git — flake.git: 55f514388b66158b0380ff8185201eefc882c37e

@@ -1,10 +1,11 @@
 {
+  "format_on_save": "on",
   "languages": {
     "Nix": {
       "formatter": {
         "external": {
-          "command": "nix",
-          "arguments": ["fmt"],
+          "command": "treefmt",
+          "arguments": ["--stdin", "{buffer_path}"],
         },
       },
     },

M flake.nix → flake.nix

@@ -50,7 +50,7 @@ );
 
       nixosConfigurations = {
         dahlia = mkNixosSystem "dahlia" "x86_64-linux";
-        # ivy = mkNixosSystem "ivy" "x86_64-linux";
+        ivy = mkNixosSystem "ivy" "x86_64-linux";
       };
 
       homeConfigurations = {
@@ -66,14 +66,14 @@ inputs.ironbar.homeManagerModules.default
           ];
         };
 
-        # "willow@ivy" = home-manager.lib.homeManagerConfiguration {
-        #   pkgs = nixpkgs.legacyPackages."x86_64-linux";
-        #   extraSpecialArgs = {
-        #     inherit inputs;
-        #     hostname = "ivy";
-        #   };
-        #   modules = [ "./home/willow@ivy.nix" ];
-        # };
+        "willow@ivy" = home-manager.lib.homeManagerConfiguration {
+          pkgs = nixpkgs.legacyPackages."x86_64-linux";
+          extraSpecialArgs = {
+            inherit inputs;
+            hostname = "ivy";
+          };
+          modules = [ ./home/apr-ivy.nix ];
+        };
       };
     };
 }

M home/apr-dahlia.nix → home/apr-dahlia.nix

@@ -1,4 +1,9 @@
-{ pkgs, inputs, ... }:
+{
+  inputs,
+  pkgs,
+  config,
+  ...
+}:
 let
   zed-editor = (pkgs.callPackage ../pkgs/zed.nix { });
   bun = (pkgs.callPackage ../pkgs/bun.nix { });
@@ -26,6 +31,7 @@ theme = {
       name = "Adwaita-dark";
       package = pkgs.gnome-themes-extra;
     };
+    gtk4.theme = config.gtk.theme;
     gtk4.iconTheme = {
       package = pkgs.adwaita-icon-theme;
       name = "Adwaita";

M home/common/waybar/default.nix → home/common/waybar/default.nix

@@ -65,7 +65,5 @@ };
       };
     };
 
-
-
   };
 }

M hosts/common/default.nix → hosts/common/default.nix

@@ -65,8 +65,8 @@ sqlite
     nmap
     dig
     uv
-    python
-    nodejs
+    python3
+    nodejs-slim_latest
 
     # file
     unzip

M hosts/dahlia/default.nix → hosts/dahlia/default.nix

@@ -1,10 +1,10 @@
 { inputs, pkgs, ... }:
 {
   imports = [
+    ../common/default.nix
     ./hardware.nix
     ./programs.nix
     ./services.nix
-    ../common/default.nix
 
     inputs.home-manager.nixosModules.home-manager
   ];

M hosts/dahlia/services.nix → hosts/dahlia/services.nix

@@ -6,7 +6,6 @@ blueman.enable = true;
     gvfs.enable = true;
     desktopManager.gnome.enable = true;
 
-
     displayManager = {
       sessionPackages = with pkgs; [
         sway

A hosts/ivy/caddy/default.nix

@@ -0,0 +1,12 @@
+{
+  services.caddy = {
+    enable = true;
+    email = "v@vt3e.cat";
+
+    globalConfig = ''
+      on_demand_tls {
+        ask http://localhost:3010/tls-check
+      }
+    '';
+  };
+}

A hosts/ivy/default.nix

@@ -0,0 +1,44 @@
+{ pkgs, ... }:
+{
+  imports = [
+    ../common/default.nix
+    ./hardware.nix
+    ./ports.nix
+
+    ./caddy
+    ./services
+  ];
+
+  nix.settings.trusted-users = [
+    "root"
+    "@wheel"
+    "willow"
+  ];
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    kernelPackages = pkgs.linuxPackages_latest;
+  };
+
+  networking = {
+    hostName = "ivy";
+    networkmanager.enable = true;
+
+    firewall = {
+      allowedTCPPorts = [
+        22
+        80
+        443
+        11434
+      ];
+      allowedUDPPorts = [ ];
+      enable = true;
+    };
+  };
+  security.sudo.wheelNeedsPassword = false;
+
+  system.stateVersion = "25.11";
+}

A hosts/ivy/hardware.nix

@@ -0,0 +1,67 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ehci_pci"
+    "uhci_hcd"
+    "hpsa"
+    "usbhid"
+    "usb_storage"
+    "sd_mod"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [
+    "kvm-intel"
+    "msr"
+  ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/36220e08-4a8d-4327-a9e2-3f0c29868ce6";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/C4C4-4141";
+    fsType = "vfat";
+    options = [
+      "fmask=0077"
+      "dmask=0077"
+    ];
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/dceac273-3f1b-45d7-949f-c469eb5af518"; }
+  ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno2.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno3.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno4.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno49.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno50.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno51.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno52.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

A hosts/ivy/ports.nix

@@ -0,0 +1,22 @@
+{ lib, ... }:
+
+let
+  ports = {
+    vaultwarden = 8222;
+    immich = 8081;
+    navidrome = 4051;
+
+    tranquil = 8091;
+  };
+in
+{
+  options.svports = lib.mapAttrs (
+    name: _:
+    lib.mkOption {
+      type = lib.types.port;
+      description = "port to be used for ${name}.";
+    }
+  ) ports;
+
+  config.svports = ports;
+}

A hosts/ivy/services/default.nix

@@ -0,0 +1,8 @@
+{
+  imports = [
+    # ./at
+    ./vaultwarden.nix
+    # ./immich.nix
+    # ./navidrome.nix
+  ];
+}

A hosts/ivy/services/vaultwarden.nix

@@ -0,0 +1,36 @@
+{ config, ... }:
+{
+  services.vaultwarden = {
+    enable = true;
+    backupDir = "/var/backups/vaultwarden";
+    environmentFile = "/var/secrets/vaultwarden";
+    config = {
+      DOMAIN = "https://vaultwarden.vt3e.cat";
+      SIGNUPS_ALLOWED = false;
+
+      ROCKET_ADDRESS = "127.0.0.1";
+      ROCKET_PORT = config.svports.vaultwarden;
+      ROCKET_LOG = "critical";
+
+      SMTP_HOST = "smtp.resend.com";
+      SMTP_PORT = 2587;
+      SMTP_SECURITY = "starttls";
+
+      SMTP_FROM = "meow@mail.wlo.moe";
+      SMTP_FROM_NAME = "vaultmeowden";
+      SMTP_USER = "resend";
+      SMTP_USERNAME = "resend";
+    };
+  };
+
+  services.caddy.virtualHosts."vaultwarden.vt3e.cat" = {
+    hostName = "vaultwarden.vt3e.cat";
+    extraConfig = ''
+      encode zstd gzip
+      reverse_proxy :8222 {
+        header_up X-Real-IP {remote_host}
+      }
+    '';
+  };
+
+}

M pkgs/zed.nix → pkgs/zed.nix

@@ -10,7 +10,10 @@ libxkbcommon,
   vulkan-loader,
   mesa,
   xkeyboard-config,
-  xorg,
+  libXau,
+  libxcb,
+  libX11,
+  libXdmcp,
   ...
 }:
 
@@ -51,7 +54,7 @@ chmod +x $out/libexec/zed-editor
 
 
     wrapProgram $out/bin/zed \
-        --prefix LD_LIBRARY_PATH : ${alsa-lib}/lib:${wayland}/lib:${libxkbcommon}/lib:${vulkan-loader}/lib:${mesa}/lib:${xorg.libXau}/lib:${xorg.libxcb}/lib:${xorg.libX11}/lib:${xorg.libXdmcp}/lib \
+        --prefix LD_LIBRARY_PATH : ${alsa-lib}/lib:${wayland}/lib:${libxkbcommon}/lib:${vulkan-loader}/lib:${mesa}/lib:${libXau}/lib:${libxcb}/lib:${libX11}/lib:${libXdmcp}/lib \
         --set XKB_CONFIG_ROOT ${xkeyboard-config}/share/X11/xkb
 
     wrapProgram $out/libexec/zed-editor \

all repos — flake @ 55f514388b66158b0380ff8185201eefc882c37e

got my cool flake