Add linting, formatting, and CI with fixes for all warnings

Infrastructure: - Add deadnix, nixfmt, and statix to flake inputs - Add formatter output to flake for nix fmt support - Add deadnix, nixfmt, statix to Home Manager packages - Add GitHub Actions workflow for CI validation - Add .pre-commit-config.yaml with hooks for nixfmt, deadnix, and statix - Support x86_64-darwin in formatter Statix fixes (W10/W20 warnings): - Remove unused lambda argument from nixpkgs-settings.nix - Merge repeated keys in hardware-configuration.nix files (boot.initrd, boot, fileSystems) - Merge repeated keys in nixnuc/default.nix (services, virtualisation) - Merge repeated keys in rainbow-planet/default.nix (desktopManager) - Merge repeated keys in home/general/default.nix (home) Deadnix fixes (unused declarations): - Remove unused pkgs/lib/username/http_port arguments from various files - Fix unused final parameter in overlay functions (final -> _final) CI/pre-commit fixes: - Fix pre-commit statix config: add pass_filenames: false - Fix CI workflow: use nix run nixpkgs# prefix and --ci flag for nixfmt
2026-03-27 09:27:44 -04:00 · 2026-03-20 22:11:58 -04:00 · 2026-03-20 22:11:58 -04:00 · 9b3c078319
commit 9b3c078319
parent 5047d93b86
78 changed files with 1662 additions and 955 deletions
--- a/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix
@ -1,16 +1,21 @@
-{ config, ... }: let
+{ config, ... }:
+let
  mqtt_domain = "mqtt.technicalissues.us";
-in {
-  security.acme.certs.${mqtt_domain}.postRun = "systemctl restart ${config.systemd.services.mosquitto.name}";
+in
+{
+  security.acme.certs.${mqtt_domain}.postRun =
+    "systemctl restart ${config.systemd.services.mosquitto.name}";

  services.mosquitto = {
    enable = true;
    bridges = {
      liamcottle = {
-        addresses = [{
-          address = "mqtt.meshtastic.liamcottle.net";
-          port = 1883;
-        }];
+        addresses = [
+          {
+            address = "mqtt.meshtastic.liamcottle.net";
+            port = 1883;
+          }
+        ];
        topics = [
          "msh/# out 1 \"\""
        ];
@ -24,10 +29,12 @@ in {
        };
      };
      meshtastic = {
-        addresses = [{
-          address = "mqtt.meshtastic.org";
-          port = 1883;
-        }];
+        addresses = [
+          {
+            address = "mqtt.meshtastic.org";
+            port = 1883;
+          }
+        ];
        topics = [
          "msh/# out 1 \"\""
        ];
@ -42,10 +49,12 @@ in {
        };
      };
      homeassistant = {
-        addresses = [{
-          address = "homeasistant-lc.atlas-snares.ts.net";
-          port = 1883;
-        }];
+        addresses = [
+          {
+            address = "homeasistant-lc.atlas-snares.ts.net";
+            port = 1883;
+          }
+        ];
        topics = [
          "msh/US/2/e/LongFast/!a386c80 out 1 \"\""
          "msh/US/2/e/LongFast/!b03bcb24 out 1 \"\""
@ -62,53 +71,59 @@ in {
        };
      };
    };
-    listeners = let
-      mqtt_users = {
-        genebean = {
-          acl = [
-            "readwrite msh/#"
-          ];
-          hashedPasswordFile = config.sops.secrets.mosquitto_genebean.path;
+    listeners =
+      let
+        mqtt_users = {
+          genebean = {
+            acl = [
+              "readwrite msh/#"
+            ];
+            hashedPasswordFile = config.sops.secrets.mosquitto_genebean.path;
+          };
+          mountain_mesh = {
+            acl = [
+              "readwrite msh/#"
+            ];
+            hashedPasswordFile = config.sops.secrets.mosquitto_mountain_mesh.path;
+          };
        };
-        mountain_mesh = {
-          acl = [
-            "readwrite msh/#"
-          ];
-          hashedPasswordFile = config.sops.secrets.mosquitto_mountain_mesh.path;
-        };
-      };
-    in [
-      {
-        port = 1883;
-        users = mqtt_users;
-        settings.allow_anonymous = false;
-      }
-      {
-        port = 8883;
-        users = mqtt_users;
-        settings = let
-          certDir = config.security.acme.certs."${mqtt_domain}".directory;
-        in {
-          allow_anonymous = false;
-          keyfile = certDir + "/key.pem";
-          certfile = certDir + "/cert.pem";
-          cafile = certDir + "/chain.pem";
-        };
-      }
-      {
-        port = 9001;
-        users = mqtt_users;
-        settings = let
-          certDir = config.security.acme.certs."${mqtt_domain}".directory;
-        in {
-          allow_anonymous = false;
-          keyfile = certDir + "/key.pem";
-          certfile = certDir + "/cert.pem";
-          cafile = certDir + "/chain.pem";
-          protocol = "websockets";
-        };
-      }
-    ];
+      in
+      [
+        {
+          port = 1883;
+          users = mqtt_users;
+          settings.allow_anonymous = false;
+        }
+        {
+          port = 8883;
+          users = mqtt_users;
+          settings =
+            let
+              certDir = config.security.acme.certs."${mqtt_domain}".directory;
+            in
+            {
+              allow_anonymous = false;
+              keyfile = certDir + "/key.pem";
+              certfile = certDir + "/cert.pem";
+              cafile = certDir + "/chain.pem";
+            };
+        }
+        {
+          port = 9001;
+          users = mqtt_users;
+          settings =
+            let
+              certDir = config.security.acme.certs."${mqtt_domain}".directory;
+            in
+            {
+              allow_anonymous = false;
+              keyfile = certDir + "/key.pem";
+              certfile = certDir + "/cert.pem";
+              cafile = certDir + "/chain.pem";
+              protocol = "websockets";
+            };
+        }
+      ];
  };

  sops.secrets = {