warn-dirty = false; auto-optimise-store = true; - trusted-users = [ "root" "don" ]; + trusted-users = ["root" "don"]; }; gc = { automatic = true; @@ -50,23 +56,26 @@ in { networking = { networkmanager.enable = true; enableIPv6 = true; - networkmanager = { wifi = { powersave = true; }; }; + networkmanager = {wifi = {powersave = true;};}; useDHCP = false; firewall = { enable = true; - trustedInterfaces = - [ "tailscale0" ]; # always allow traffic from your Tailscale network + trustedInterfaces = ["tailscale0"]; # always allow traffic from your Tailscale network checkReversePath = "loose"; - allowedUDPPorts = [ config.services.tailscale.port ]; - allowedTCPPortRanges = [{ - from = 1714; - to = 1764; - }]; - allowedUDPPortRanges = [{ - from = 1714; - to = 1764; - }]; - allowedTCPPorts = [ 22 ]; + allowedUDPPorts = [config.services.tailscale.port]; + allowedTCPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + allowedUDPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + allowedTCPPorts = [22]; }; }; @@ -82,7 +91,7 @@ in { inputMethod = { enable = true; type = "fcitx5"; - fcitx5.addons = with pkgs; [ fcitx5-mozc fcitx5-gtk ]; + fcitx5.addons = with pkgs; [fcitx5-mozc fcitx5-gtk]; }; }; @@ -90,33 +99,38 @@ in { boot = { # kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_zen; - kernelParams = [ "consoleblank=60" "mem_sleep_default=deep" ]; + kernelParams = ["consoleblank=60" "mem_sleep_default=deep"]; # extraModulePackages = [config.boot.kernelPackages.ddcci-driver]; # kernelModules = ["i2c-dev" "ddcci_backlight"]; - loader = if (pkgs.hostPlatform != lib.mkDefault "aarch64-linux") then { - systemd-boot = { enable = true; }; - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; + loader = + if (pkgs.hostPlatform != lib.mkDefault "aarch64-linux") + then { + systemd-boot = {enable = true;}; + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot"; + }; + } + else { + grub.enable = false; + generic-extlinux-compatible.enable = true; }; - } else { - grub.enable = false; - generic-extlinux-compatible.enable = true; - }; - plymouth = { enable = true; }; - kernel = { sysctl = { "vm.swappiness" = 10; }; }; + plymouth = {enable = true;}; + kernel = {sysctl = {"vm.swappiness" = 10;};}; }; security = { - polkit = { enable = true; }; + polkit = {enable = true;}; sudo.enable = false; doas = { enable = true; - extraRules = [{ - users = [ "don" ]; - keepEnv = true; - noPass = true; - }]; + extraRules = [ + { + users = ["don"]; + keepEnv = true; + noPass = true; + } + ]; }; }; @@ -133,10 +147,10 @@ in { userServices = true; }; }; - bpftune = { enable = true; }; - flatpak = { enable = true; }; - fstrim = { enable = true; }; - fwupd = { enable = true; }; + bpftune = {enable = true;}; + flatpak = {enable = true;}; + fstrim = {enable = true;}; + fwupd = {enable = true;}; locate = { enable = true; package = pkgs.mlocate; @@ -145,7 +159,7 @@ in { lidSwitchExternalPower = "ignore"; lidSwitchDocked = "ignore"; }; - nscd = { enableNsncd = true; }; + nscd = {enableNsncd = true;}; openssh = { enable = true; settings = { @@ -153,34 +167,34 @@ in { KbdInteractiveAuthentication = false; }; }; - pcscd = { enable = true; }; + pcscd = {enable = true;}; pipewire = { enable = true; alsa = { enable = true; support32Bit = true; }; - pulse = { enable = true; }; + pulse = {enable = true;}; }; printing = { enable = true; - drivers = [ pkgs.hplipWithPlugin ]; + drivers = [pkgs.hplipWithPlugin]; }; - pulseaudio = { enable = false; }; - tailscale = { enable = true; }; + pulseaudio = {enable = false;}; + tailscale = {enable = true;}; udev = { extraRules = '' ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ENV{ID_FS_TYPE}=="ext4", ATTR{../queue/scheduler}="none" ''; }; - udisks2 = { enable = true; }; + udisks2 = {enable = true;}; }; hardware = { - bluetooth = { enable = true; }; + bluetooth = {enable = true;}; sane = { enable = true; - extraBackends = [ pkgs.sane-airscan ]; - disabledDefaultBackends = [ "escl" "v4l" ]; + extraBackends = [pkgs.sane-airscan]; + disabledDefaultBackends = ["escl" "v4l"]; }; }; security.rtkit.enable = true; @@ -207,8 +221,7 @@ in { isNormalUser = true; initialPassword = "changeme"; description = "Don Harper"; - extraGroups = - [ "networkmanager" "wheel" "scanner" "lp" "video" "mlocate" "disk" ]; + extraGroups = ["networkmanager" "wheel" "scanner" "lp" "video" "mlocate" "disk"]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINd8AdVbQQ/Fmw+b9mI8EMYqIoRkwmSwAOtmlte3incL don@loki" ]; @@ -223,10 +236,14 @@ in { }; # Allow unfree packages - nixpkgs.config.allowUnfree = true; - nixpkgs.config.allowUnfreePredicate = true; - nixpkgs.config.permittedInsecurePackages = - [ "libxml2-2.13.8" "libsoup-2.74.3" ]; + nixpkgs = { + config = { + allowUnfree = true; + allowUnfreePredicate = true; + permittedInsecurePackages = ["libsoup-2.74.3"]; + allowInsecurePredicate = pkg: builtins.elem (lib.getName pkg) ["broadcom-sta"]; + }; + }; fonts.packages = with pkgs; [ anonymousPro @@ -297,10 +314,10 @@ in { ]; programs = { - dconf = { enable = true; }; - light = { enable = true; }; - mtr = { enable = true; }; - kdeconnect = { enable = true; }; + dconf = {enable = true;}; + light = {enable = true;}; + mtr = {enable = true;}; + kdeconnect = {enable = true;}; gnupg = { agent = { enable = true; @@ -312,14 +329,14 @@ in { nixpkgs.overlays = [ (final: prev: { - qutebrowser = prev.qutebrowser.override { enableWideVine = true; }; + qutebrowser = prev.qutebrowser.override {enableWideVine = true;}; }) (final: super: { - khal = super.khal.overridePythonAttrs (_: { doCheck = false; }); + khal = super.khal.overridePythonAttrs (_: {doCheck = false;}); }) ]; - nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; + nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -350,6 +367,5 @@ in { "x-scheme-handler/about" = "org.qutebrowser.qutebrowser.desktop"; "x-scheme-handler/unknown" = "org.qutebrowser.qutebrowser.desktop"; }; - environment.sessionVariables.DEFAULT_BROWSER = - "${pkgs.qutebrowser}/bin/qutebrowser"; + environment.sessionVariables.DEFAULT_BROWSER = "${pkgs.qutebrowser}/bin/qutebrowser"; }