ran nix fmt .

2026-04-17 04:58:19 -04:00 · 2025-02-08 17:38:15 -05:00
parent c12bd0c7ca
commit 300aa1f032
35 changed files with 215 additions and 134 deletions
--- a/systems/jeeves/docker/qbit.nix
+++ b/systems/jeeves/docker/qbit.nix
@@ -3,8 +3,15 @@ let
 in
 {
  networking.firewall = {
-    allowedTCPPorts = [ 6881 8082 29432 ]; 
-    allowedUDPPorts = [ 6881 29432 ];
+    allowedTCPPorts = [
+      6881
+      8082
+      29432
+    ];
+    allowedUDPPorts = [
+      6881
+      29432
+    ];
  };
  virtualisation.oci-containers.containers.qbit = {
    image = "ghcr.io/linuxserver/qbittorrent:5.0.2";
--- a/systems/jeeves/docker/qbitvpn.nix
+++ b/systems/jeeves/docker/qbitvpn.nix
@@ -3,7 +3,11 @@ let
 in
 {
  networking.firewall = {
-    allowedTCPPorts = [ 6882 8081 8118 ];
+    allowedTCPPorts = [
+      6882
+      8081
+      8118
+    ];
    allowedUDPPorts = [ 6882 ];
  };
  virtualisation.oci-containers.containers.qbitvpn = {
@@ -36,7 +40,7 @@ in
      DELUGE_DAEMON_LOG_LEVEL = "debug";
      DELUGE_WEB_LOG_LEVEL = "debug";
    };
-    environmentFiles = ["${vars.storage_secrets}/docker/qbitvpn"];
+    environmentFiles = [ "${vars.storage_secrets}/docker/qbitvpn" ];
    autoStart = true;
  };
 }
--- a/systems/jeeves/hardware.nix
+++ b/systems/jeeves/hardware.nix
@@ -1,6 +1,11 @@
-{ config, lib, modulesPath, ... }:
 {
-  imports =[ (modulesPath + "/installer/scan/not-detected.nix") ];
+  config,
+  lib,
+  modulesPath,
+  ...
+}:
+{
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

  boot = {
    loader = {
@@ -88,22 +93,32 @@
          bypassWorkqueues = true;
          allowDiscards = true;
        };
-        "luks-storage_pool-wwn-0x5000cca23bc438dd-part1".device = "/dev/disk/by-id/wwn-0x5000cca23bc438dd-part1";
-        "luks-storage_pool-wwn-0x5000cca23bd035f5-part1".device = "/dev/disk/by-id/wwn-0x5000cca23bd035f5-part1";
-        "luks-storage_pool-wwn-0x5000cca23bd00ad6-part1".device = "/dev/disk/by-id/wwn-0x5000cca23bd00ad6-part1";
-        "luks-storage_pool-wwn-0x5000cca23bcf313e-part1".device = "/dev/disk/by-id/wwn-0x5000cca23bcf313e-part1";
-        "luks-storage_pool-wwn-0x5000cca23bcdf3b8-part1".device = "/dev/disk/by-id/wwn-0x5000cca23bcdf3b8-part1";
-        "luks-storage_pool-wwn-0x5000cca23bd02746-part1".device = "/dev/disk/by-id/wwn-0x5000cca23bd02746-part1";
-        "luks-storage_pool-wwn-0x5000cca23bcf9f89-part1".device = "/dev/disk/by-id/wwn-0x5000cca23bcf9f89-part1";
-        "luks-storage_pool-wwn-0x5000cca23bd00ae9-part1".device = "/dev/disk/by-id/wwn-0x5000cca23bd00ae9-part1";
+        "luks-storage_pool-wwn-0x5000cca23bc438dd-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca23bc438dd-part1";
+        "luks-storage_pool-wwn-0x5000cca23bd035f5-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca23bd035f5-part1";
+        "luks-storage_pool-wwn-0x5000cca23bd00ad6-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca23bd00ad6-part1";
+        "luks-storage_pool-wwn-0x5000cca23bcf313e-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca23bcf313e-part1";
+        "luks-storage_pool-wwn-0x5000cca23bcdf3b8-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca23bcdf3b8-part1";
+        "luks-storage_pool-wwn-0x5000cca23bd02746-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca23bd02746-part1";
+        "luks-storage_pool-wwn-0x5000cca23bcf9f89-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca23bcf9f89-part1";
+        "luks-storage_pool-wwn-0x5000cca23bd00ae9-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca23bd00ae9-part1";
        # Torrenting pool
        "luks-torrenting_pool-wwn-0x500a0751e6c3c01e-part1" = {
          device = "/dev/disk/by-id/wwn-0x500a0751e6c3c01e-part1";
          bypassWorkqueues = true;
          allowDiscards = true;
        };
-        "luks-torrenting_pool-wwn-0x5000cca264f080a3-part1".device = "/dev/disk/by-id/wwn-0x5000cca264f080a3-part1";
-        "luks-torrenting_pool-wwn-0x5000cca298c33ae5-part1".device = "/dev/disk/by-id/wwn-0x5000cca298c33ae5-part1";
+        "luks-torrenting_pool-wwn-0x5000cca264f080a3-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca264f080a3-part1";
+        "luks-torrenting_pool-wwn-0x5000cca298c33ae5-part1".device =
+          "/dev/disk/by-id/wwn-0x5000cca298c33ae5-part1";
        # cspell:enable
      };
    };
@@ -122,8 +137,8 @@
      fsType = "zfs";
    };

-    "/nix" =
-    { device = "root_pool/nix";
+    "/nix" = {
+      device = "root_pool/nix";
      fsType = "zfs";
    };

@@ -146,7 +161,7 @@
      options = [
        "fmask=0077"
        "dmask=0077"
-      ];    
+      ];
    };
  };

--- a/systems/jeeves/networking.nix
+++ b/systems/jeeves/networking.nix
@@ -12,7 +12,7 @@
      "10-1GB_Primary" = {
        matchConfig.Name = "enp98s0f0";
        address = [ "192.168.95.14/24" ];
-        routes = [{ Gateway = "192.168.95.1"; }];
+        routes = [ { Gateway = "192.168.95.1"; } ];
        linkConfig.RequiredForOnline = "routable";
      };
      "10-1GB_Secondary" = {
--- a/systems/jeeves/runners/default.nix
+++ b/systems/jeeves/runners/default.nix
@@ -14,7 +14,6 @@
    };
    groups.github-runners.gid = 601;
  };
-  

  services.nix_builder.containers = {
    nix-builder-0.enable = true;
--- a/systems/jeeves/runners/nix_builder.nix
+++ b/systems/jeeves/runners/nix_builder.nix
@@ -7,14 +7,20 @@ let
 in
 {
  options.services.nix_builder.containers = mkOption {
-    type = types.attrsOf (types.submodule ({ name, ... }: {
-      options.enable = mkEnableOption "GitHub runner container";
-    }));
-    default = {};
+    type = types.attrsOf (
+      types.submodule (
+        { name, ... }:
+        {
+          options.enable = mkEnableOption "GitHub runner container";
+        }
+      )
+    );
+    default = { };
    description = "GitHub runner container configurations";
  };

-  config.containers = mapAttrs (name: cfg:
+  config.containers = mapAttrs (
+    name: cfg:
    mkIf cfg.enable {
      autoStart = true;
      bindMounts = {
@@ -25,7 +31,14 @@ in
        "/secrets".mountPoint = "${vars.storage_secrets}/services/github-runners/${name}";
        "ssh-keys".mountPoint = "${vars.storage_secrets}/services/github-runners/id_ed25519_github-runners";
      };
-      config = { config, pkgs, lib, ... }: {
+      config =
+        {
+          config,
+          pkgs,
+          lib,
+          ...
+        }:
+        {
          nix.settings = {
            trusted-substituters = [
              "https://cache.nixos.org"
@@ -65,7 +78,10 @@ in
            tokenFile = "${vars.storage_secrets}/services/github-runners/${name}";
            user = "github-runners";
            group = "github-runners";
-            extraPackages = with pkgs; [ nixos-rebuild openssh ];
+            extraPackages = with pkgs; [
+              nixos-rebuild
+              openssh
+            ];
          };
          users = {
            users.github-runners = {
@@ -77,7 +93,7 @@ in
            groups.github-runners.gid = 601;
          };
          system.stateVersion = "24.11";
-      };
+        };
    }
  ) config.services.nix_builder.containers;
 }
--- a/systems/jeeves/services/audiobookshelf.nix
+++ b/systems/jeeves/services/audiobookshelf.nix
@@ -8,6 +8,7 @@ in
    openFirewall = true;
    host = "192.168.90.40";
  };
-  systemd.services.audiobookshelf.serviceConfig.WorkingDirectory = lib.mkForce "${vars.media_docker_configs}/audiobookshelf";
+  systemd.services.audiobookshelf.serviceConfig.WorkingDirectory =
+    lib.mkForce "${vars.media_docker_configs}/audiobookshelf";
  users.users.audiobookshelf.home = lib.mkForce "${vars.media_docker_configs}/audiobookshelf";
 }
--- a/systems/jeeves/services/cloud_flare_tunnel.nix
+++ b/systems/jeeves/services/cloud_flare_tunnel.nix
@@ -15,4 +15,3 @@ in
    };
  };
 }
-
--- a/systems/jeeves/services/haproxy.nix
+++ b/systems/jeeves/services/haproxy.nix
@@ -1,8 +1,11 @@
 {
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ];

  services.haproxy = {
    enable = true;
    config = builtins.readFile ./haproxy.cfg;
  };
-}
+}
--- a/systems/jeeves/services/home_assistant.nix
+++ b/systems/jeeves/services/home_assistant.nix
@@ -2,7 +2,7 @@ let
  vars = import ../vars.nix;
 in
 {
-  services ={
+  services = {
    home-assistant = {
      enable = true;
      openFirewall = true;
@@ -62,9 +62,9 @@ in
      extraComponents = [ "isal" ];
    };
    esphome = {
-        enable = true;
-        openFirewall = true;
-        address = "192.168.90.40";
+      enable = true;
+      openFirewall = true;
+      address = "192.168.90.40";
    };
  };
 }
--- a/systems/jeeves/services/postgress.nix
+++ b/systems/jeeves/services/postgress.nix
@@ -16,7 +16,7 @@ in

      #type database DBuser origin-address auth-method
      local all       all     trust
-      
+
      # ipv4
      host  all      all     127.0.0.1/32    trust
      host  all      all     192.168.90.1/24 trust
--- a/systems/jeeves/syncthing.nix
+++ b/systems/jeeves/syncthing.nix
@@ -2,8 +2,8 @@ let
  vars = import ./vars.nix;
 in
 {
-  networking.firewall.allowedTCPPorts = [ 8384 ]; 
-  
+  networking.firewall.allowedTCPPorts = [ 8384 ];
+
  services.syncthing = {
    guiAddress = "192.168.90.40:8384";
    settings = {
@@ -77,7 +77,7 @@ in
          ];
          fsWatcherEnabled = true;
        };
-        # 
+        #
        "davids-backup1" = {
          id = "8229p-8z3tm"; # cspell:disable-line
          path = "${vars.storage_syncthing}/davids_backups/1";
--- a/systems/jeeves/vars.nix
+++ b/systems/jeeves/vars.nix
@@ -11,7 +11,7 @@ in
  media_docker_configs = "${zfs_media}/docker/configs";
  media_mirror = "${zfs_media}/mirror";
  media_share = "${zfs_media}/share";
-  media_services = "${zfs_media}/services";  
+  media_services = "${zfs_media}/services";
  media_notes = "${zfs_media}/notes";
  media_plex = "${zfs_media}/plex";
  media_home_assistant = "${zfs_media}/home_assistant";