diff --git a/flake.nix b/flake.nix index 0c14edd..c752719 100644 --- a/flake.nix +++ b/flake.nix @@ -125,7 +125,7 @@ ]; outputs-builder = channels: { - formatter = channels.nixpkgs.nixfmt-rfc-style; + formatter = channels.nixpkgs.nixfmt-tree; defaultApp = lib.flake-utils-plus.mkApp { drv = channels.nixpkgs.home-manager; }; }; diff --git a/homes/aarch64-darwin/harald@m4/default.nix b/homes/aarch64-darwin/harald@m4/default.nix index 0a5fc15..e28f1d1 100644 --- a/homes/aarch64-darwin/harald@m4/default.nix +++ b/homes/aarch64-darwin/harald@m4/default.nix @@ -1,6 +1,7 @@ -{ pkgs -, config -, ... +{ + pkgs, + config, + ... }: { home = { @@ -48,7 +49,10 @@ selection.save_to_clipboard = true; mouse.bindings = [ - { mouse = "Middle"; action = "Paste"; } + { + mouse = "Middle"; + action = "Paste"; + } ]; # Color theme ported from iTerm 2 Smoooooth diff --git a/homes/x86_64-darwin/harald@mpro/default.nix b/homes/x86_64-darwin/harald@mpro/default.nix index f36ce2b..799f7b0 100644 --- a/homes/x86_64-darwin/harald@mpro/default.nix +++ b/homes/x86_64-darwin/harald@mpro/default.nix @@ -1,5 +1,6 @@ -{ config -, ... +{ + config, + ... }: { home = { diff --git a/homes/x86_64-linux/harald@mx/default.nix b/homes/x86_64-linux/harald@mx/default.nix index c8dcb03..baf012e 100644 --- a/homes/x86_64-linux/harald@mx/default.nix +++ b/homes/x86_64-linux/harald@mx/default.nix @@ -1,7 +1,8 @@ -{ lib -, pkgs -, config -, ... +{ + lib, + pkgs, + config, + ... }: { home.sessionPath = [ "$HOME/bin" ]; diff --git a/homes/x86_64-linux/harald@sgx-azure/default.nix b/homes/x86_64-linux/harald@sgx-azure/default.nix index e4c2b15..a3983e5 100644 --- a/homes/x86_64-linux/harald@sgx-azure/default.nix +++ b/homes/x86_64-linux/harald@sgx-azure/default.nix @@ -1,5 +1,6 @@ -{ config -, ... +{ + config, + ... }: { home = { diff --git a/lib/audio/default.nix b/lib/audio/default.nix index 3e5e61c..9b12fb7 100644 --- a/lib/audio/default.nix +++ b/lib/audio/default.nix @@ -89,11 +89,13 @@ rec { ]; "capture.props" = { "node.target" = from; - } // (args."capture.props" or { }); + } + // (args."capture.props" or { }); "playback.props" = { "node.target" = to; "monitor.channel-volumes" = true; - } // (args."playback.props" or { }); + } + // (args."playback.props" or { }); }; }; } diff --git a/modules/darwin/services/build/default.nix b/modules/darwin/services/build/default.nix index 9d4a443..fedfa34 100644 --- a/modules/darwin/services/build/default.nix +++ b/modules/darwin/services/build/default.nix @@ -1,7 +1,8 @@ -{ config -, lib -, pkgs -, ... +{ + config, + lib, + pkgs, + ... }: with lib; with lib.metacfg; diff --git a/modules/darwin/system/fonts/default.nix b/modules/darwin/system/fonts/default.nix index f646045..9ab1091 100644 --- a/modules/darwin/system/fonts/default.nix +++ b/modules/darwin/system/fonts/default.nix @@ -1,8 +1,9 @@ -{ options -, config -, pkgs -, lib -, ... +{ + options, + config, + pkgs, + lib, + ... }: with lib; @@ -23,14 +24,13 @@ in }; fonts = { - packages = - [ - pkgs.nerd-fonts.hack - pkgs.nerd-fonts.fira-code - pkgs.nerd-fonts.droid-sans-mono - pkgs.nerd-fonts.jetbrains-mono - ] - ++ cfg.fonts; + packages = [ + pkgs.nerd-fonts.hack + pkgs.nerd-fonts.fira-code + pkgs.nerd-fonts.droid-sans-mono + pkgs.nerd-fonts.jetbrains-mono + ] + ++ cfg.fonts; }; }; } diff --git a/modules/darwin/tools/wezterm/default.nix b/modules/darwin/tools/wezterm/default.nix index 33178d4..ac7f7e1 100644 --- a/modules/darwin/tools/wezterm/default.nix +++ b/modules/darwin/tools/wezterm/default.nix @@ -1,7 +1,8 @@ -{ lib -, config -, pkgs -, ... +{ + lib, + config, + pkgs, + ... }: let inherit (lib) mkEnableOption mkIf; diff --git a/modules/darwin/user/default.nix b/modules/darwin/user/default.nix index 07addc6..5a1f89a 100644 --- a/modules/darwin/user/default.nix +++ b/modules/darwin/user/default.nix @@ -1,6 +1,7 @@ -{ lib -, config -, ... +{ + lib, + config, + ... }: with lib; with lib.metacfg; diff --git a/modules/home/cli-apps/neovim/default.nix b/modules/home/cli-apps/neovim/default.nix index bedc23a..a503a36 100644 --- a/modules/home/cli-apps/neovim/default.nix +++ b/modules/home/cli-apps/neovim/default.nix @@ -1,7 +1,8 @@ -{ lib -, config -, pkgs -, ... +{ + lib, + config, + pkgs, + ... }: let diff --git a/modules/home/cli-apps/starship/default.nix b/modules/home/cli-apps/starship/default.nix index 91e0d57..fce5c71 100644 --- a/modules/home/cli-apps/starship/default.nix +++ b/modules/home/cli-apps/starship/default.nix @@ -1,7 +1,8 @@ -{ lib -, config -, pkgs -, ... +{ + lib, + config, + pkgs, + ... }: let inherit (lib) mkEnableOption mkIf; diff --git a/modules/home/tools/jetbrains/default.nix b/modules/home/tools/jetbrains/default.nix index 4ab6c36..dc9390d 100644 --- a/modules/home/tools/jetbrains/default.nix +++ b/modules/home/tools/jetbrains/default.nix @@ -1,8 +1,9 @@ -{ options -, config -, lib -, pkgs -, ... +{ + options, + config, + lib, + pkgs, + ... }: with lib; diff --git a/modules/nixos/services/build/default.nix b/modules/nixos/services/build/default.nix index 8f1aabb..15420c7 100644 --- a/modules/nixos/services/build/default.nix +++ b/modules/nixos/services/build/default.nix @@ -1,7 +1,8 @@ -{ config -, lib -, pkgs -, ... +{ + config, + lib, + pkgs, + ... }: with lib; with lib.metacfg; diff --git a/modules/nixos/system/limits/default.nix b/modules/nixos/system/limits/default.nix index 8563507..23d2880 100644 --- a/modules/nixos/system/limits/default.nix +++ b/modules/nixos/system/limits/default.nix @@ -1,6 +1,7 @@ -{ config -, lib -, ... +{ + config, + lib, + ... }: with lib; with lib.metacfg; diff --git a/modules/nixos/user/default.nix b/modules/nixos/user/default.nix index 1880ab1..5fc7f66 100644 --- a/modules/nixos/user/default.nix +++ b/modules/nixos/user/default.nix @@ -101,6 +101,7 @@ in uid = 1000; extraGroups = [ "wheel" ] ++ cfg.extraGroups; - } // cfg.extraOptions; + } + // cfg.extraOptions; }; } diff --git a/overlays/extern/default.nix b/overlays/extern/default.nix index eb2a6e1..c3da238 100644 --- a/overlays/extern/default.nix +++ b/overlays/extern/default.nix @@ -1,3 +1,4 @@ -{ channels, ... }: final: prev: { +{ channels, ... }: +final: prev: { # inherit (channels.nixpkgs.nixsgx) sgx-psw; } diff --git a/overlays/unstable/aider-chat.nix b/overlays/unstable/aider-chat.nix index 429839f..73a16e8 100644 --- a/overlays/unstable/aider-chat.nix +++ b/overlays/unstable/aider-chat.nix @@ -1,14 +1,15 @@ -{ lib -, stdenv -, python312 -, fetchFromGitHub -, fetchurl -, pkg-config -, gitMinimal -, portaudio -, playwright-driver -, pkgs -, tree-sitter-grammars +{ + lib, + stdenv, + python312, + fetchFromGitHub, + fetchurl, + pkg-config, + gitMinimal, + portaudio, + playwright-driver, + pkgs, + tree-sitter-grammars, }: let @@ -32,19 +33,25 @@ let typing-extensions ]; - nativeBuildInputs = with pkgs; with pkgs.tree-sitter-grammars; [ - tree-sitter - tree-sitter-c-sharp - tree-sitter-embedded-template - tree-sitter-yaml - ]; + nativeBuildInputs = + with pkgs; + with pkgs.tree-sitter-grammars; + [ + tree-sitter + tree-sitter-c-sharp + tree-sitter-embedded-template + tree-sitter-yaml + ]; - propagatedBuildInputs = with python312.pkgs; with pkgs.tree-sitter-grammars; [ - tree-sitter - tree-sitter-c-sharp - tree-sitter-embedded-template - tree-sitter-yaml - ]; + propagatedBuildInputs = + with python312.pkgs; + with pkgs.tree-sitter-grammars; + [ + tree-sitter + tree-sitter-c-sharp + tree-sitter-embedded-template + tree-sitter-yaml + ]; nativeCheckInputs = [ python312.pkgs.pytestCheckHook ]; # Without cd $out, tests fail to import the compiled cython extensions. @@ -183,29 +190,28 @@ let "tests/help/test_help.py" ]; - disabledTests = - [ - # Tests require network - "test_urls" - "test_get_commit_message_with_custom_prompt" - # FileNotFoundError - "test_get_commit_message" - # Expected 'launch_gui' to have been called once - "test_browser_flag_imports_streamlit" - # AttributeError - "test_simple_send_with_retries" - # Expected 'check_version' to have been called once - "test_main_exit_calls_version_check" - # AssertionError: assert 2 == 1 - "test_simple_send_non_retryable_error" - ] - ++ lib.optionals stdenv.hostPlatform.isDarwin [ - # Tests fails on darwin - "test_dark_mode_sets_code_theme" - "test_default_env_file_sets_automatic_variable" - # FileNotFoundError: [Errno 2] No such file or directory: 'vim' - "test_pipe_editor" - ]; + disabledTests = [ + # Tests require network + "test_urls" + "test_get_commit_message_with_custom_prompt" + # FileNotFoundError + "test_get_commit_message" + # Expected 'launch_gui' to have been called once + "test_browser_flag_imports_streamlit" + # AttributeError + "test_simple_send_with_retries" + # Expected 'check_version' to have been called once + "test_main_exit_calls_version_check" + # AssertionError: assert 2 == 1 + "test_simple_send_non_retryable_error" + ] + ++ lib.optionals stdenv.hostPlatform.isDarwin [ + # Tests fails on darwin + "test_dark_mode_sets_code_theme" + "test_default_env_file_sets_automatic_variable" + # FileNotFoundError: [Errno 2] No such file or directory: 'vim' + "test_pipe_editor" + ]; makeWrapperArgs = [ "--set AIDER_CHECK_UPDATE false" @@ -228,10 +234,11 @@ let passthru = { withPlaywright = aider-chat.overridePythonAttrs ( - { dependencies - , makeWrapperArgs - , propagatedBuildInputs ? [ ] - , ... + { + dependencies, + makeWrapperArgs, + propagatedBuildInputs ? [ ], + ... }: { dependencies = dependencies ++ aider-chat.optional-dependencies.playwright; diff --git a/overlays/unstable/goose.nix b/overlays/unstable/goose.nix index ef0b70d..b3da760 100644 --- a/overlays/unstable/goose.nix +++ b/overlays/unstable/goose.nix @@ -1,15 +1,15 @@ -{ lib -, stdenv -, fetchFromGitHub -, fetchurl -, rustPlatform -, dbus -, xorg -, pkg-config -, writableTmpDirAsHomeHook -, nix-update-script -, llvmPackages -, +{ + lib, + stdenv, + fetchFromGitHub, + fetchurl, + rustPlatform, + dbus, + xorg, + pkg-config, + writableTmpDirAsHomeHook, + nix-update-script, + llvmPackages, }: let version = "1.0.20"; @@ -55,20 +55,19 @@ rustPlatform.buildRustPackage rec { __darwinAllowLocalNetworking = true; - checkFlags = - [ - # need dbus-daemon - "--skip=config::base::tests::test_multiple_secrets" - "--skip=config::base::tests::test_secret_management" - "--skip=logging::tests::test_log_file_name::with_session_name_and_error_capture" - # Observer should be Some with both init project keys set - "--skip=tracing::langfuse_layer::tests::test_create_langfuse_observer" - "--skip=providers::gcpauth::tests::test_token_refresh_race_condition" - # Lazy instance has previously been poisoned - "--skip=jetbrains::tests::test_capabilities" - "--skip=jetbrains::tests::test_router_creation" - "--skip=developer::tests::test_text_editor_write_and_view_file" - ]; + checkFlags = [ + # need dbus-daemon + "--skip=config::base::tests::test_multiple_secrets" + "--skip=config::base::tests::test_secret_management" + "--skip=logging::tests::test_log_file_name::with_session_name_and_error_capture" + # Observer should be Some with both init project keys set + "--skip=tracing::langfuse_layer::tests::test_create_langfuse_observer" + "--skip=providers::gcpauth::tests::test_token_refresh_race_condition" + # Lazy instance has previously been poisoned + "--skip=jetbrains::tests::test_capabilities" + "--skip=jetbrains::tests::test_router_creation" + "--skip=developer::tests::test_text_editor_write_and_view_file" + ]; passthru.updateScript = nix-update-script { }; diff --git a/overlays/unstable/roo-code.nix b/overlays/unstable/roo-code.nix index b92f425..dd13994 100644 --- a/overlays/unstable/roo-code.nix +++ b/overlays/unstable/roo-code.nix @@ -1,7 +1,7 @@ -{ lib -, vscode-utils -, vscode-extensions-update-script -, +{ + lib, + vscode-utils, + vscode-extensions-update-script, }: vscode-utils.buildVscodeMarketplaceExtension { diff --git a/packages/nixos-hosts/default.nix b/packages/nixos-hosts/default.nix index 76fff02..d98fbd5 100644 --- a/packages/nixos-hosts/default.nix +++ b/packages/nixos-hosts/default.nix @@ -13,7 +13,9 @@ let inherit (lib) mapAttrsToList concatStringsSep; inherit (lib.metacfg) override-meta; - formatted-hosts = mapAttrsToList (name: host: "${name},${host.pkgs.stdenv.hostPlatform.system}") hosts; + formatted-hosts = mapAttrsToList ( + name: host: "${name},${host.pkgs.stdenv.hostPlatform.system}" + ) hosts; hosts-csv = writeText "hosts.csv" '' Name,System diff --git a/packages/zeroclaw/default.nix b/packages/zeroclaw/default.nix index 2187d50..4ab7d02 100644 --- a/packages/zeroclaw/default.nix +++ b/packages/zeroclaw/default.nix @@ -23,7 +23,10 @@ rustPlatform.buildRustPackage rec { doCheck = false; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ openssl sqlite ]; + buildInputs = [ + openssl + sqlite + ]; meta = with lib; { description = "Lightweight autonomous AI assistant infrastructure built in Rust"; diff --git a/systems/aarch64-linux/m4nix/hardware-configuration.nix b/systems/aarch64-linux/m4nix/hardware-configuration.nix index 273ccfe..4f202e0 100644 --- a/systems/aarch64-linux/m4nix/hardware-configuration.nix +++ b/systems/aarch64-linux/m4nix/hardware-configuration.nix @@ -1,30 +1,44 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { imports = [ ]; - boot.initrd.availableKernelModules = [ "virtio_pci" "xhci_pci" "usbhid" "usb_storage" ]; + boot.initrd.availableKernelModules = [ + "virtio_pci" + "xhci_pci" + "usbhid" + "usb_storage" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/069a5103-100e-4ff0-9f25-58df709cfd4e"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/069a5103-100e-4ff0-9f25-58df709cfd4e"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/8C85-EB75"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/08bbaeb8-8610-4592-9393-938c45ec4d19"; } + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/8C85-EB75"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/08bbaeb8-8610-4592-9393-938c45ec4d19"; } + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/systems/aarch64-linux/rnix/hardware-configuration.nix b/systems/aarch64-linux/rnix/hardware-configuration.nix index f9f57a8..2dca176 100644 --- a/systems/aarch64-linux/rnix/hardware-configuration.nix +++ b/systems/aarch64-linux/rnix/hardware-configuration.nix @@ -1,30 +1,44 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { imports = [ ]; - boot.initrd.availableKernelModules = [ "virtio_pci" "xhci_pci" "usbhid" "usb_storage" ]; + boot.initrd.availableKernelModules = [ + "virtio_pci" + "xhci_pci" + "usbhid" + "usb_storage" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/3d6d27a9-1840-45cb-8f6f-88958f8e2f4d"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/3d6d27a9-1840-45cb-8f6f-88958f8e2f4d"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/0313-3BFB"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/4bfc9e4e-0878-4fd3-878f-950fb4ba6ae8"; } + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/0313-3BFB"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/4bfc9e4e-0878-4fd3-878f-950fb4ba6ae8"; } + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/systems/x86_64-linux/halo/wyoming.nix b/systems/x86_64-linux/halo/wyoming.nix index 905083a..0ab8225 100644 --- a/systems/x86_64-linux/halo/wyoming.nix +++ b/systems/x86_64-linux/halo/wyoming.nix @@ -4,12 +4,12 @@ whisper-cpp = { package = pkgs.wyoming-whisper-rs; servers.main = { - enable = true; - model = "/var/lib/wyoming/whisper-cpp/ggml-large-v3.bin"; - uri = "tcp://0.0.0.0:10300"; - language = "de"; - }; - }; + enable = true; + model = "/var/lib/wyoming/whisper-cpp/ggml-large-v3.bin"; + uri = "tcp://0.0.0.0:10300"; + language = "de"; + }; + }; piper.servers."main" = { enable = true; diff --git a/systems/x86_64-linux/mx/acme.nix b/systems/x86_64-linux/mx/acme.nix index ee338c4..b6a39d3 100644 --- a/systems/x86_64-linux/mx/acme.nix +++ b/systems/x86_64-linux/mx/acme.nix @@ -10,58 +10,58 @@ metacfg.services.acmeBase.credentialsFile = config.sops.secrets.internetbs.path; security.acme.certs = { - "surfsite.org" = { - extraDomainNames = [ "*.surfsite.org" ]; - }; - - "hartwin-hoyer.de" = { - extraDomainNames = [ "*.hartwin-hoyer.de" ]; - }; - - "herward-hoyer.de" = { - extraDomainNames = [ "*.herward-hoyer.de" ]; - }; - - "varlink.org" = { - extraDomainNames = [ "*.varlink.org" ]; - }; - - "meike-hoyer.de" = { }; - - "hoyer.xyz" = { - extraDomainNames = [ - "*.hoyer.xyz" - "*.harald.hoyer.xyz" - "*.hartwin.hoyer.xyz" - ]; - }; - - "hoyer.world" = { - extraDomainNames = [ - "*.hoyer.world" - "*.harald.hoyer.world" - "*.hartwin.hoyer.world" - ]; - }; - - "hoyer.social" = { - extraDomainNames = [ - "*.hoyer.social" - "*.harald.hoyer.social" - "*.hartwin.hoyer.social" - ]; - }; - - "hoyer.photos" = { - extraDomainNames = [ - "*.hoyer.photos" - "*.harald.hoyer.photos" - "*.hartwin.hoyer.photos" - ]; - }; - - "harald-hoyer.de" = { - extraDomainNames = [ "*.harald-hoyer.de" ]; - }; + "surfsite.org" = { + extraDomainNames = [ "*.surfsite.org" ]; }; + + "hartwin-hoyer.de" = { + extraDomainNames = [ "*.hartwin-hoyer.de" ]; + }; + + "herward-hoyer.de" = { + extraDomainNames = [ "*.herward-hoyer.de" ]; + }; + + "varlink.org" = { + extraDomainNames = [ "*.varlink.org" ]; + }; + + "meike-hoyer.de" = { }; + + "hoyer.xyz" = { + extraDomainNames = [ + "*.hoyer.xyz" + "*.harald.hoyer.xyz" + "*.hartwin.hoyer.xyz" + ]; + }; + + "hoyer.world" = { + extraDomainNames = [ + "*.hoyer.world" + "*.harald.hoyer.world" + "*.hartwin.hoyer.world" + ]; + }; + + "hoyer.social" = { + extraDomainNames = [ + "*.hoyer.social" + "*.harald.hoyer.social" + "*.hartwin.hoyer.social" + ]; + }; + + "hoyer.photos" = { + extraDomainNames = [ + "*.hoyer.photos" + "*.harald.hoyer.photos" + "*.hartwin.hoyer.photos" + ]; + }; + + "harald-hoyer.de" = { + extraDomainNames = [ "*.harald-hoyer.de" ]; + }; + }; } diff --git a/systems/x86_64-linux/mx/coturn.nix b/systems/x86_64-linux/mx/coturn.nix index 45fb964..4ac983e 100644 --- a/systems/x86_64-linux/mx/coturn.nix +++ b/systems/x86_64-linux/mx/coturn.nix @@ -1,7 +1,8 @@ -{ pkgs -, lib -, config -, ... +{ + pkgs, + lib, + config, + ... }: { sops.secrets."coturn/static-auth-secret" = { diff --git a/systems/x86_64-linux/mx/nextcloud-claude-bot/default.nix b/systems/x86_64-linux/mx/nextcloud-claude-bot/default.nix index 9bda0c7..4da941a 100644 --- a/systems/x86_64-linux/mx/nextcloud-claude-bot/default.nix +++ b/systems/x86_64-linux/mx/nextcloud-claude-bot/default.nix @@ -6,7 +6,7 @@ enable = true; nextcloudUrl = "https://nc.hoyer.xyz"; botSecretFile = config.sops.secrets."nextcloud-claude-bot/secret".path; - allowedUsers = []; # Allow all registered users + allowedUsers = [ ]; # Allow all registered users # Optional extra instructions (base prompt is hardcoded in bot.py) # systemPrompt = "Additional custom instructions here"; }; diff --git a/systems/x86_64-linux/mx/nextcloud-claude-bot/example-config.nix b/systems/x86_64-linux/mx/nextcloud-claude-bot/example-config.nix index 9560ff3..8957732 100644 --- a/systems/x86_64-linux/mx/nextcloud-claude-bot/example-config.nix +++ b/systems/x86_64-linux/mx/nextcloud-claude-bot/example-config.nix @@ -13,10 +13,10 @@ # 1. Use the official package if available in nixpkgs # 2. Package it yourself # 3. Use a binary wrapper - + # Option 1: If claude-code is in nixpkgs (check latest state) # environment.systemPackages = [ pkgs.claude-code ]; - + # Option 2: Manual binary installation wrapper nixpkgs.overlays = [ (final: prev: { @@ -30,22 +30,22 @@ # Create bot secret # Generate with: openssl rand -hex 32 # Store in a file, e.g., /var/secrets/nextcloud-claude-bot - + services.nextcloud-claude-bot = { enable = true; port = 8085; host = "127.0.0.1"; - + nextcloudUrl = "https://cloud.example.com"; botSecretFile = "/var/secrets/nextcloud-claude-bot"; - + # Only allow specific users allowedUsers = [ "harald" ]; - + # Claude settings maxTokens = 4096; timeout = 120; - + # Optional system prompt systemPrompt = '' Du bist ein hilfreicher Assistent. Antworte auf Deutsch, @@ -62,7 +62,7 @@ # If you need external access (e.g., Nextcloud on different server): services.nginx.virtualHosts."cloud.example.com" = { # ... your existing Nextcloud config ... - + locations."/_claude-bot/" = { proxyPass = "http://127.0.0.1:8085/"; extraConfig = '' @@ -70,7 +70,7 @@ proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; - + # Only allow from Nextcloud itself allow 127.0.0.1; deny all; diff --git a/systems/x86_64-linux/mx/nextcloud-claude-bot/module.nix b/systems/x86_64-linux/mx/nextcloud-claude-bot/module.nix index 6edcd71..3e0e6fd 100644 --- a/systems/x86_64-linux/mx/nextcloud-claude-bot/module.nix +++ b/systems/x86_64-linux/mx/nextcloud-claude-bot/module.nix @@ -1,61 +1,72 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: with lib; let cfg = config.services.nextcloud-claude-bot; - pythonEnv = pkgs.python3.withPackages (ps: with ps; [ - fastapi - uvicorn - httpx - ]); + pythonEnv = pkgs.python3.withPackages ( + ps: with ps; [ + fastapi + uvicorn + httpx + ] + ); - botModule = pkgs.runCommand "nextcloud-claude-bot-module" {} '' + botModule = pkgs.runCommand "nextcloud-claude-bot-module" { } '' mkdir -p $out cp ${./bot.py} $out/nextcloud_claude_bot.py ''; -in { +in +{ options.services.nextcloud-claude-bot = { enable = mkEnableOption "Nextcloud Talk Claude Bot"; - + port = mkOption { type = types.port; default = 8085; description = "Port for the webhook listener"; }; - + host = mkOption { type = types.str; default = "127.0.0.1"; description = "Host to bind to"; }; - + nextcloudUrl = mkOption { type = types.str; example = "https://cloud.example.com"; description = "Base URL of your Nextcloud instance"; }; - + botSecretFile = mkOption { type = types.path; description = "Path to file containing the bot secret (shared with Nextcloud)"; }; - + claudePath = mkOption { type = types.path; default = "${pkgs.claude-code}/bin/claude"; description = "Path to claude CLI binary"; }; - + allowedUsers = mkOption { type = types.listOf types.str; - default = []; - example = [ "harald" "admin" ]; + default = [ ]; + example = [ + "harald" + "admin" + ]; description = "Nextcloud usernames allowed to talk to the bot (empty = all)"; }; - + contextMessages = mkOption { type = types.int; default = 6; @@ -67,7 +78,7 @@ in { default = 120; description = "Timeout in seconds for Claude CLI"; }; - + systemPrompt = mkOption { type = types.nullOr types.str; default = null; @@ -75,13 +86,13 @@ in { description = "Optional system prompt for Claude"; }; }; - + config = mkIf cfg.enable { systemd.services.nextcloud-claude-bot = { description = "Nextcloud Talk Claude Bot"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; - + environment = { HOME = "/var/lib/nextcloud-claude-bot"; BOT_HOST = cfg.host; @@ -133,8 +144,8 @@ in { home = "/var/lib/nextcloud-claude-bot"; }; - users.groups.claude-bot = {}; - + users.groups.claude-bot = { }; + # Nginx reverse proxy config (optional, if you want external access) # services.nginx.virtualHosts."cloud.example.com".locations."/claude-bot/" = { # proxyPass = "http://${cfg.host}:${toString cfg.port}/"; diff --git a/systems/x86_64-linux/mx/nginx.nix b/systems/x86_64-linux/mx/nginx.nix index e71eb46..9058509 100644 --- a/systems/x86_64-linux/mx/nginx.nix +++ b/systems/x86_64-linux/mx/nginx.nix @@ -1,145 +1,145 @@ { ... }: { services.nginx.virtualHosts = { - "00000" = { - useACMEHost = "hoyer.xyz"; - serverName = "_"; - globalRedirect = "hoyer.xyz"; - addSSL = true; - }; + "00000" = { + useACMEHost = "hoyer.xyz"; + serverName = "_"; + globalRedirect = "hoyer.xyz"; + addSSL = true; + }; - "hoyer.photos" = { - enableACME = false; - useACMEHost = "hoyer.photos"; - forceSSL = true; - root = "/var/www/hoyer.xyz/html"; - }; + "hoyer.photos" = { + enableACME = false; + useACMEHost = "hoyer.photos"; + forceSSL = true; + root = "/var/www/hoyer.xyz/html"; + }; - "hoyer.world" = { - enableACME = false; - useACMEHost = "hoyer.world"; - forceSSL = true; - root = "/var/www/hoyer.xyz/html"; - }; + "hoyer.world" = { + enableACME = false; + useACMEHost = "hoyer.world"; + forceSSL = true; + root = "/var/www/hoyer.xyz/html"; + }; - "hoyer.social" = { - enableACME = false; - useACMEHost = "hoyer.social"; - forceSSL = true; - root = "/var/www/hoyer.xyz/html"; - }; + "hoyer.social" = { + enableACME = false; + useACMEHost = "hoyer.social"; + forceSSL = true; + root = "/var/www/hoyer.xyz/html"; + }; - "hoyer.xyz" = { - # serverName = "hoyer.xyz"; - serverAliases = [ "www.hoyer.xyz" ]; - useACMEHost = "hoyer.xyz"; - enableACME = false; - forceSSL = true; - root = "/var/www/hoyer.xyz/html"; - locations."/stats" = { - basicAuthFile = "/var/www/hoyer.xyz/stats.htaccess"; - }; - locations."/.well-known/webfinger" = { - return = "307 https://nc.hoyer.xyz/.well-known/webfinger"; - }; + "hoyer.xyz" = { + # serverName = "hoyer.xyz"; + serverAliases = [ "www.hoyer.xyz" ]; + useACMEHost = "hoyer.xyz"; + enableACME = false; + forceSSL = true; + root = "/var/www/hoyer.xyz/html"; + locations."/stats" = { + basicAuthFile = "/var/www/hoyer.xyz/stats.htaccess"; }; - - "surfsite.org" = { - useACMEHost = "surfsite.org"; - enableACME = false; - forceSSL = true; - root = "/var/www/surfsite.org"; - }; - - "kicker.surfsite.org" = { - useACMEHost = "surfsite.org"; - enableACME = false; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:8087/"; - }; - }; - - "git.hoyer.xyz" = { - useACMEHost = "hoyer.xyz"; - enableACME = false; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:3001/"; - }; - }; - - "webmail.hoyer.xyz" = { - useACMEHost = "hoyer.xyz"; - enableACME = false; - forceSSL = true; - }; - - "harald.hoyer.photos" = { - enableACME = true; - forceSSL = true; - root = "/var/www/photo.harald-hoyer.de/html"; - }; - "photo.harald-hoyer.de" = { - useACMEHost = "harald-hoyer.de"; - forceSSL = true; - root = "/var/www/photo.harald-hoyer.de/html"; - }; - "photo-harald.hoyer.xyz" = { - serverAliases = [ "photo.harald.hoyer.xyz" ]; - useACMEHost = "hoyer.xyz"; - forceSSL = true; - root = "/var/www/photo.harald-hoyer.de/html"; - }; - - "harald-hoyer.de" = { - serverAliases = [ "www.harald-hoyer.de" ]; - useACMEHost = "harald-hoyer.de"; - globalRedirect = "harald.hoyer.xyz"; - forceSSL = true; - }; - "harald.hoyer.xyz" = { - serverAliases = [ "www.harald.hoyer.xyz" ]; - useACMEHost = "hoyer.xyz"; - root = "/var/www/harald.hoyer.xyz/html/"; - extraConfig = '' - rewrite ^/feed/rss$ /rss.xml permanent; - rewrite ^/feed/rss/$ /rss.xml permanent; - rewrite ^/feed/$ /rss.xml permanent; - rewrite ^/feed/rss/index.html$ /rss.xml permanent; - rewrite ^/fedora/fedora/RSS2$ /tags/fedora/rss.xml permanent; - rewrite ^/linux/linux/RSS2$ /tags/linux/rss.xml permanent; - rewrite ^/linux/feed$ /tags/linux/rss.xml permanent; - rewrite ^/wp-rss2.php$ /rss.xml permanent; - rewrite ^/aggregator/rss.xml$ /rss.xml permanent; - rewrite ^/personal/blog/aggregator/RSS$ /rss.xml permanent; - rewrite ^/personal/blog/aggregator/RSS2$ /rss.xml permanent; - rewrite ^/aggregator/RSS$ /rss.xml permanent; - rewrite ^/aggregator/RSS2$ /rss.xml permanent; - rewrite ^/wp-commentsrss2.php$ /rss.xml permanent; - ''; - forceSSL = true; - }; - - "hartwin-hoyer.de" = { - serverAliases = [ "www.hartwin-hoyer.de" ]; - useACMEHost = "hartwin-hoyer.de"; - globalRedirect = "hartwin.hoyer.xyz"; - forceSSL = true; - }; - "hartwin.hoyer.xyz" = { - serverAliases = [ - "testhartwin.hoyer.xyz" - "www.hartwin.hoyer.xyz" - ]; - useACMEHost = "hoyer.xyz"; - root = "/var/www/hartwin.hoyer.xyz/html/"; - forceSSL = true; - }; - - "nc.hoyer.xyz" = { - useACMEHost = "hoyer.xyz"; - forceSSL = true; + locations."/.well-known/webfinger" = { + return = "307 https://nc.hoyer.xyz/.well-known/webfinger"; }; }; + + "surfsite.org" = { + useACMEHost = "surfsite.org"; + enableACME = false; + forceSSL = true; + root = "/var/www/surfsite.org"; + }; + + "kicker.surfsite.org" = { + useACMEHost = "surfsite.org"; + enableACME = false; + forceSSL = true; + locations."/" = { + proxyPass = "http://localhost:8087/"; + }; + }; + + "git.hoyer.xyz" = { + useACMEHost = "hoyer.xyz"; + enableACME = false; + forceSSL = true; + locations."/" = { + proxyPass = "http://localhost:3001/"; + }; + }; + + "webmail.hoyer.xyz" = { + useACMEHost = "hoyer.xyz"; + enableACME = false; + forceSSL = true; + }; + + "harald.hoyer.photos" = { + enableACME = true; + forceSSL = true; + root = "/var/www/photo.harald-hoyer.de/html"; + }; + "photo.harald-hoyer.de" = { + useACMEHost = "harald-hoyer.de"; + forceSSL = true; + root = "/var/www/photo.harald-hoyer.de/html"; + }; + "photo-harald.hoyer.xyz" = { + serverAliases = [ "photo.harald.hoyer.xyz" ]; + useACMEHost = "hoyer.xyz"; + forceSSL = true; + root = "/var/www/photo.harald-hoyer.de/html"; + }; + + "harald-hoyer.de" = { + serverAliases = [ "www.harald-hoyer.de" ]; + useACMEHost = "harald-hoyer.de"; + globalRedirect = "harald.hoyer.xyz"; + forceSSL = true; + }; + "harald.hoyer.xyz" = { + serverAliases = [ "www.harald.hoyer.xyz" ]; + useACMEHost = "hoyer.xyz"; + root = "/var/www/harald.hoyer.xyz/html/"; + extraConfig = '' + rewrite ^/feed/rss$ /rss.xml permanent; + rewrite ^/feed/rss/$ /rss.xml permanent; + rewrite ^/feed/$ /rss.xml permanent; + rewrite ^/feed/rss/index.html$ /rss.xml permanent; + rewrite ^/fedora/fedora/RSS2$ /tags/fedora/rss.xml permanent; + rewrite ^/linux/linux/RSS2$ /tags/linux/rss.xml permanent; + rewrite ^/linux/feed$ /tags/linux/rss.xml permanent; + rewrite ^/wp-rss2.php$ /rss.xml permanent; + rewrite ^/aggregator/rss.xml$ /rss.xml permanent; + rewrite ^/personal/blog/aggregator/RSS$ /rss.xml permanent; + rewrite ^/personal/blog/aggregator/RSS2$ /rss.xml permanent; + rewrite ^/aggregator/RSS$ /rss.xml permanent; + rewrite ^/aggregator/RSS2$ /rss.xml permanent; + rewrite ^/wp-commentsrss2.php$ /rss.xml permanent; + ''; + forceSSL = true; + }; + + "hartwin-hoyer.de" = { + serverAliases = [ "www.hartwin-hoyer.de" ]; + useACMEHost = "hartwin-hoyer.de"; + globalRedirect = "hartwin.hoyer.xyz"; + forceSSL = true; + }; + "hartwin.hoyer.xyz" = { + serverAliases = [ + "testhartwin.hoyer.xyz" + "www.hartwin.hoyer.xyz" + ]; + useACMEHost = "hoyer.xyz"; + root = "/var/www/hartwin.hoyer.xyz/html/"; + forceSSL = true; + }; + + "nc.hoyer.xyz" = { + useACMEHost = "hoyer.xyz"; + forceSSL = true; + }; + }; } diff --git a/systems/x86_64-linux/sgx/backup.nix b/systems/x86_64-linux/sgx/backup.nix index 98ddb04..1380e40 100644 --- a/systems/x86_64-linux/sgx/backup.nix +++ b/systems/x86_64-linux/sgx/backup.nix @@ -1,7 +1,8 @@ -{ pkgs -, lib -, config -, ... +{ + pkgs, + lib, + config, + ... }: let backup_new_path = "/mnt/raid/backup/hoyer/new/";