run deadnix on nixfiles

2022-12-04 16:10:00 +00:00 · 2022-12-04 16:10:00 +00:00 · ce7165e391
parent 6f5832750a
commit ce7165e391
49 changed files with 41 additions and 228 deletions
--- a/extras/shenanigans-hotspot.nix
+++ b/extras/shenanigans-hotspot.nix
@ -3,7 +3,6 @@
  pkgs,
  nixpkgs,
  config,
  tree,
  ...
 }: let
  wifiInterface = "shenanigans0";
@ -50,7 +49,7 @@ in {
  ];
  systemd.services.wifi-relay = let
-    inherit (pkgs) iptables gnugrep;
+    inherit (pkgs) iptables;
  in {
    description = "iptables rules for wifi-relay";
    after = ["dhcpd4.service"];
--- a/home/gui/environments/sway/sway.nix
+++ b/home/gui/environments/sway/sway.nix
@ -45,7 +45,6 @@
      menu = "${pkgs.rofi}/bin/rofi -show run";
      cfg = config.wayland.windowManager.sway.config;
      pactl = "${pkgs.pulseaudio}/bin/pactl";
      pacmd = "${pkgs.pulseaudio}/bin/pacmd";
    in {
      bars = [
        {
--- a/home/home-folders.nix
+++ b/home/home-folders.nix
@ -1,8 +1,4 @@
-{
+{config, ...}: {
  config,
  lib,
  ...
 }: {
  systemd.user.tmpfiles.rules = map (dir: "d ${config.home.homeDirectory}/${dir} - ${config.home.username} users") [
    "Projects"
    "Temp"
--- a/home/programming/editors/vscode.nix
+++ b/home/programming/editors/vscode.nix
@ -1,9 +1,4 @@
-{
+{nixosConfig, ...}: let
  config,
  nixosConfig,
  pkgs,
  ...
 }: let
  font-size =
    if nixosConfig.networking.hostName == "tablet"
    then 18
--- a/hosts/darwin.nix
+++ b/hosts/darwin.nix
@ -1,5 +1,4 @@
 {
  self,
  nixpkgs-unstable,
  nix-darwin-unstable,
  tree,
--- a/hosts/hetzner-vm/hetzner-vm.nix
+++ b/hosts/hetzner-vm/hetzner-vm.nix
@ -1,11 +1,4 @@
-{
+{tree, ...}: {
  modulesPath,
  tree,
  config,
  pkgs,
  lib,
  ...
 }: {
  imports = with tree; [
    users.root
--- a/hosts/hetzner-vm/modules/mailserver/default.nix
+++ b/hosts/hetzner-vm/modules/mailserver/default.nix
@ -50,11 +50,7 @@ in {
    accounts = mkOption {
      # where name = email for login
-      type = types.attrsOf (types.submodule ({
+      type = types.attrsOf (types.submodule ({name, ...}: {
        config,
        name,
        ...
      }: {
        options = {
          name = mkOption {
            type = types.str;
--- a/hosts/hetzner-vm/modules/mailserver/dovecot.nix
+++ b/hosts/hetzner-vm/modules/mailserver/dovecot.nix
@ -11,18 +11,7 @@
  passwdDir = "/run/dovecot2";
  passwdFile = "${passwdDir}/passwd";
  bool2int = x:
    if x
    then "1"
    else "0";
  postfixCfg = config.services.postfix;
  dovecot2Cfg = config.services.dovecot2;
  stateDir = "/var/lib/dovecot";
  passwordFiles =
    lib.mapAttrs (name: value: value.passwordFile) mail_config.accounts;
  genPasswdScript = pkgs.writeScript "generate-password-file" ''
    #!${pkgs.stdenv.shell}
@ -36,7 +25,7 @@
    for f in ${
      builtins.toString
-      (lib.mapAttrsToList (name: value: value.passwordFile)
+      (lib.mapAttrsToList (_: value: value.passwordFile)
        mail_config.accounts)
    }; do
      if [ ! -f "$f" ]; then
--- a/hosts/hetzner-vm/modules/mailserver/firewall.nix
+++ b/hosts/hetzner-vm/modules/mailserver/firewall.nix
@ -5,7 +5,7 @@
 }: let
  mail_config = config.mailserver;
 in {
-  config = lib.mkIf config.mailserver.enable {
+  config = lib.mkIf mail_config.enable {
    networking.firewall = {
      allowedTCPPorts = [
        # SMTP
--- a/hosts/hetzner-vm/modules/mailserver/postfix.nix
+++ b/hosts/hetzner-vm/modules/mailserver/postfix.nix
@ -14,13 +14,10 @@
    /^Message-ID:\s+<(.*?)@.*?>/ REPLACE Message-ID: <$1@${mail_config.fqdn}>
  '';
  inetSocket = addr: port: "inet:[${toString port}@${addr}]";
  unixSocket = sock: "unix:${sock}";
  # Merge several lookup tables. A lookup table is a attribute set where
  # - the key is an address (user@example.com) or a domain (@example.com)
  # - the value is a list of addresses
-  mergeLookupTables = tables: lib.zipAttrsWith (n: v: lib.flatten v) tables;
+  mergeLookupTables = tables: lib.zipAttrsWith (_: v: lib.flatten v) tables;
  # valiases_postfix :: Map String [String]
  valiases_postfix = mergeLookupTables (lib.flatten (lib.mapAttrsToList
@ -80,7 +77,9 @@ in {
      partOf = ["postfix.service"];
      before = ["postfix-setup.service"];
      script = ''
-        cat ${aliases_accounts_file} ${mail_config.extra_aliases_file} > /run/postfix_extra_aliases
+        cat ${aliases_accounts_file} > /run/postfix_extra_aliases
        echo >> /run/postfix_extra_aliases
        cat ${mail_config.extra_aliases_file} >> /run/postfix_extra_aliases
      '';
    };
--- a/hosts/hetzner-vm/modules/piped/default.nix
+++ b/hosts/hetzner-vm/modules/piped/default.nix
@ -1,7 +1,6 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib; let
--- a/hosts/hetzner-vm/profiles/mailserver.nix
+++ b/hosts/hetzner-vm/profiles/mailserver.nix
@ -14,7 +14,7 @@ in {
      $config['username_domain_forced'] = true;
    '';
-    extra_aliases_file = "/tmp/e";
+    extra_aliases_file = "${secrets.private_mail_aliases.path}";
    accounts = {
      "chaos@owo.monster" = {
--- a/hosts/hetzner-vm/profiles/mpd-broadcast/hosts/lappy.nix
+++ b/hosts/hetzner-vm/profiles/mpd-broadcast/hosts/lappy.nix
@ -1,5 +1,5 @@
 {pkgs, ...}: let
-  sink_name = "roc-lappy";
+  #sink_name = "roc-lappy";
  description = "Lappy ROC Output";
  ip_addr = "100.115.10.34";
 in {
--- a/hosts/hetzner-vm/profiles/mpd-broadcast/hosts/raspberry.nix
+++ b/hosts/hetzner-vm/profiles/mpd-broadcast/hosts/raspberry.nix
@ -1,5 +1,5 @@
 {pkgs, ...}: let
-  sink_name = "roc-raspberry";
+  #sink_name = "roc-raspberry";
  description = "Raspberry ROC Output";
  ip_addr = "100.118.202.64";
  #ip_addr = "100.115.10.34";
--- a/hosts/macmini/default.nix
+++ b/hosts/macmini/default.nix
@ -1,8 +1,4 @@
-{
+{tree, ...}: {
  pkgs,
  tree,
  ...
 }: {
  users.users.chaos = {
    name = "chaos";
    home = "/Users/chaos";
--- a/hosts/nixos-live/nixos-live.nix
+++ b/hosts/nixos-live/nixos-live.nix
@ -2,7 +2,6 @@
  config,
  tree,
  modulesPath,
  pkgs,
  lib,
  ...
 }: {
--- a/hosts/nixos.nix
+++ b/hosts/nixos.nix
@ -1,8 +1,4 @@
-{
+{nixpkgs-unstable, ...} @ inputs: let
  self,
  nixpkgs-unstable,
  ...
 } @ inputs: let
  mkTree = inputs.tree-input.tree;
  metaTree = mkTree ((import ../treeConfig.nix {}) // {inherit inputs;});
  tree = metaTree.impure;
@ -42,12 +38,6 @@ in {
    modules = defaultModules ++ [./tablet/tablet.nix ./tablet/hardware.nix];
  };
  rescue-x86_64 = nixosUnstableSystem {
    specialArgs = defaultSpecialArgs;
    system = "x86_64-linux";
    modules = defaultModules ++ [./rescue/rescue.nix];
  };
  hetzner-vm = nixosUnstableSystem {
    specialArgs = defaultSpecialArgs;
    system = "x86_64-linux";
--- a/hosts/raspberry/raspberry.nix
+++ b/hosts/raspberry/raspberry.nix
@ -1,7 +1,6 @@
 {
  tree,
  modulesPath,
  config,
  pkgs,
  lib,
  ...
--- a/hosts/raspberry/services/router.nix
+++ b/hosts/raspberry/services/router.nix
@ -1,8 +1,4 @@
-{
+{tree, ...}: let
  lib,
  tree,
  ...
 }: let
  externalInterface = "eth0";
  wifiInterface = "wlan0";
  ssid = "Test Wifi";
--- a/hosts/rescue/rescue.nix
+++ b/hosts/rescue/rescue.nix
@ -1,54 +0,0 @@
 {
  tree,
  modulesPath,
  config,
  pkgs,
  lib,
  ...
 }: {
  imports = with tree; [
    users.root
    users.chaos
    profiles.base
    profiles.gui
    profiles.gui.environments.sway
    profiles.connectivity.network_manager
    profiles.connectivity.ios
    profiles.tor
    (modulesPath + "/installer/cd-dvd/installation-cd-base.nix")
  ];
  home-manager.users.root = {
    imports = with tree; [home.base home.dev.all];
  };
  home-manager.users.chaos = {
    imports = with tree; [
      home.base
      home.gui
      home.gui.environments.sway
      home.dev.all
      home.network_manager
      home.apps.vivaldi
      home.programming
      home.programming.languages.nix
    ];
  };
  isoImage.squashfsCompression = "zstd -Xcompression-level 1";
  users.users.root.initialPassword = "password";
  users.users.chaoticryptidz.initialPassword = "password";
  # let vscode, vivaldi, etc work.
  security.unprivilegedUsernsClone = true;
  networking = {
    hostName = "rescue";
    networkmanager.enable = true;
    wireless.enable = lib.mkForce false;
  };
  time.timeZone = "Europe/London";
  system.stateVersion = "21.11";
 }
--- a/hosts/storage/profiles/rclone-sync.nix
+++ b/hosts/storage/profiles/rclone-sync.nix
@ -1,10 +1,4 @@
-{
+{lib, ...}: {
  config,
  lib,
  ...
 }: let
  secrets = config.services.secrets.secrets;
 in {
  services.rclone-sync = let
    sync_defaults = {
      serviceConfig = {after = ["secrets-init.service"];};
--- a/hosts/storage/storage.nix
+++ b/hosts/storage/storage.nix
@ -1,13 +1,10 @@
 {
  modulesPath,
  tree,
  config,
  pkgs,
  lib,
  ...
 }: let
  secrets = config.services.secrets.secrets;
  ports = import ./ports.nix {};
 in {
  imports = with tree; [
    users.root
@ -54,9 +51,6 @@ in {
    script = let
      vault_username = "storage";
      vault_password_file = "${secrets.vault_password.path}";
      config_dir = "/home/storage/.config/rclone";
      config_file = "/home/storage/.config/rclone/rclone.conf";
    in ''
      VAULT_ADDR="https://vault.owo.monster" \
        vault login -no-print -method=userpass username=${vault_username} password=$(cat ${vault_password_file})
--- a/hosts/tablet/hardware.nix
+++ b/hosts/tablet/hardware.nix
@ -1,7 +1,4 @@
-{tree, ...}: let
+{tree, ...}: {
  usb_data = import ../../data/usb_data.nix {};
  drive_data = import ../../data/normal_drive_data.nix {};
 in {
  boot = {
    loader = {
      systemd-boot.enable = true;
--- a/hosts/tablet/profiles/misskey-dev.nix
+++ b/hosts/tablet/profiles/misskey-dev.nix
@ -1,4 +1,4 @@
-{pkgs, ...}: {
+{...}: {
  services.postgresql = {
    enable = true;
    ensureUsers = [
--- a/hosts/tablet/secrets.nix
+++ b/hosts/tablet/secrets.nix
@ -1,4 +1,4 @@
-{pkgs, ...}: {
+{...}: {
  services.secrets = {
    enable = true;
    secrets = {
--- a/hosts/tablet/tablet.nix
+++ b/hosts/tablet/tablet.nix
@ -1,10 +1,4 @@
-{
+{tree, ...}: {
  tree,
  config,
  pkgs,
  lib,
  ...
 }: {
  imports = with tree; [
    users.root
    users.chaos
--- a/hosts/vault/secrets.nix
+++ b/hosts/vault/secrets.nix
@ -1,4 +1,4 @@
-{pkgs, ...}: {
+{...}: {
  services.secrets = {
    enable = true;
    secrets = {
--- a/hosts/vault/vault.nix
+++ b/hosts/vault/vault.nix
@ -1,13 +1,4 @@
-{
+{tree, ...}: {
  modulesPath,
  tree,
  config,
  pkgs,
  lib,
  ...
 }: let
  secrets = config.services.secrets.secrets;
 in {
  imports = with tree; [
    users.root
--- a/modules/nixos/secrets.nix
+++ b/modules/nixos/secrets.nix
@ -1,7 +1,7 @@
 {
  config,
  lib,
  pkgs,
  config,
  ...
 }:
 with lib; let
@ -59,11 +59,7 @@ in {
      };
      secrets = mkOption {
-        type = types.attrsOf (types.submodule ({
+        type = types.attrsOf (types.submodule ({name, ...}: {
          config,
          name,
          ...
        }: {
          options = {
            user = mkOption {
              type = types.str;
@ -119,8 +115,8 @@ in {
        }
      '';
-      manualSecrets = filterAttrs (name: secret: secret.manual) cfg.secrets;
+      manualSecrets = filterAttrs (_: secret: secret.manual) cfg.secrets;
-      nonManualSecrets = filterAttrs (name: secret: !secret.manual) cfg.secrets;
+      nonManualSecrets = filterAttrs (_: secret: !secret.manual) cfg.secrets;
      initScript =
        ''
@ -141,7 +137,7 @@ in {
          ${cfg.extraFunctions}
        ''
-        + (lib.concatStringsSep "\n" (lib.mapAttrsToList (name: secret: ''
+        + (lib.concatStringsSep "\n" (lib.mapAttrsToList (_name: secret: ''
            if [[ ! -f "${secret.path}" ]]; then
              echo "Initializing Secret ${secret.path}"
            else
@ -156,7 +152,7 @@ in {
          '')
          nonManualSecrets))
        + (lib.concatStringsSep "\n" (lib.mapAttrsToList
-          (name: secret: ''
+          (_name: secret: ''
            if [[ ! -f "${secret.path}" ]]; then
              echo "Manual Secret ${secret.path} Doesn't Exist"
              exit 1
--- a/overlay/default.nix
+++ b/overlay/default.nix
@ -1,4 +1,4 @@
-final: prev: {
+final: _prev: {
  comic-sans = final.callPackage ./comic-sans {};
  comic-code = final.callPackage ./comic-code {};
  roc-toolkit-patched = final.callPackage ./roc-toolkit-patched {};
--- a/overlay/gobar/default.nix
+++ b/overlay/gobar/default.nix
@ -1,9 +1,6 @@
 {
  stdenv,
  fetchFromGitLab,
  buildGoModule,
  lib,
  go,
 }:
 buildGoModule rec {
  pname = "gobar";
--- a/overlay/piped/backend/default.nix
+++ b/overlay/piped/backend/default.nix
@ -2,7 +2,6 @@
  stdenv,
  runtimeShell,
  fetchFromGitHub,
  makeWrapper,
  jdk,
  jre,
  gradle,
--- a/overlay/piped/frontend/default.nix
+++ b/overlay/piped/frontend/default.nix
@ -1,7 +1,4 @@
 {
  stdenv,
  nodejs,
  nodePackages,
  mkYarnPackage,
  rsync,
  fetchFromGitHub,
--- a/overlay/piped/frontend/yarn.nix
+++ b/overlay/piped/frontend/yarn.nix
@ -1,9 +1,6 @@
 {
  fetchurl,
  fetchgit,
  linkFarm,
  runCommand,
  gnutar,
 }: rec {
  offline_cache = linkFarm "offline" packages;
  packages = [
--- a/overlay/zar/default.nix
+++ b/overlay/zar/default.nix
@ -1,7 +1,6 @@
 {
  stdenv,
  fetchFromGitLab,
  lib,
  zig,
 }:
 stdenv.mkDerivation rec {
--- a/profiles/base-darwin/nix.nix
+++ b/profiles/base-darwin/nix.nix
@ -2,7 +2,6 @@
  inputs,
  pkgs,
  config,
  lib,
  ...
 }: {
  nix = {
--- a/profiles/base/access.nix
+++ b/profiles/base/access.nix
@ -1,6 +1,4 @@
 {
  tree,
  config,
  lib,
  pkgs,
  ...
--- a/profiles/base/home.nix
+++ b/profiles/base/home.nix
@ -2,7 +2,6 @@
  inputs,
  tree,
  config,
  pkgs,
  lib,
  ...
 }:
--- a/profiles/base/programs.nix
+++ b/profiles/base/programs.nix
@ -1 +1 @@
-{config, ...}: {programs.mtr.enable = true;}
+{...}: {programs.mtr.enable = true;}
--- a/profiles/base/services.nix
+++ b/profiles/base/services.nix
@ -1,3 +0,0 @@
 {config, ...}: {
  #services.localtimed.enable = true;
 }
--- a/profiles/connectivity/network_manager/nm.nix
+++ b/profiles/connectivity/network_manager/nm.nix
@ -1,8 +1,4 @@
-{
+{lib, ...}: {
  config,
  lib,
  ...
 }: {
  networking = {
    networkmanager = {
      enable = true;
--- a/profiles/dnscrypt/dnscrypt.nix
+++ b/profiles/dnscrypt/dnscrypt.nix
@ -1,9 +1,4 @@
-{
+{...}: {
  config,
  lib,
  pkgs,
  ...
 }: {
  networking = {
    resolvconf.useLocalResolver = true;
    networkmanager.dns = "none";
--- a/profiles/gaming/steam.nix
+++ b/profiles/gaming/steam.nix
@ -1,4 +1,4 @@
-{pkgs, ...}: {
+{...}: {
  programs.steam = {
    enable = true;
    remotePlay.openFirewall = true;
--- a/profiles/gui/base/default.nix
+++ b/profiles/gui/base/default.nix
@ -1,5 +1 @@
-{
+{pkgs, ...}: {fonts.fonts = with pkgs; [comic-sans comic-code];}
  config,
  pkgs,
  ...
 }: {fonts.fonts = with pkgs; [comic-sans comic-code];}
--- a/profiles/gui/environments/sway/sway.nix
+++ b/profiles/gui/environments/sway/sway.nix
@ -1,8 +1,4 @@
-{
+{...}: {
  config,
  pkgs,
  ...
 }: {
  programs.sway.enable = true;
  programs.xwayland.enable = true;
  #services.xserver.enable = true;
--- a/profiles/laptop/default.nix
+++ b/profiles/laptop/default.nix
@ -1,8 +1,4 @@
-{
+{config, ...}: {
  config,
  pkgs,
  ...
 }: {
  services.xserver.libinput.enable = true;
  services.tlp.enable = true;
  powerManagement.enable = true;
--- a/profiles/usb-automount.nix
+++ b/profiles/usb-automount.nix
@ -1,8 +1,4 @@
-{
+{pkgs, ...}: let
  lib,
  pkgs,
  ...
 }: let
  usb_data = import ../data/usb_data.nix {};
  mapper_name = "usb_unencrypted_afterboot";
  mapper_path = "/dev/mapper/${mapper_name}";
--- a/users/chaos.nix
+++ b/users/chaos.nix
@ -1,4 +1,4 @@
-{config, ...}: {
+{...}: {
  users.users.chaos = {
    uid = 1000;
    isNormalUser = true;
--- a/users/root.nix
+++ b/users/root.nix
@ -1,4 +1,4 @@
-{config, ...}: {
+{...}: {
  users.users.root = {
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAeN3T1aZkTm5xS0b66cRDyKUbdEQCFyzVWXeW+eIbsa chaos@chaos"
`@ -1 +1 @@`
	`{config, ...}: {programs.mtr.enable = true;}`	`{...}: {programs.mtr.enable = true;}`