autoformat nix files

change formatter alejandra -> nixfmt
reformat whole project

flake.nix

@@ -5,7 +5,8 @@
     nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
     nur.url = "github:nix-community/NUR";
     home-manager = {
-      url = "https://github.com/nix-community/home-manager/archive/release-23.05.tar.gz";
+      url =
+        "https://github.com/nix-community/home-manager/archive/release-23.05.tar.gz";
       inputs.nixpkgs.follows = "nixpkgs";
     };
     homeage = {
@@ -20,16 +21,9 @@
     nixos-hardware.url = "github:NixOS/nixos-hardware/master";
   };
 
-  outputs = {
+  outputs =
-    nixpkgs,
+    { nixpkgs, home-manager, homeage, agenix, nur, nixos-hardware, ... }: {
-    home-manager,
+      formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt;
-    homeage,
-    agenix,
-    nur,
-    nixos-hardware,
-    ...
-  }: {
-    formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra;
 
       nixosConfigurations.pim = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
@@ -43,10 +37,7 @@
             home-manager.useGlobalPkgs = true;
             home-manager.useUserPackages = true;
             home-manager.users.pim = {
-            imports = [
+              imports = [ ./home-manager homeage.homeManagerModules.homeage ];
-              ./home-manager
-              homeage.homeManagerModules.homeage
-            ];
             };
           }
         ];

home-manager/default.nix

@@ -1,9 +1,4 @@
-{
+{ pkgs, lib, config, ... }: {
-  pkgs,
-  lib,
-  config,
-  ...
-}: {
   imports = [
     ./bash
     ./neovim
@@ -51,7 +46,8 @@
           background_color = "#282828";
           cursor_color = "#7c6f64";
           foreground_color = "#ebdbb2";
-          palette = "#181818:#cc241d:#98971a:#d79921:#458588:#b16286:#689d6a:#a89984:#928374:#fb4934:#b8bb26:#fabd2f:#83a598:#d3869b:#8ec07c:#ebdbb2";
+          palette =
+            "#181818:#cc241d:#98971a:#d79921:#458588:#b16286:#689d6a:#a89984:#928374:#fb4934:#b8bb26:#fabd2f:#83a598:#d3869b:#8ec07c:#ebdbb2";
         };
 
         keybindings = {
@@ -78,9 +74,7 @@
   };
 
   # Let home-manager manage the X session
-  xsession = {
+  xsession = { enable = true; };
-    enable = true;
-  };
 
   xdg.userDirs.enable = true;
 

home-manager/firefox/addons.nix

@@ -1,4 +1,5 @@
-pkgs: lib: let
+pkgs: lib:
+let
   rycee-addons = pkgs.nur.repos.rycee.firefox-addons;
   custom-addons = import ./custom-addons.nix pkgs lib;
 in {
@@ -16,11 +17,7 @@ in {
       boring-rss
       # rycee.bypass-paywalls-clean
     ])
-    (with custom-addons; [
+    (with custom-addons; [ http-version-indicator indicatetls sixindicator ])
-      http-version-indicator
-      indicatetls
-      sixindicator
-    ])
   ];
   sue = with rycee-addons; [
     ublock-origin

home-manager/firefox/custom-addons.nix

@@ -1,15 +1,8 @@
-pkgs: lib: let
+pkgs: lib:
+let
   # Stolen from: https://github.com/nix-community/nur-combined/blob/master/repos/rycee/pkgs/firefox-addons/default.nix
-  buildFirefoxXpiAddon = lib.makeOverridable ({
+  buildFirefoxXpiAddon = lib.makeOverridable ({ stdenv ? pkgs.stdenv
-    stdenv ? pkgs.stdenv,
+    , fetchurl ? pkgs.fetchurl, pname, version, addonId, url, sha256, meta, ...
-    fetchurl ? pkgs.fetchurl,
-    pname,
-    version,
-    addonId,
-    url,
-    sha256,
-    meta,
-    ...
     }:
     stdenv.mkDerivation {
       name = "${pname}-${version}";
@@ -32,11 +25,13 @@ in {
     pname = "http-version-indicator";
     version = "3.2.1";
     addonId = "spdyindicator@chengsun.github.com";
-    url = "https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
+    url =
+      "https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
     sha256 = "be9518017334ce502a1da514542c2ca4f974217d0c8e6c7c31d518aba57c09a8";
     meta = with lib; {
       homepage = "https://github.com/bsiegel/http-version-indicator";
-      description = "An indicator showing the HTTP version used to load the page in the address bar.";
+      description =
+        "An indicator showing the HTTP version used to load the page in the address bar.";
       mozPermissions = [ "<all_urls>" "tabs" "webNavigation" "webRequest" ];
       platforms = platforms.all;
     };
@@ -45,11 +40,13 @@ in {
     pname = "indicatetls";
     version = "0.3.0";
     addonId = "{252ee273-8c8d-4609-b54d-62ae345be0a1}";
-    url = "https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
+    url =
+      "https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
     sha256 = "7a3b7edb1085f7b15d279c1013fac1d68f5247cfd6312d5275cb053e24a79465";
     meta = with lib; {
       homepage = "https://github.com/jannispinter/indicatetls";
-      description = "Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
+      description =
+        "Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
       license = licenses.mpl20;
       mozPermissions = [
         "tabs"
@@ -66,11 +63,13 @@ in {
     pname = "sixindicator";
     version = "1.3.0";
     addonId = "{8c9cad02-c069-4e93-909d-d874da819c49}";
-    url = "https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
+    url =
+      "https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
     sha256 = "415ab83ed4ac94d1efe114752a09df29536d1bd54cc9b7e5ce5d9ee55a84226d";
     meta = with lib; {
       homepage = "https://github.com/HostedDinner/SixIndicator";
-      description = "Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
+      description =
+        "Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
       license = licenses.mit;
       mozPermissions = [ "tabs" "webRequest" "<all_urls>" ];
       platforms = platforms.all;
@@ -80,7 +79,8 @@ in {
     pname = "simple-style-fox-2";
     version = "10.0";
     addonId = "{317526c6-ff2b-49c9-822e-d77b4a3da1d1}";
-    url = "https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
+    url =
+      "https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
     sha256 = "1aaac3ba08d21086d7087015f92a27661940df45a97bf5680588c883f799a97d";
     meta = with lib; {
       description = "Simple style fox 2";

home-manager/firefox/default.nix

@@ -1,8 +1,5 @@
-{
+{ pkgs, lib, ... }:
-  pkgs,
+let
-  lib,
-  ...
-}: let
   firefoxAddons = import ./addons.nix pkgs lib;
   firefoxSettings = {
     "browser.aboutConfig.showWarning" = false;

home-manager/git/default.nix

@@ -9,12 +9,10 @@
         commit.verbose = true;
         pull.rebase = true;
       };
-      includes = [
+      includes = [{
-        {
         path = "~/git/suecode/.gitconfig";
         condition = "gitdir:~/git/suecode/**";
-        }
+      }];
-      ];
     };
   };
 }

home-manager/keepassxc/default.nix

@@ -1,8 +1,4 @@
-{
+{ pkgs, config, ... }: {
-  pkgs,
-  config,
-  ...
-}: {
   config = {
     home.packages = [ pkgs.keepassxc ];
     homeage.file."keepassxc.ini" = {

home-manager/neovim/default.nix

@@ -16,6 +16,7 @@
         terraform-ls
         luaformatter
         efm-langserver
+        nixfmt
       ];
 
       plugins = with pkgs.vimPlugins; [
@@ -44,7 +45,7 @@
         {
           plugin = gitsigns-nvim;
           type = "lua";
-          config = "require(\"gitsigns\").setup()";
+          config = ''require("gitsigns").setup()'';
         }
         {
           plugin = nvim-cmp;

home-manager/neovim/lspconfig.lua

@@ -46,10 +46,14 @@ require'lspconfig'.terraformls.setup {
     capabilities = capabilities
 }
 
-local luaformat = {formatCommand = "lua-format -i", formatStdin = true}
 require'lspconfig'.efm.setup {
     on_attach = require("lsp-format").on_attach,
     init_options = {documentFormatting = true},
-    settings = {languages = {lua = {luaformat}}},
+    settings = {
-    filetypes = {"lua"}
+        languages = {
+            lua = {{formatCommand = "lua-format -i", formatStdin = true}},
+            nix = {{formatCommand = "nixfmt", formatStdin = true}}
+        }
+    },
+    filetypes = {"lua", "nix"}
 }

home-manager/ssh/default.nix

@@ -1,8 +1,4 @@
-{
+{ config, lib, ... }: {
-  config,
-  lib,
-  ...
-}: {
   config = {
     programs.ssh = {
       enable = true;
@@ -14,27 +10,15 @@
           user = "pizzapim";
           identitiesOnly = true;
         };
-        lewis = lib.hm.dag.entryBefore ["*"] {
+        lewis = lib.hm.dag.entryBefore [ "*" ] { hostname = "lewis.hyp"; };
-          hostname = "lewis.hyp";
+        atlas = lib.hm.dag.entryBefore [ "*" ] { hostname = "atlas.hyp"; };
-        };
+        jefke = lib.hm.dag.entryBefore [ "*" ] { hostname = "jefke.hyp"; };
-        atlas = lib.hm.dag.entryBefore ["*"] {
+        hermes = lib.hm.dag.entryBefore [ "*" ] { hostname = "hermes.dmz"; };
-          hostname = "atlas.hyp";
+        maestro = lib.hm.dag.entryBefore [ "*" ] { hostname = "maestro.dmz"; };
-        };
+        bancomart =
-        jefke = lib.hm.dag.entryBefore ["*"] {
+          lib.hm.dag.entryBefore [ "*" ] { hostname = "bancomart.dmz"; };
-          hostname = "jefke.hyp";
+        handjecontantje =
-        };
+          lib.hm.dag.entryBefore [ "*" ] { hostname = "handjecontantje.dmz"; };
-        hermes = lib.hm.dag.entryBefore ["*"] {
-          hostname = "hermes.dmz";
-        };
-        maestro = lib.hm.dag.entryBefore ["*"] {
-          hostname = "maestro.dmz";
-        };
-        bancomart = lib.hm.dag.entryBefore ["*"] {
-          hostname = "bancomart.dmz";
-        };
-        handjecontantje = lib.hm.dag.entryBefore ["*"] {
-          hostname = "handjecontantje.dmz";
-        };
       };
     };
 

home-manager/thunderbird/default.nix

@@ -2,9 +2,7 @@
   config = {
     programs.thunderbird = {
       enable = true;
-      profiles.default = {
+      profiles.default = { isDefault = true; };
-        isDefault = true;
-      };
     };
   };
 }

nixos/default.nix

@@ -1,16 +1,7 @@
-{
+{ pkgs, config, lib, ... }: {
-  pkgs,
+  imports = [ ./hardware-configuration.nix ];
-  config,
-  lib,
-  ...
-}: {
-  imports = [
-    ./hardware-configuration.nix
-  ];
 
-  boot = {
+  boot = { loader.systemd-boot.enable = true; };
-    loader.systemd-boot.enable = true;
-  };
 
   time.timeZone = "Europe/Amsterdam";
   i18n.defaultLocale = "en_US.UTF-8";
@@ -20,9 +11,7 @@
   services = {
     xserver = {
       enable = true;
-      displayManager.gdm = {
+      displayManager.gdm = { enable = true; };
-        enable = true;
-      };
       desktopManager.gnome.enable = true;
       excludePackages = with pkgs; [ xterm ];
     };
@@ -50,16 +39,7 @@
   };
 
   environment = {
-    systemPackages = with pkgs; [
+    systemPackages = with pkgs; [ wget curl git btop ripgrep vim dogdns tree ];
-      wget
-      curl
-      git
-      btop
-      ripgrep
-      vim
-      dogdns
-      tree
-    ];
     gnome.excludePackages = with pkgs; [
       gnome.totem
       gnome-tour
@@ -78,13 +58,15 @@
     knownHosts = {
       dmz = {
         hostNames = [ "*.dmz" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAX2IhgHNxC6JTvLu9cej+iWuG+uJFMXn4AiRro9533x";
+        publicKey =
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAX2IhgHNxC6JTvLu9cej+iWuG+uJFMXn4AiRro9533x";
         certAuthority = true;
       };
 
       hypervisors = {
         hostNames = [ "*.hyp" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzRkH3d/KVJQouswY/DMpenWbDFVOnI3Vut0xR0e1tb";
+        publicKey =
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzRkH3d/KVJQouswY/DMpenWbDFVOnI3Vut0xR0e1tb";
         certAuthority = true;
       };
     };
@@ -113,7 +95,8 @@
 
     secrets = {
       wg-quick-home-privkey.file = ../secrets/wg-quick-home-privkey.age;
-      wg-quick-home-preshared-key.file = ../secrets/wg-quick-home-preshared-key.age;
+      wg-quick-home-preshared-key.file =
+        ../secrets/wg-quick-home-preshared-key.age;
     };
   };
 
@@ -122,22 +105,14 @@
 
     wg-quick.interfaces.home = {
       privateKeyFile = config.age.secrets.wg-quick-home-privkey.path;
-      address = [
+      address = [ "10.225.191.4/24" "fd11:5ee:bad:c0de::4/64" ];
-        "10.225.191.4/24"
-        "fd11:5ee:bad:c0de::4/64"
-      ];
       dns = [ "192.168.30.8" ];
-      peers = [
+      peers = [{
-        {
         presharedKeyFile = config.age.secrets.wg-quick-home-preshared-key.path;
         endpoint = "84.245.14.149:51820";
         publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
-          allowedIPs = [
+        allowedIPs = [ "0.0.0.0/0" "::0/0" ];
-            "0.0.0.0/0"
+      }];
-            "::0/0"
-          ];
-        }
-      ];
     };
   };
 

nixos/hardware-configuration.nix

@@ -1,18 +1,11 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{
+{ config, lib, pkgs, modulesPath, ... }: {
-  config,
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}: {
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
 
-  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc"];
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
@@ -22,16 +15,16 @@
     fsType = "ext4";
   };
 
-  boot.initrd.luks.devices."luks-cd1139a7-0c1b-4459-b586-29b577825ee9".device = "/dev/disk/by-uuid/cd1139a7-0c1b-4459-b586-29b577825ee9";
+  boot.initrd.luks.devices."luks-cd1139a7-0c1b-4459-b586-29b577825ee9".device =
+    "/dev/disk/by-uuid/cd1139a7-0c1b-4459-b586-29b577825ee9";
 
   fileSystems."/boot" = {
     device = "/dev/disk/by-uuid/87DA-B083";
     fsType = "vfat";
   };
 
-  swapDevices = [
+  swapDevices =
-    {device = "/dev/disk/by-uuid/908399cd-2f4f-4555-8805-80c9faf190aa";}
+    [{ device = "/dev/disk/by-uuid/908399cd-2f4f-4555-8805-80c9faf190aa"; }];
-  ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
@@ -43,5 +36,6 @@
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

secrets/secrets.nix

@@ -1,8 +1,10 @@
 let
   pkgs = import <nixpkgs> { };
-  publicKeysURL = "https://git.kun.is/pim.keys"; # https://github.com/pizzapim.keys
+  publicKeysURL =
+    "https://git.kun.is/pim.keys"; # https://github.com/pizzapim.keys
   publicKeysFile = builtins.fetchurl { url = publicKeysURL; };
-  publicKeys = pkgs.lib.strings.splitString "\n" (pkgs.lib.strings.fileContents publicKeysFile);
+  publicKeys = pkgs.lib.strings.splitString "\n"
+    (pkgs.lib.strings.fileContents publicKeysFile);
 in {
   "wg-quick-home-privkey.age".publicKeys = publicKeys;
   "wg-quick-home-preshared-key.age".publicKeys = publicKeys;
@@ -13,5 +15,6 @@ in {
   "common-pg-tfbackend.age".publicKeys = publicKeys;
   "ansible-vault-secret.age".publicKeys = publicKeys;
   "powerdns-api-key.json.age".publicKeys = publicKeys;
-  "keepassxc.ini.age".publicKeys = publicKeys; # Secret agent causes private keys in config file.
+  "keepassxc.ini.age".publicKeys =
+    publicKeys; # Secret agent causes private keys in config file.
 }