2024-12-21 19:24:15 +00:00
37 changed files with 502 additions and 670 deletions
--- a/.editorconfig
+++ b/.editorconfig
@ -0,0 +1,10 @@
+[*]
+indent_style = tab
+
+[*.{nix,yaml}]
+indent_style = space
+indent_size = 2
+
+[*.py]
+indent_style = space
+indent_size = 4
--- a/flake.lock
+++ b/flake.lock
@ -2,11 +2,11 @@
  "nodes": {
    "impermanence": {
      "locked": {
-        "lastModified": 1730403150,
-        "narHash": "sha256-W1FH5aJ/GpRCOA7DXT/sJHFpa5r8sq2qAUncWwRZ3Gg=",
+        "lastModified": 1729068498,
+        "narHash": "sha256-C2sGRJl1EmBq0nO98TNd4cbUy20ABSgnHWXLIJQWRFA=",
        "owner": "nix-community",
        "repo": "impermanence",
-        "rev": "0d09341beeaa2367bac5d718df1404bf2ce45e6f",
+        "rev": "e337457502571b23e449bf42153d7faa10c0a562",
        "type": "github"
      },
      "original": {
@ -17,11 +17,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1730531603,
-        "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
+        "lastModified": 1729665710,
+        "narHash": "sha256-AlcmCXJZPIlO5dmFzV3V2XF6x/OpNWUV8Y/FMPGd8Z4=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d",
+        "rev": "2768c7d042a37de65bb1b5b3268fc987e534c49d",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -2,19 +2,13 @@
  inputs.nixpkgs.url = "nixpkgs/nixos-unstable";
  inputs.impermanence.url = "github:nix-community/impermanence";

-  outputs =
-    {
-      self,
-      nixpkgs,
-      impermanence,
-    }:
+  outputs = { self, nixpkgs, impermanence }:
    let
      inherit (nixpkgs) lib;

-      mypkgs =
-        pkgs:
-        self.lib.dirToAttrs ./pkgs (x: pkgs.callPackage x { })
-        // {
+      mypkgs = pkgs:
+        self.lib.dirToAttrs ./pkgs (x: pkgs.callPackage x { }) //
+        {
          iso = import lib/gen-iso.nix lib pkgs.system;
        };

@ -36,39 +30,43 @@

    in
    {
+      formatter = forAllSystems (system:
+        nixpkgs.legacyPackages.${system}.nixpkgs-fmt);
+
      lib = {
        base64 = import lib/base64.nix;
        gen-ssh-config = import lib/gen-ssh-config.nix lib;
        ssh-keys = import lib/ssh-keys.nix;

-        dirToAttrs =
-          dir: f:
-          lib.mapAttrs' (name: _: {
+        dirToAttrs = dir: f: lib.mapAttrs'
+          (name: _: {
            name = lib.removeSuffix ".nix" name;
            value = f "${toString dir}/${name}";
-          }) (builtins.readDir dir);
+          })
+          (builtins.readDir dir);
      };

-      nixosModules = self.lib.dirToAttrs ./modules import // {
+      nixosModules =
+        {
          inherit pins;
          inherit (impermanence.nixosModules) impermanence;
          pkgs.nixpkgs.overlays = [ (_: mypkgs) ];
-      };
+        } //
+        self.lib.dirToAttrs ./modules import;

-      nixosConfigurations = self.lib.dirToAttrs ./hosts (
-        dir:
-        let
-          cfg = import dir;
-        in
-        lib.nixosSystem {
+      nixosConfigurations = self.lib.dirToAttrs ./hosts
+        (dir:
+          let cfg = import dir;
+          in lib.nixosSystem {
            inherit (cfg) system;
            modules =
-            cfg.modules
-            ++ [ { networking.hostName = builtins.baseNameOf dir; } ]
-            ++ (builtins.attrValues self.nixosModules);
+              cfg.modules ++
+              [{ networking.hostName = builtins.baseNameOf dir; }] ++
+              (builtins.attrValues self.nixosModules);
          }
        );

-      packages = forAllSystems (system: mypkgs nixpkgs.legacyPackages.${system});
+      packages = forAllSystems (system:
+        mypkgs nixpkgs.legacyPackages.${system});
    };
 }
--- a/hosts/hp/configuration.nix
+++ b/hosts/hp/configuration.nix
@ -20,10 +20,7 @@ in
  ];

  services.openssh.hostKeys = [
-    {
-      type = "ed25519";
-      path = "${persist}/ssh_host_ed25519_key";
-    }
+    { type = "ed25519"; path = "${persist}/ssh_host_ed25519_key"; }
  ];

  users.mutableUsers = false;
@ -39,27 +36,11 @@ in
  hardware.enableRedistributableFirmware = true;

  fileSystems = {
-    "/" = {
-      device = "tmpfs";
-      fsType = "tmpfs";
-      options = [ "mode=755" ];
-    };
-    "/boot" = {
-      device = "/dev/disk/by-partlabel/EFI\\x20system\\x20partition";
-      fsType = "vfat";
-    };
-    "/home" = {
-      device = "zroot/locker/home";
-      fsType = "zfs";
-    };
-    "/nix" = {
-      device = "zroot/locker/nix";
-      fsType = "zfs";
-    };
-    "/var/log" = {
-      device = "zroot/locker/log";
-      fsType = "zfs";
-    };
+    "/" = { device = "tmpfs"; fsType = "tmpfs"; options = [ "mode=755" ]; };
+    "/boot" = { device = "/dev/disk/by-partlabel/EFI\\x20system\\x20partition"; fsType = "vfat"; };
+    "/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
+    "/nix" = { device = "zroot/locker/nix"; fsType = "zfs"; };
+    "/var/log" = { device = "zroot/locker/log"; fsType = "zfs"; };
  };

  system.stateVersion = "22.05";
--- a/hosts/levi/configuration.nix
+++ b/hosts/levi/configuration.nix
@ -8,10 +8,7 @@ in
  };

  services.openssh.hostKeys = [
-    {
-      type = "ed25519";
-      path = "${persist}/ssh_host_ed25519_key";
-    }
+    { type = "ed25519"; path = "${persist}/ssh_host_ed25519_key"; }
  ];

  # services.ollama = {
@ -25,10 +22,7 @@ in
  sconfig = {
    gnome = true;
    desktop.enable = true;
-    wg-home = {
-      enable = true;
-      path = "${persist}/wireguard_home.conf";
-    };
+    wg-home = { enable = true; path = "${persist}/wireguard_home.conf"; };
  };

  environment.persistence."${persist}/system".directories = [
@ -55,32 +49,14 @@ in
  boot = {
    loader.systemd-boot.enable = true;
    loader.efi.canTouchEfiVariables = true;
-    initrd.availableKernelModules = [
-      "xhci_pci"
-      "vmd"
-      "nvme"
-      "sd_mod"
-    ];
+    initrd.availableKernelModules = [ "xhci_pci" "vmd" "nvme" "sd_mod" ];
  };

  fileSystems = {
-    "/" = {
-      device = "tmpfs";
-      fsType = "tmpfs";
-      options = [ "mode=755" ];
-    };
-    "/boot" = {
-      fsType = "vfat";
-      device = "/dev/nvme0n1p1";
-    };
-    "/nix" = {
-      device = "levi/nix";
-      fsType = "zfs";
-    };
-    "/home" = {
-      device = "levi/home";
-      fsType = "zfs";
-    };
+    "/" = { device = "tmpfs"; fsType = "tmpfs"; options = [ "mode=755" ]; };
+    "/boot" = { fsType = "vfat"; device = "/dev/nvme0n1p1"; };
+    "/nix" = { device = "levi/nix"; fsType = "zfs"; };
+    "/home" = { device = "levi/home"; fsType = "zfs"; };
  };

  users.mutableUsers = false;
--- a/hosts/levi/gpu_notes.txt
+++ b/hosts/levi/gpu_notes.txt
@ -1,62 +0,0 @@
-{
-hardware.nvidia.prime.intelBusId = "PCI:0:2:0";
-hardware.nvidia.prime.nvidiaBusId = "PCI:1:0:0";
-}
-
-### Nothing here has been tested since 2022
-
-################################################################################
-
-### "sync mode"
-#
-# good:
-#   max performance on external displays
-#   no BIOS settings change needed
-#
-# bad:
-#   graphics performance overhead on internal display
-#   internal display capped at 60hz
-#
-# hardware.nvidia.prime.sync.enable = true;
-# hardware.nvidia.modesetting.enable = true;
-# services.xserver.displayManager.gdm.wayland = false;
-# services.xserver.videoDrivers = [ "nvidia" ];
-# # xrandr workaround for laptop panel not showing up with GDM. Reference:
-# # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix
-# services.xserver.displayManager.sessionCommands = ''
-#   ${pkgs.xorg.xrandr}/bin/xrandr --setprovideroutputsource modesetting NVIDIA-0
-# '';
-
-################################################################################
-
-### nvidia drivers disabled
-#
-# Not well tested. Possibly Incomplete.
-# Won't allow external displays connected to nvidia GPU.
-#
-# Shutting off Nvidia GPU would theoretically save power.
-# I do not think this actually powers down the Nvidia GPU, just stops using it.
-#
-# boot.kernelParams = [ "module_blacklist=nouveau" ];
-
-################################################################################
-
-### hybrid graphics
-#
-# Not well tested. Possibly Incomplete.
-# Won't allow external displays connected to nvidia GPU.
-#
-# Everything would use intel by default,
-# but specific apps would run on the nvidia GPU under the script.
-#
-# hardware.nvidia.prime.offload.enable = true;
-# services.xserver.videoDrivers = [ "nvidia" ];
-# environment.systemPackages = [
-#   (pkgs.writeShellScriptBin "nv" ''
-#     export __NV_PRIME_RENDER_OFFLOAD=1
-#     export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
-#     export __GLX_VENDOR_LIBRARY_NAME=nvidia
-#     export __VK_LAYER_NV_optimus=NVIDIA_only
-#     exec "$@"
-#   '')
-# ];
--- a/hosts/levi/xorg.nix
+++ b/hosts/levi/xorg.nix
@ -1,5 +1,16 @@
 {
+  hardware.nvidia.prime.intelBusId = "PCI:0:2:0";
+  hardware.nvidia.prime.nvidiaBusId = "PCI:1:0:0";
+
  ### NVIDIA-only using MUX switch in BIOS.
+  #
+  # good:
+  #   simple, always works.
+  #   max performance everywhere.
+  #
+  # bad:
+  #   requires BIOS setting changes, which is annoying.
+  #
  boot.kernelParams = [ "module_blacklist=i915" ];
  services.xserver.displayManager.gdm.wayland = false;
  services.xserver.videoDrivers = [ "nvidia" ];
@ -8,3 +19,61 @@
    Option "metamodes" "DP-2: 2560x1440_165 +0+0 {AllowGSYNCCompatible=On}"
  '';
 }
+
+### Nothing below this line has been tested since 2022
+
+################################################################################
+
+### "sync mode"
+#
+# good:
+#   max performance on external displays
+#   no BIOS settings change needed
+#
+# bad:
+#   graphics performance overhead on internal display
+#   internal display capped at 60hz
+#
+# hardware.nvidia.prime.sync.enable = true;
+# hardware.nvidia.modesetting.enable = true;
+# services.xserver.displayManager.gdm.wayland = false;
+# services.xserver.videoDrivers = [ "nvidia" ];
+# # xrandr workaround for laptop panel not showing up with GDM. Reference:
+# # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix
+# services.xserver.displayManager.sessionCommands = ''
+#   ${pkgs.xorg.xrandr}/bin/xrandr --setprovideroutputsource modesetting NVIDIA-0
+# '';
+
+################################################################################
+
+### nvidia drivers disabled
+#
+# Not well tested. Possibly Incomplete.
+# Won't allow external displays connected to nvidia GPU.
+#
+# Shutting off Nvidia GPU would theoretically save power.
+# I do not think this actually powers down the Nvidia GPU, just stops using it.
+#
+# boot.kernelParams = [ "module_blacklist=nouveau" ];
+
+################################################################################
+
+### hybrid graphics
+#
+# Not well tested. Possibly Incomplete.
+# Won't allow external displays connected to nvidia GPU.
+#
+# Everything would use intel by default,
+# but specific apps would run on the nvidia GPU under the script.
+#
+# hardware.nvidia.prime.offload.enable = true;
+# services.xserver.videoDrivers = [ "nvidia" ];
+# environment.systemPackages = [
+#   (pkgs.writeShellScriptBin "nv" ''
+#     export __NV_PRIME_RENDER_OFFLOAD=1
+#     export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
+#     export __GLX_VENDOR_LIBRARY_NAME=nvidia
+#     export __VK_LAYER_NV_optimus=NVIDIA_only
+#     exec "$@"
+#   '')
+# ];
--- a/lib/base64.nix
+++ b/lib/base64.nix
@ -1,20 +1,15 @@
-{ runCommand }:
-{
+{ runCommand }: {

-  b64decode =
-    input:
-    builtins.readFile (
-      runCommand "b64decode" { } ''
+  b64decode = input:
+    builtins.readFile
+      (runCommand "b64decode" { } ''
        base64 -d >$out <${builtins.toFile "input" input}
-      ''
-    );
+      '');

-  b64encode =
-    input:
-    builtins.readFile (
-      runCommand "b64encode" { } ''
+  b64encode = input:
+    builtins.readFile
+      (runCommand "b64encode" { } ''
        base64 -w0 >$out <${builtins.toFile "input" input}
-      ''
-    );
+      '');

 }
--- a/lib/gen-iso.nix
+++ b/lib/gen-iso.nix
@ -1,18 +1,16 @@
-lib: system:
+lib:
+system:

 let
  sys = lib.nixosSystem {
    inherit system;
    modules = [
-      (
-        { modulesPath, ... }:
-        {
+      ({ modulesPath, ... }: {
        imports = [
          "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
        ];
        isoImage.squashfsCompression = "gzip -Xcompression-level 1";
-        }
-      )
+      })
    ];
  };

--- a/lib/gen-ssh-config.nix
+++ b/lib/gen-ssh-config.nix
@ -1,22 +1,23 @@
-lib: nixosConfigurations:
+lib:
+nixosConfigurations:

 let
-  sshKnownHostsTxt = builtins.toFile "known_hosts" (
-    lib.concatMapStrings (
-      hostName:
-      let
-        d = nixosConfigurations.${hostName}.config.deploy;
-      in
-      lib.concatMapStrings (key: "${d.ssh.HostName} ${key}\n") d.sshPublicKeys
-    ) (builtins.attrNames nixosConfigurations)
+  sshKnownHostsTxt = builtins.toFile "known_hosts" (lib.concatMapStrings
+    (hostName:
+      let d = nixosConfigurations.${hostName}.config.deploy;
+      in lib.concatMapStrings (key: "${d.ssh.HostName} ${key}\n") d.sshPublicKeys
+    )
+    (builtins.attrNames nixosConfigurations)
  );

  attrsToList = lib.mapAttrsToList (n: v: "${n} ${v}");
  attrsToLines = a: lib.concatLines (attrsToList a);

 in
-lib.concatMapStrings (host: ''
+lib.concatMapStrings
+  (host: ''
    Host ${host}
    UserKnownHostsFile ${sshKnownHostsTxt}
    ${attrsToLines nixosConfigurations.${host}.config.deploy.ssh}
-'') (builtins.attrNames nixosConfigurations)
+  '')
+  (builtins.attrNames nixosConfigurations)
--- a/modules/ad-domain.nix
+++ b/modules/ad-domain.nix
@ -1,17 +1,10 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ config, lib, pkgs, ... }:

 let
  cfg = config.sconfig.ad-domain;
 in
 {
-  options.sconfig.ad-domain =
-    with lib;
-    with types;
+  options.sconfig.ad-domain = with lib; with types;
    {
      enable = mkEnableOption "Join Domain with SSSD";
      longname = mkOption {
@ -24,7 +17,8 @@ in
      };
    };

-  config = lib.mkIf cfg.enable {
+  config = lib.mkIf cfg.enable
+    {
      networking.domain = cfg.longname;
      networking.search = [ (cfg.longname) ];
      security.pam.services.sshd.makeHomeDir = true;
--- a/modules/backport.nix
+++ b/modules/backport.nix
@ -1,14 +1,15 @@
 let

-  brave = (
-    final: prev: {
+  brave = (final: prev: {
    brave =
      let
        # updates to the newer version before it hits the channels
        version = "1";
        hash = "";
      in
-        if prev.lib.versionAtLeast prev.brave.version version then
+      if
+        prev.lib.versionAtLeast prev.brave.version version
+      then
        prev.brave
      else
        prev.brave.overrideAttrs {
@ -17,8 +18,7 @@ let
            url = "https://github.com/brave/brave-browser/releases/download/v${version}/brave-browser_${version}_amd64.deb";
          };
        };
-    }
-  );
+  });

 in
 {
--- a/modules/cli/default.nix
+++ b/modules/cli/default.nix
@ -18,9 +18,9 @@
    lm_sensors
    ncdu
    nix-diff
-    nixfmt-rfc-style
    nix-index
    nix-prefetch-github
+    nixpkgs-fmt
    nodejs
    openssl
    parted
@ -42,11 +42,9 @@

    (writeShellScriptBin "dirt" "while sleep 1; do grep '^Dirty:' /proc/meminfo ; done")

-    (lib.hiPrio (
-      writeShellScriptBin "iftop" ''
+    (lib.hiPrio (writeShellScriptBin "iftop" ''
      exec ${iftop}/bin/iftop -P -m100M "$@"
-      ''
-    ))
+    ''))

    (writeShellScriptBin "bat" ''
      ${bat}/bin/bat --pager=never --color=always --wrap=never --terminal-width=80 "$@"
@ -87,11 +85,7 @@
      update_process_names = 1;
    };
    package = pkgs.htop.overrideAttrs (
-      {
-        patches ? [ ],
-        ...
-      }:
-      {
+      { patches ? [ ], ... }: {
        patches = patches ++ [
          # This patch fixes process sort order while in tree view.
          # Started in 3.3.0. Should be fixed in 3.4.0.
--- a/modules/cli/powerline.nix
+++ b/modules/cli/powerline.nix
@ -1,7 +1,7 @@
 { pkgs, ... }:
 let
-  left_hard_divider = builtins.fromJSON ''"\uE0B0" '';
-  upper_left_triangle = builtins.fromJSON ''"\uE0BC" '';
+  left_hard_divider = builtins.fromJSON '' "\uE0B0" '';
+  upper_left_triangle = builtins.fromJSON '' "\uE0BC" '';

  theme = {
    BoldForeground = true;
@ -11,20 +11,16 @@ let
    SeparatorFg = 16;
  };

-  customEnd = [
-    {
+  customEnd = [{
    Content = "$";
    Foreground = 231;
    Background = 102;
    Separator = left_hard_divider;
-    }
-  ];
+  }];

-  plconfig = builtins.toFile "powerline-config.json" (
-    builtins.toJSON {
+  plconfig = builtins.toFile "powerline-config.json" (builtins.toJSON {
    modes.patched.Separator = upper_left_triangle;
-    }
-  );
+  });

  args = [
    "-modules=\${remote:+'user,host,'}nix-shell,git,jobs,cwd,newline,customend"
@ -41,7 +37,9 @@ in
  environment.systemPackages = [
    pkgs.powerline-go

-    (pkgs.writeShellScriptBin "powerline-go-customend" "echo '${builtins.toJSON customEnd}'")
+    (pkgs.writeShellScriptBin
+      "powerline-go-customend"
+      "echo '${builtins.toJSON customEnd}'")
  ];

  environment.etc."powerline-theme.json".text = builtins.toJSON theme;
--- a/modules/desktop/alacritty.nix
+++ b/modules/desktop/alacritty.nix
@ -1,49 +1,26 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ config, lib, pkgs, ... }:

 let
-  aconfig = (pkgs.formats.toml { }).generate "alacritty.toml" {
+  aconfig = (pkgs.formats.toml { }).generate "alacritty.toml"
+    {
      env.TERM = "xterm-256color";
      font.size = 12;
      window = {
        dynamic_padding = true;
        resize_increments = true;
-      dimensions = {
-        columns = 120;
-        lines = 40;
-      };
+        dimensions = { columns = 120; lines = 40; };
      };
      keyboard.bindings = [
-      {
-        action = "ScrollHalfPageDown";
-        mods = "Shift";
-        key = "PageDown";
-      }
-      {
-        action = "ScrollHalfPageUp";
-        mods = "Shift";
-        key = "PageUp";
-      }
-      {
-        action = "SpawnNewInstance";
-        mods = "Control|Shift";
-        key = "N";
-      }
-      {
-        action = "SpawnNewInstance";
-        mods = "Control|Shift";
-        key = "T";
-      }
+        { action = "ScrollHalfPageDown"; mods = "Shift"; key = "PageDown"; }
+        { action = "ScrollHalfPageUp"; mods = "Shift"; key = "PageUp"; }
+        { action = "SpawnNewInstance"; mods = "Control|Shift"; key = "N"; }
+        { action = "SpawnNewInstance"; mods = "Control|Shift"; key = "T"; }
      ];
      colors = {
        primary.background = "0x1e1e1e";
        primary.foreground = "0xffffff";
      };
-    general.import = [ "${pkgs.alacritty-theme}/tango_dark.toml" ];
+      import = [ "${pkgs.alacritty-theme}/tango_dark.toml" ];
    };

  # Alacritty seems to not communicate well with gnome-shell. Quick fix:
--- a/modules/desktop/chromium.nix
+++ b/modules/desktop/chromium.nix
@ -1,9 +1,4 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ config, lib, pkgs, ... }:
 {
  config = lib.mkIf (config.sconfig.desktop.enable) {
    environment.systemPackages = [
@ -31,14 +26,8 @@
        ShowFullUrlsInAddressBar = true;
        SyncDisabled = true; # required for BrowsingDataLifetime
        BrowsingDataLifetime = [
-          {
-            data_types = [ "browsing_history" ];
-            time_to_live_in_hours = 24 * 7;
-          }
-          {
-            data_types = [ "download_history" ];
-            time_to_live_in_hours = 6;
-          }
+          { data_types = [ "browsing_history" ]; time_to_live_in_hours = 24 * 7; }
+          { data_types = [ "download_history" ]; time_to_live_in_hours = 6; }
        ];
      };
    };
--- a/modules/desktop/default.nix
+++ b/modules/desktop/default.nix
@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, pkgs, lib, ... }:
 with lib;
 {
  options.sconfig.desktop = {
--- a/modules/desktop/firefox.nix
+++ b/modules/desktop/firefox.nix
@ -1,9 +1,4 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ config, lib, pkgs, ... }:
 {
  config = lib.mkIf (config.sconfig.desktop.enable) {
    environment.systemPackages = [
@ -17,12 +12,8 @@
          OfferToSaveLogins = false;
          DisableFormHistory = true;
          SearchSuggestEnabled = false;
-          Preferences =
-            builtins.mapAttrs
-              (n: v: {
-                Value = v;
-                Status = "locked";
-              })
+          Preferences = builtins.mapAttrs
+            (n: v: { Value = v; Status = "locked"; })
            {
              "accessibility.force_disabled" = 1;
              "browser.aboutConfig.showWarning" = false;
@ -38,10 +29,8 @@
              "ui.key.menuAccessKeyFocuses" = false;
            };
          ExtensionSettings =
-            {
-              "*".installation_mode = "blocked";
-            }
-            // builtins.mapAttrs
+            { "*".installation_mode = "blocked"; } //
+            builtins.mapAttrs
              (n: v: {
                installation_mode = "force_installed";
                install_url = "https://addons.mozilla.org/firefox/downloads/latest/${v}/latest.xpi";
--- a/modules/desktop/vscode.nix
+++ b/modules/desktop/vscode.nix
@ -1,9 +1,4 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ config, lib, pkgs, ... }:
 {
  config = lib.mkIf (config.sconfig.desktop.enable) {
    environment.systemPackages = with pkgs; [
@ -27,8 +22,9 @@

    environment.etc."vscode-keybindings.json".source = ./vscode-keybindings.json;
    environment.etc."vscode-settings.json".text = builtins.toJSON (
-      (builtins.fromJSON (builtins.readFile ./vscode-settings.json))
-      // {
+      (
+        builtins.fromJSON (builtins.readFile ./vscode-settings.json)
+      ) // {
        # NixOS-specific vscode settings:
        "extensions.autoCheckUpdates" = false;
        "extensions.autoUpdate" = false;
--- a/modules/devtools.nix
+++ b/modules/devtools.nix
@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, pkgs, lib, ... }:
 let
  cfg = config.sconfig.devtools;
 in
@ -11,7 +6,8 @@ in
  options.sconfig.devtools.enable = lib.mkEnableOption "Development Tools";

  config = lib.mkIf cfg.enable {
-    environment.systemPackages = with pkgs; [
+    environment.systemPackages = with pkgs;
+      [
        black
        cargo
        efm-langserver
@ -38,7 +34,8 @@ in
        # dedicated script, because bash aliases dont work with `watch`
        (writeShellScriptBin "k" "exec kubectl \"$@\"")

-      (google-cloud-sdk.withExtraComponents [ google-cloud-sdk.components.gke-gcloud-auth-plugin ])
+        (google-cloud-sdk.withExtraComponents
+          [ google-cloud-sdk.components.gke-gcloud-auth-plugin ])
      ];
    programs.bash.interactiveShellInit = ''
      alias t=terraform
--- a/modules/gnome.nix
+++ b/modules/gnome.nix
@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, pkgs, lib, ... }:
 let
  cfg = config.sconfig.gnome;
 in
--- a/modules/helix/default.nix
+++ b/modules/helix/default.nix
@ -4,15 +4,11 @@ let
    exec prettier --stdin-filepath "$HX_FILE"
  '';

-  prettier-formats =
-    map
+  prettier-formats = map
    (name: {
      inherit name;
      auto-format = true;
-        indent = {
-          tab-width = 4;
-          unit = "\t";
-        };
+      indent = { tab-width = 4; unit = "\t"; };
      formatter.command = hx-pretty;
    })
    [
@ -25,7 +21,8 @@ let

 in
 {
-  environment.etc."bck-helix/config.toml".source = (pkgs.formats.toml { }).generate "config.toml" {
+  environment.etc."bck-helix/config.toml".source =
+    (pkgs.formats.toml { }).generate "config.toml" {
      theme = "dark_plus";
      editor = {
        auto-format = true;
@ -46,44 +43,28 @@ in
    };

  environment.etc."bck-helix/languages.toml".source =
-    (pkgs.formats.toml { }).generate "languages.toml"
-      {
+    (pkgs.formats.toml { }).generate "languages.toml" {
      language = prettier-formats ++ [
        {
          name = "bash";
          auto-format = true;
-            indent = {
-              tab-width = 4;
-              unit = "\t";
-            };
+          indent = { tab-width = 4; unit = "\t"; };
        }
        {
          name = "lua";
          auto-format = true;
-            indent = {
-              tab-width = 4;
-              unit = "\t";
-            };
+          indent = { tab-width = 4; unit = "\t"; };
        }
        {
          name = "nix";
          auto-format = true;
-            formatter = {
-              command = "nixfmt";
-              args = [ "--verify" ];
-            };
+          formatter.command = "nixpkgs-fmt";
        }
        {
          name = "python";
          auto-format = true;
          language-servers = [ "pyright" ];
-            formatter = {
-              command = "black";
-              args = [
-                "--quiet"
-                "-"
-              ];
-            };
+          formatter = { command = "black"; args = [ "--quiet" "-" ]; };
        }
        {
          name = "yaml";
@ -100,19 +81,13 @@ in
    };

  environment.systemPackages = with pkgs; [
-    (helix.overrideAttrs (
-      {
-        patches ? [ ],
-        ...
-      }:
-      {
+    (helix.overrideAttrs ({ patches ? [ ], ... }: {
      # Patch required for .editorconfig to work properly with formatters
      patches = patches ++ [ ./format-filepath.patch ];
      postPatch = ''
        sed 's/tab-width = .,/tab-width = 4,/' -i languages.toml
      '';
-      }
-    ))
+    }))
  ];

  environment.etc."bck-settings.sh".text = ''
--- a/modules/plasma.nix
+++ b/modules/plasma.nix
@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, pkgs, lib, ... }:
 let
  cfg = config.sconfig.plasma;
 in
--- a/modules/security-tools.nix
+++ b/modules/security-tools.nix
@ -1,9 +1,4 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ config, lib, pkgs, ... }:
 let

  cfg = config.sconfig.security-tools;
--- a/modules/swapspace.nix
+++ b/modules/swapspace.nix
@ -1,9 +1,4 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ config, lib, pkgs, ... }:
 let
  cfg = config.sconfig.swapspace;
 in
--- a/modules/wg-home.nix
+++ b/modules/wg-home.nix
@ -1,9 +1,4 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ config, lib, pkgs, ... }:
 let
  cfg = config.sconfig.wg-home;
 in
--- a/pkgs/bck-authorized-keys.nix
+++ b/pkgs/bck-authorized-keys.nix
@ -1,6 +1,5 @@
-{
-  lib,
-  writeTextDir,
+{ lib
+, writeTextDir
 }:

 writeTextDir "authorized_keys" (lib.concatLines (import ../lib/ssh-keys.nix))
--- a/pkgs/bck-nvim/default.nix
+++ b/pkgs/bck-nvim/default.nix
@ -1,17 +1,20 @@
-{
-  lib,
-  extraBinPaths ? [ ],
-  neovim-unwrapped,
-  vimPlugins,
-  wrapNeovim,
+{ lib
+, extraBinPaths ? [ ]
+, neovim-unwrapped
+, vimPlugins
+, wrapNeovim
 }:

 let
-  luafiles = lib.concatLines (
-    map (x: "luafile ${./lua}/${x}") (builtins.attrNames (builtins.readDir ./lua))
+  luafiles = lib.concatLines (map
+    (x: "luafile ${./lua}/${x}")
+    (builtins.attrNames (builtins.readDir ./lua))
  );

-  extraPath = lib.concatLines (map (p: "let $PATH .= ':${p}/bin'") (extraBinPaths));
+  extraPath = lib.concatLines (map
+    (p: "let $PATH .= ':${p}/bin'")
+    (extraBinPaths)
+  );

 in
 wrapNeovim neovim-unwrapped {
--- a/pkgs/bck-nvim/lua/5-lsp.lua
+++ b/pkgs/bck-nvim/lua/5-lsp.lua
@ -56,7 +56,7 @@ lspconfig.nil_ls.setup({
 	settings = {
 		['nil'] = {
 			formatting = {
-				command = { "nixfmt", "--verify" },
+				command = { "nixpkgs-fmt" },
 			},
 		},
 	},
--- a/pkgs/binaryninja/default.nix
+++ b/pkgs/binaryninja/default.nix
@ -1,12 +1,11 @@
-{
-  stdenv,
-  autoPatchelfHook,
-  libglvnd,
-  makeWrapper,
-  python3,
-  qt6,
-  requireFile,
-  unzip,
+{ stdenv
+, autoPatchelfHook
+, libglvnd
+, makeWrapper
+, python3
+, qt6
+, requireFile
+, unzip
 }:

 let
--- a/pkgs/deploy/default.nix
+++ b/pkgs/deploy/default.nix
@ -1,7 +1,6 @@
-{
-  nixos-rebuild,
-  python3,
-  writeShellScriptBin,
+{ nixos-rebuild
+, python3
+, writeShellScriptBin
 }:

 writeShellScriptBin "deploy" ''
--- a/pkgs/firecracker-vm/default.nix
+++ b/pkgs/firecracker-vm/default.nix
@ -1,16 +1,14 @@
-{
-  callPackage,
-  firecracker,
-  writeShellApplication,
-  writeText,
+{ callPackage
+, firecracker
+, writeShellApplication
+, writeText
 }:

 let
  kernel = callPackage ./kernel.nix { };
  rootfs = callPackage ./rootfs.nix { };

-  vmconfig = writeText "vmconfig.json" (
-    builtins.toJSON {
+  vmconfig = writeText "vmconfig.json" (builtins.toJSON {
    boot-source = {
      kernel_image_path = "${kernel}/vmlinux";
      boot_args = "panic=1 console=ttyS0 ro";
@ -26,14 +24,11 @@ let
    machine-config.vcpu_count = 2;
    machine-config.mem_size_mib = 1024;
    network-interfaces = [ ];
-    }
-  );
+  });

 in
 writeShellApplication {
  name = "firecracker-vm";
  text = "${firecracker}/bin/firecracker --no-api --config-file ${vmconfig}";
-  derivationArgs.passthru = {
-    inherit kernel rootfs;
-  };
+  derivationArgs.passthru = { inherit kernel rootfs; };
 }
--- a/pkgs/firecracker-vm/kernel.nix
+++ b/pkgs/firecracker-vm/kernel.nix
@ -1,8 +1,7 @@
-{
-  fetchFromGitHub,
-  linuxManualConfig,
-  linux_6_1,
-  kernel ? linux_6_1,
+{ fetchFromGitHub
+, linuxManualConfig
+, linux_6_1
+, kernel ? linux_6_1
 }:

 let
@ -13,21 +12,23 @@ let
    hash = "sha256-NuVH12cy38uu+8oms66p9k0xoMOJSl5AvY5pD1FCKkI=";
  };

-  shortVer = builtins.head (builtins.match "([0-9]+\.[0-9]+).*" kernel.version);
+  shortVer = builtins.head (
+    builtins.match
+      "([0-9]+\.[0-9]+).*"
+      kernel.version
+  );

 in
 (linuxManualConfig {

  inherit (kernel) src version;
-  configfile = "${fcsrc}/resources/guest_configs/microvm-kernel-ci-x86_64-${shortVer}.config";
+  configfile =
+    "${fcsrc}/resources/guest_configs/microvm-kernel-ci-x86_64-${shortVer}.config";

-}).overrideAttrs
-  (o: {
+}).overrideAttrs (o: {

-    postInstall =
-      (o.postInstall or "")
-      + ''
+  postInstall = (o.postInstall or "") + ''
    cp vmlinux $out/
  '';

-  })
+})
--- a/pkgs/firecracker-vm/rootfs.nix
+++ b/pkgs/firecracker-vm/rootfs.nix
@ -1,9 +1,8 @@
-{
-  e2fsprogs,
-  pkgsStatic,
-  runCommand,
-  util-linux,
-  writeShellScript,
+{ e2fsprogs
+, pkgsStatic
+, runCommand
+, util-linux
+, writeShellScript
 }:

 let
--- a/pkgs/ftb.nix
+++ b/pkgs/ftb.nix
@ -1,9 +1,8 @@
-{
-  lib,
-  dpkg,
-  fetchurl,
-  stdenv,
-  steam-run,
+{ lib
+, dpkg
+, fetchurl
+, stdenv
+, steam-run
 }:

 stdenv.mkDerivation rec {
--- a/pkgs/mp4grep.nix
+++ b/pkgs/mp4grep.nix
@ -1,12 +1,11 @@
-{
-  stdenv,
-  autoPatchelfHook,
-  fetchFromGitHub,
-  fetchzip,
-  gcc-unwrapped,
-  makeWrapper,
-  ocamlPackages,
-  model ? "small",
+{ stdenv
+, autoPatchelfHook
+, fetchFromGitHub
+, fetchzip
+, gcc-unwrapped
+, makeWrapper
+, ocamlPackages
+, model ? "small"
 }:

 let
@ -31,7 +30,8 @@ let
  '';

 in
-stdenv.mkDerivation rec {
+stdenv.mkDerivation rec
+{
  pname = "mp4grep";
  version = "0.1.4";

--- a/pkgs/weevely.nix
+++ b/pkgs/weevely.nix
@ -1,9 +1,4 @@
-{
-  stdenv,
-  python3,
-  fetchFromGitHub,
-  makeWrapper,
-}:
+{ stdenv, python3, fetchFromGitHub, makeWrapper }:

 stdenv.mkDerivation rec {
  pname = "weevely";
@ -16,16 +11,14 @@ stdenv.mkDerivation rec {
    sha256 = "0sgjf7ihgipb33k73d84dcx7snv2fvbzyd0f4468k1w5w6zqm9xj";
  };

-  pythonWithPkgs = python3.withPackages (
-    ps: with ps; [
+  pythonWithPkgs = python3.withPackages (ps: with ps; [
    Mako
    prettytable
    pyopenssl
    pysocks
    python-dateutil
    pyyaml
-    ]
-  );
+  ]);

  buildInputs = [ makeWrapper ];