Add linting, formatting, and CI with fixes for all warnings

Infrastructure: - Add deadnix, nixfmt, and statix to flake inputs - Add formatter output to flake for nix fmt support - Add deadnix, nixfmt, statix to Home Manager packages - Add GitHub Actions workflow for CI validation - Add .pre-commit-config.yaml with hooks for nixfmt, deadnix, and statix - Support x86_64-darwin in formatter Statix fixes (W10/W20 warnings): - Remove unused lambda argument from nixpkgs-settings.nix - Merge repeated keys in hardware-configuration.nix files (boot.initrd, boot, fileSystems) - Merge repeated keys in nixnuc/default.nix (services, virtualisation) - Merge repeated keys in rainbow-planet/default.nix (desktopManager) - Merge repeated keys in home/general/default.nix (home) Deadnix fixes (unused declarations): - Remove unused pkgs/lib/username/http_port arguments from various files - Fix unused final parameter in overlay functions (final -> _final) CI/pre-commit fixes: - Fix pre-commit statix config: add pass_filenames: false - Fix CI workflow: use nix run nixpkgs# prefix and --ci flag for nixfmt
2026-03-27 01:17:42 -04:00 · 2026-03-20 22:11:58 -04:00 · 2026-03-20 22:11:58 -04:00 · 9b3c078319
commit 9b3c078319
parent 5047d93b86
78 changed files with 1662 additions and 955 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -1,2 +1,3 @@
 *.yaml diff=sopsdiffer
 .pre-commit-config.yaml diff=default
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@ -0,0 +1,27 @@
 name: Validate
 on:
  pull_request:
 jobs:
  validate:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: cachix/install-nix-action@v26
        with:
          extra_nix_config: |
            trusted-users = root @runner
      - name: Validate flake
        run: nix flake show
      - name: Check formatting
        run: nix fmt -- --ci .
      - name: Run deadnix
        run: nix run nixpkgs#deadnix ./modules ./lib
      - name: Run statix
        run: nix run nixpkgs#statix check -- .
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -0,0 +1,26 @@
 repos:
  - repo: local
    hooks:
      - id: nixfmt
        name: nixfmt
        entry: nix
        language: system
        types: [nix]
        pass_filenames: false
        args: ["fmt"]
      - id: deadnix
        name: deadnix
        entry: deadnix
        language: system
        types: [nix]
        args: ["./modules", "./lib"]
      - id: statix
        name: statix
        entry: statix
        language: system
        types: [nix]
        pass_filenames: false
        args: ["check", "."]
--- a/README.md
+++ b/README.md
@ -3,8 +3,8 @@
 This repo is a Nix flake that manages most of my setup on macOS and fully manages machines I have that run NixOS as their operating system.
 - [Flake structure](#flake-structure)
 - [Note](#note)
 - [Repo structure](#repo-structure)
 - [Hosts](#hosts)
 - [Historical bits](#historical-bits)
 - [Adding a new macOS host](#adding-a-new-macos-host)
  - [Extras steps not done by Nix and/or Homebrew and/or mas](#extras-steps-not-done-by-nix-andor-homebrew-andor-mas)
@ -18,100 +18,119 @@ This repo is a Nix flake that manages most of my setup on macOS and fully manage
 ## Flake structure
-> **RESTRUCTURING IN PROGRESS**: please note, I am restructuring this to remove a lot of complexity. This first pass is done and moves home manager bits into modules that have home in the name. Things that apply to everything under a part of the tree are in a corresponding `default.nix`
+The Nix bits are driven by `flake.nix` which pulls in things under `modules/`. Both Intel and Apple Silicon macOS are supported, as is NixOS.
 The Nix bits are driven by `flake.nix` which pulls in things under `modules/`. Both Intel and Apple Silicon macOS are suppoted, as is NixOS. The flake is structured like so:
 - description: a human readable description of this flake
 - inputs: all the places things are pulled from
 - outputs:
  - all the outputs from the inputs
  - a `let` ... `in` block that contains:
-    - `darwinHostConfig` which takes a set of paramters as an attribute set and pulls in all the things needed to use Nix on a macOS host
+    - `mkDarwinHost` which takes a set of parameters and pulls in all the things needed to use Nix on a macOS host
-    - `mkNixosHost` which takes a set of parameters as an attribute set and pulls in all the things needed to configure a NixOS host
+    - `mkNixosHost` which takes a set of parameters and pulls in all the things needed to configure a NixOS host
-    - `linuxHomeConfig` which takes a set of paramters as an attribute set and pulls in the things I manage on non-NixOS Linux hosts
+    - `mkHomeConfig` which takes a set of parameters and pulls in things for standalone Home Manager (non-NixOS Linux)
  - the body of outputs that contains:
-    - `darwinConfigurations` contains is an attribute set that contains keys named for each macOS host set to the results of a call to `darwinHostConfig` with values for each of the required parameters
+    - `darwinConfigurations` - an attribute set keyed by hostname for each macOS host
-    - `nixosConfigurations` contains is an attribute set that contains keys named for each NixOS host set to the results of a call to `darwinHostConfig` with values for each of the required parameters
+    - `nixosConfigurations` - an attribute set keyed by hostname for each NixOS host
-    - `homeConfigurations` contains an entry for each username set to the results of a call to `linuxHomeConfig` with values for each of the required parameters
+    - `homeConfigurations` - an attribute set keyed by username for standalone HM users
-The parameters on `darwinHostConfig` & `mkNixosHost` are:
+The parameters on `mkDarwinHost`, `mkNixosHost`, and `mkHomeConfig` are:
- `system:` the system definition to use for nixpkgs
+- `system:` the system definition to use for nixpkgs (e.g., "x86_64-linux", "aarch64-darwin")
 - `hostname:` the hostname of the machine being configured
 - `username:` the username being configured on the host (all code currently assumes there is a single human user managed by Nix)
- `additionalModules:` any nix modules that are desired to supplement the default for the host. An example use case for this is adding in the hardware specific module from `nixos-hardware`.
+- `additionalModules:` any nix modules that are desired to supplement the default for the host
- `additionalSpecialArgs:` any supplemental arguments to be passed to `specialArgs`.
+- `additionalSpecialArgs:` any supplemental arguments to be passed to `specialArgs`
 The parameters on `linxuHomeConfig` are the same as the above.
 ## Note
 > All the bits below here are useful, but may be slightly outdated... I have not done a good job of keeping them updated.
 ## Repo structure
-The Nix stuff is structured like so, at least for now:
+Key files at the root level:
 - `flake.nix` - Main flake entry point, defines all hosts and inputs
 - `flake.lock` - Lock file for pinned dependencies
 - `lib/` - Helper functions (mkDarwinHost, mkNixosHost, mkHomeConfig)
 - `modules/hosts/` - All host configurations (see tree below)
 - `.sops.yaml` - SOPS secrets management configuration
 - `examples/flake-structure.nix` - Minimal example showing flake structure
 The Nix stuff is structured like so:
 ```bash
-$ tree . -I legacy* -I link* --gitignore --dirsfirst
+$ tree modules -I secrets.yaml --dirsfirst
-.
+modules
-├── modules
+├── shared                     # Shared configurations (formerly common)
-│   ├── home-manager
+│   ├── all-gui.nix
-│   │   ├── common
+│   ├── default.nix
-│   │   │   ├── linux-apps
+│   ├── files                  # Home manager files (nvim, powershell, tilix, waybar, xfce4)
-│   │   │   │   ├── tilix.nix
+│   ├── linux
-│   │   │   │   ├── waybar.nix
+│   │   ├── apps              # Linux-specific apps (waybar, tilix, etc.)
-│   │   │   │   └── xfce4-terminal.nix
+│   │   ├── home.nix
-│   │   │   ├── all-cli.nix
+│   │   ├── internationalisation.nix
-│   │   │   ├── all-darwin.nix
+│   │   ├── lets-encrypt.nix
-│   │   │   ├── all-gui.nix
+│   │   ├── nixroutes.nix
-│   │   │   └── all-linux.nix
+│   │   └── restic.nix
-│   │   ├── files
+│   └── linux-apps            # (deprecated, apps moved to linux/)
-│   │   │   ├── tilix
+└── hosts
-│   │   │   │   └── Beanbag-Mathias.json
+    ├── darwin                     # macOS system & home configs
-│   │   │   ├── waybar
+    │   ├── AirPuppet
-│   │   │   │   ├── config
+    │   │   └── home-gene.nix
-│   │   │   │   └── style.css
+    │   ├── Blue-Rock
-│   │   │   ├── xfce4
+    │   │   ├── default.nix
-│   │   │   │   └── terminal
+    │   │   └── home-gene.liverman.nix
-│   │   │   │       ├── accels.scm
+    │   ├── default.nix
-│   │   │   │       └── terminalrc
+    │   ├── home.nix
-│   │   │   └── Microsoft.PowerShell_profile.ps1
+    │   └── mightymac
-│   │   └── hosts
+    │       ├── default.nix
-│   │       ├── Blue-Rock
+    │       └── home-gene.liverman.nix
-│   │       │   └── gene.liverman.nix
+    ├── home-manager-only         # Standalone Home Manager (non-NixOS Linux)
-│   │       ├── nixnuc
+    │   ├── default.nix
-│   │       │   └── gene.nix
+    │   ├── home-gene.liverman.nix
-│   │       └── rainbow-planet
+    │   └── home-gene.nix
-│   │           └── gene.nix
+    └── nixos                     # NixOS system & home configs
-│   ├── hosts
+        ├── bigboy
-│   │   ├── darwin
+        │   ├── default.nix
-│   │   │   └── Blue-Rock
+        │   ├── hardware-configuration.nix
-│   │   │       └── default.nix
+        │   └── home-gene.nix
-│   │   └── nixos
+        ├── default.nix
-│   │       ├── nixnuc
+        ├── hetznix01
-│   │       │   ├── default.nix
+        │   ├── default.nix
-│   │       │   └── hardware-configuration.nix
+        │   ├── disk-config.nix
-│   │       └── rainbow-planet
+        │   ├── hardware-configuration.nix
-│   │           ├── default.nix
+        │   ├── home-gene.nix
-│   │           └── hardware-configuration.nix
+        │   ├── post-install       # Post-install services
-│   └── system
+        │   │   ├── containers
-│       └── common
+        │   │   ├── default.nix
-│           ├── linux
+        │   │   ├── matrix-synapse.nix
-│           │   └── internationalisation.nix
+        │   │   ├── monitoring.nix
-│           ├── all-darwin.nix
+        │   │   ├── mosquitto.nix
-│           └── all-nixos.nix
+        │   │   └── nginx.nix
-├── LICENSE
+        │   └── secrets.yaml
-├── README.md
+        ├── hetznix02
-├── Vagrantfile
+        ├── kiosk-entryway
-├── flake.lock
+        ├── kiosk-gene-desk
-└── flake.nix
+        ├── nixnas1
-
+        │   ├── default.nix
-23 directories, 29 files
+        │   ├── disk-config.nix
        │   ├── hardware-configuration.nix
        │   ├── home-gene.nix
        │   └── secrets.yaml
        ├── nixnuc
        │   ├── containers
        │   ├── default.nix
        │   ├── hardware-configuration.nix
        │   ├── home-gene.nix
        │   └── monitoring-stack.nix
        └── rainbow-planet
            ├── default.nix
            ├── gnome.nix
            ├── hardware-configuration.nix
            └── home-gene.nix
 ```
 ## Hosts
 - **Darwin (macOS)**: AirPuppet, Blue-Rock, mightymac
 - **NixOS**: bigboy, hetznix01, hetznix02, kiosk-entryway, kiosk-gene-desk, nixnas1, nixnuc, rainbow-planet
 - **Home Manager only**: gene (x86_64-linux, aarch64-linux)
 ## Historical bits
 This repo historically contained my dot files. Historically symlinked files on Windows are still in `windows/`. Everything else is just in git history now.
--- a/examples/flake-structure.nix
+++ b/examples/flake-structure.nix
@ -1,48 +1,45 @@
 {
-  inputs = {};
+  inputs = {
-  outputs = inputs@{}: let
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
-    darwinHostConfig = { system, hostname, username, additionalModules, additionalSpecialArgs }:
+    home-manager.url = "github:nix-community/home-manager";
-      nix-darwin.lib.darwinSystem { };
+    nix-darwin.url = "github:lnl7/nix-darwin";
    nixos-hardware.url = "github:NixOS/nixos-hardware";
  };
-    mkNixosHost = { system, hostname, username, additionalModules, additionalSpecialArgs }:
+  outputs =
-      nixpkgs.lib.nixosSystem { };
+    inputs@{ self, ... }:
-    
+    let
-    linuxHomeConfig = { system, hostname, username, additionalModules, additionalSpecialArgs }:
+      # Import helper functions from lib/
-      home-manager.lib.homeManagerConfiguration { };
+      localLib = import ./lib { inherit inputs; };
-
+    in
-  in {
+    {
      # Darwin (macOS) hosts
      darwinConfigurations = {
-      mightymac = darwinHostConfig {
+        mightymac = localLib.mkDarwinHost {
          system = "aarch64-darwin";
          hostname = "mightymac";
          username = "gene.liverman";
        additionalModules = [];
        additionalSpecialArgs = {};
        };
      };
      # NixOS hosts
      nixosConfigurations = {
-      rainbow-planet = mkNixosHost {
+        rainbow-planet = localLib.mkNixosHost {
          system = "x86_64-linux";
          hostname = "rainbow-planet";
          username = "gene";
          additionalModules = [
-          nixos-hardware.nixosModules.dell-xps-13-9360
+            inputs.nixos-hardware.nixosModules.dell-xps-13-9360
          ];
        additionalSpecialArgs = {};
        };
      };
      # Home Manager (only) users
      homeConfigurations = {
-      gene = linuxHomeConfig {
+        gene = localLib.mkHomeConfig {
          system = "x86_64-linux";
-        hostname = "mini-watcher";
+          homeDirectory = "/home/gene";
          username = "gene";
        additionalModules = [];
        additionalSpecialArgs = {};
        };
      };
    };
--- a/flake.lock
+++ b/flake.lock
@ -69,6 +69,25 @@
        "type": "github"
      }
    },
    "deadnix": {
      "inputs": {
        "nixpkgs": "nixpkgs",
        "utils": "utils"
      },
      "locked": {
        "lastModified": 1764114543,
        "narHash": "sha256-+C39E8qmGODT6eB0rhE/VX+DcekXW/Xww5IL/xlERNY=",
        "owner": "astro",
        "repo": "deadnix",
        "rev": "d590041677add62267bef35ddec63cd9402d3505",
        "type": "github"
      },
      "original": {
        "owner": "astro",
        "repo": "deadnix",
        "type": "github"
      }
    },
    "disko": {
      "inputs": {
        "nixpkgs": [
@ -111,6 +130,28 @@
        "type": "github"
      }
    },
    "fenix_2": {
      "inputs": {
        "nixpkgs": [
          "statix",
          "nixpkgs"
        ],
        "rust-analyzer-src": "rust-analyzer-src_2"
      },
      "locked": {
        "lastModified": 1645251813,
        "narHash": "sha256-cQ66tGjnZclBCS3nD26mZ5fUH+3/HnysGffBiWXUSHk=",
        "owner": "nix-community",
        "repo": "fenix",
        "rev": "9892337b588c38ec59466a1c89befce464aae7f8",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "fenix",
        "type": "github"
      }
    },
    "flake-compat": {
      "flake": false,
      "locked": {
@ -197,7 +238,7 @@
        "crane": "crane",
        "fenix": "fenix",
        "nix-unit-src": "nix-unit-src",
-        "nixpkgs": "nixpkgs",
+        "nixpkgs": "nixpkgs_2",
        "pre-commit-hooks": "pre-commit-hooks"
      },
      "locked": {
@ -308,11 +349,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1772985280,
+        "lastModified": 1773264488,
-        "narHash": "sha256-FdrNykOoY9VStevU4zjSUdvsL9SzJTcXt4omdEDZDLk=",
+        "narHash": "sha256-rK0507bDuWBrZo+0zts9bCs/+RRUEHuvFE5DHWPxX/Q=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "8f736f007139d7f70752657dff6a401a585d6cbc",
+        "rev": "5c0f63f8d55040a7eed69df7e3fcdd15dfb5a04c",
        "type": "github"
      },
      "original": {
@ -331,11 +372,11 @@
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
-        "lastModified": 1772680513,
+        "lastModified": 1773371628,
-        "narHash": "sha256-zwVeM1TgfwMIq026uln9hqcCIINsLv6jEjztPqx0q+U=",
+        "narHash": "sha256-G9+d9C/7hz8qBFHOCzdH34Cj6MBNOlE9kCNfF+PKPZM=",
        "owner": "numtide",
        "repo": "nix-auth",
-        "rev": "77c07e9a107972dd2170da6da9ed1e73e65c4a4a",
+        "rev": "09a9b568631cfbf4a70058bbff495b7e854aedc4",
        "type": "github"
      },
      "original": {
@ -480,16 +521,16 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1742889210,
+        "lastModified": 1763934636,
-        "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=",
+        "narHash": "sha256-9glbI7f1uU+yzQCq5LwLgdZqx6svOhZWkd4JRY265fc=",
-        "owner": "flox",
+        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "698214a32beb4f4c8e3942372c694f40848b360d",
+        "rev": "ee09932cedcef15aaf476f9343d1dea2cb77e261",
        "type": "github"
      },
      "original": {
-        "owner": "flox",
+        "owner": "NixOS",
-        "ref": "stable",
+        "ref": "nixpkgs-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
@ -511,11 +552,11 @@
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1772956932,
+        "lastModified": 1773231277,
-        "narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=",
+        "narHash": "sha256-Xy3WEpUAbpsz8ydgvVAQAGGB/WB+8cNA5cshiL0McTI=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "608d0cadfed240589a7eea422407a547ad626a14",
+        "rev": "75690239f08f885ca9b0267580101f60d10fbe62",
        "type": "github"
      },
      "original": {
@ -526,6 +567,22 @@
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1742889210,
        "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=",
        "owner": "flox",
        "repo": "nixpkgs",
        "rev": "698214a32beb4f4c8e3942372c694f40848b360d",
        "type": "github"
      },
      "original": {
        "owner": "flox",
        "ref": "stable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_3": {
      "locked": {
        "lastModified": 1770107345,
        "narHash": "sha256-tbS0Ebx2PiA1FRW8mt8oejR0qMXmziJmPaU1d4kYY9g=",
@ -541,13 +598,13 @@
        "type": "github"
      }
    },
-    "nixpkgs_3": {
+    "nixpkgs_4": {
      "locked": {
-        "lastModified": 1773068389,
+        "lastModified": 1773375660,
-        "narHash": "sha256-vMrm7Pk2hjBRPnCSjhq1pH0bg350Z+pXhqZ9ICiqqCs=",
+        "narHash": "sha256-SEzUWw2Rf5Ki3bcM26nSKgbeoqi2uYy8IHVBqOKjX3w=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "44bae273f9f82d480273bab26f5c50de3724f52f",
+        "rev": "3e20095fe3c6cbb1ddcef89b26969a69a1570776",
        "type": "github"
      },
      "original": {
@ -557,6 +614,22 @@
        "type": "github"
      }
    },
    "nixpkgs_5": {
      "locked": {
        "lastModified": 1645013224,
        "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=",
        "owner": "nixos",
        "repo": "nixpkgs",
        "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
        "ref": "nixpkgs-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "onchg": {
      "inputs": {
        "nix-pre-commit": "nix-pre-commit",
@ -631,6 +704,7 @@
    "root": {
      "inputs": {
        "compose2nix": "compose2nix",
        "deadnix": "deadnix",
        "disko": "disko",
        "flox": "flox",
        "genebean-omp-themes": "genebean-omp-themes",
@ -641,11 +715,12 @@
        "nix-homebrew": "nix-homebrew",
        "nixos-cosmic": "nixos-cosmic",
        "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs_3",
+        "nixpkgs": "nixpkgs_4",
        "nixpkgs-unstable": "nixpkgs-unstable",
        "private-flake": "private-flake",
        "simple-nixos-mailserver": "simple-nixos-mailserver",
-        "sops-nix": "sops-nix"
+        "sops-nix": "sops-nix",
        "statix": "statix"
      }
    },
    "rust-analyzer-src": {
@ -665,6 +740,23 @@
        "type": "github"
      }
    },
    "rust-analyzer-src_2": {
      "flake": false,
      "locked": {
        "lastModified": 1645205556,
        "narHash": "sha256-e4lZW3qRyOEJ+vLKFQP7m2Dxh5P44NrnekZYLxlucww=",
        "owner": "rust-analyzer",
        "repo": "rust-analyzer",
        "rev": "acf5874b39f3dc5262317a6074d9fc7285081161",
        "type": "github"
      },
      "original": {
        "owner": "rust-analyzer",
        "ref": "nightly",
        "repo": "rust-analyzer",
        "type": "github"
      }
    },
    "rust-overlay": {
      "inputs": {
        "nixpkgs": [
@ -696,11 +788,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1766537863,
+        "lastModified": 1773313890,
-        "narHash": "sha256-HEt+wbazRgJYeY+lgj65bxhPyVc4x7NEB2bs5NU6DF8=",
+        "narHash": "sha256-NXm/kOAk7HLziH1uWaUbNb9MhDS8yxFfQ8fMK5eN8/A=",
        "owner": "simple-nixos-mailserver",
        "repo": "nixos-mailserver",
-        "rev": "23f0a53ca6e58e61e1ea2b86791c69b79c91656d",
+        "rev": "9cdd6869e513df8153db4b920c8f15d394e150f7",
        "type": "gitlab"
      },
      "original": {
@ -730,16 +822,50 @@
        "type": "github"
      }
    },
-    "treefmt-nix": {
+    "statix": {
      "inputs": {
-        "nixpkgs": "nixpkgs_2"
+        "fenix": "fenix_2",
        "nixpkgs": "nixpkgs_5"
      },
      "locked": {
-        "lastModified": 1772660329,
+        "lastModified": 1676888642,
-        "narHash": "sha256-IjU1FxYqm+VDe5qIOxoW+pISBlGvVApRjiw/Y/ttJzY=",
+        "narHash": "sha256-C73LOMVVCkeL0jA5xN7klLEDEB4NkuiATEJY4A/tIyM=",
        "owner": "astro",
        "repo": "statix",
        "rev": "3c7136a23f444db252a556928c1489869ca3ab4e",
        "type": "github"
      },
      "original": {
        "owner": "astro",
        "repo": "statix",
        "type": "github"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    },
    "treefmt-nix": {
      "inputs": {
        "nixpkgs": "nixpkgs_3"
      },
      "locked": {
        "lastModified": 1773297127,
        "narHash": "sha256-6E/yhXP7Oy/NbXtf1ktzmU8SdVqJQ09HC/48ebEGBpk=",
        "owner": "numtide",
        "repo": "treefmt-nix",
-        "rev": "3710e0e1218041bbad640352a0440114b1e10428",
+        "rev": "71b125cd05fbfd78cab3e070b73544abe24c5016",
        "type": "github"
      },
      "original": {
@ -747,6 +873,24 @@
        "repo": "treefmt-nix",
        "type": "github"
      }
    },
    "utils": {
      "inputs": {
        "systems": "systems"
      },
      "locked": {
        "lastModified": 1731533236,
        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -82,12 +82,26 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # Linting and formatting
    deadnix.url = "github:astro/deadnix";
    statix.url = "github:astro/statix";
  }; # end inputs
-  outputs = inputs@{ self, ... }: let
+  outputs =
    inputs@{ self, nixpkgs, ... }:
    let
      # Functions that setup systems
      localLib = import ./lib { inherit inputs; };
      forAllSystems = nixpkgs.lib.genAttrs [
        "x86_64-linux"
        "aarch64-linux"
        "x86_64-darwin"
        "aarch64-darwin"
      ];
    in
    {
      formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.nixfmt-tree);
  in {
      # Darwin (macOS) hosts
      darwinConfigurations = {
        AirPuppet = localLib.mkDarwinHost {
@ -173,6 +187,7 @@
        };
      }; # end homeConfigurations
-    packages.aarch64-linux.kiosk-gene-desk-sdImage = self.nixosConfigurations.kiosk-gene-desk.config.system.build.sdImage;
+      packages.aarch64-linux.kiosk-gene-desk-sdImage =
        self.nixosConfigurations.kiosk-gene-desk.config.system.build.sdImage;
    };
 }
--- a/lib/default.nix
+++ b/lib/default.nix
@ -1,8 +1,10 @@
-{ inputs, ... }: let
+{ inputs, ... }:
 let
  mkDarwinHost = import ./mkDarwinHost.nix { inherit inputs; };
  mkHomeConfig = import ./mkHomeConfig.nix { inherit inputs; };
  mkNixosHost = import ./mkNixosHost.nix { inherit inputs; };
-in {
+in
 {
  inherit (mkDarwinHost) mkDarwinHost;
  inherit (mkHomeConfig) mkHomeConfig;
  inherit (mkNixosHost) mkNixosHost;
--- a/lib/mkDarwinHost.nix
+++ b/lib/mkDarwinHost.nix
@ -1,17 +1,24 @@
-{ inputs, ... }: {
+{ inputs, ... }:
-  mkDarwinHost = {
+{
  mkDarwinHost =
    {
      system ? "aarch64-darwin",
      hostname,
      username ? "gene",
      additionalModules ? [ ],
-    additionalSpecialArgs ? {}
+      additionalSpecialArgs ? { },
-  }: inputs.nix-darwin.lib.darwinSystem {
+    }:
    inputs.nix-darwin.lib.darwinSystem {
      inherit system;
-    specialArgs = { inherit inputs hostname username; } // additionalSpecialArgs;
+      specialArgs = {
        inherit inputs hostname username;
      }
      // additionalSpecialArgs;
      modules = [
        ./nixpkgs-settings.nix
-      inputs.nix-homebrew.darwinModules.nix-homebrew {
+        inputs.nix-homebrew.darwinModules.nix-homebrew
        {
          nix-homebrew = {
            enable = true; # Install Homebrew under the default prefix
            user = "${username}"; # User owning the Homebrew prefix
@ -19,7 +26,8 @@
          };
        }
-      inputs.home-manager.darwinModules.home-manager {
+        inputs.home-manager.darwinModules.home-manager
        {
          home-manager = {
            extraSpecialArgs = { inherit inputs username; };
            useGlobalPkgs = true;
@ -36,6 +44,7 @@
        ../modules/hosts/darwin # system-wide stuff
        ../modules/hosts/darwin/${hostname} # host specific stuff
-    ] ++ additionalModules; # end modules
+      ]
      ++ additionalModules; # end modules
    }; # end darwinSystem
 }
--- a/lib/mkHomeConfig.nix
+++ b/lib/mkHomeConfig.nix
@ -1,10 +1,20 @@
-{ inputs, ... }: {
+{ inputs, ... }:
-  mkHomeConfig = {
+{
  mkHomeConfig =
    {
      homeDirectory,
      system,
      username,
-  }: inputs.home-manager.lib.homeManagerConfiguration {
+    }:
-    extraSpecialArgs = { inherit inputs homeDirectory system username; };
+    inputs.home-manager.lib.homeManagerConfiguration {
      extraSpecialArgs = {
        inherit
          inputs
          homeDirectory
          system
          username
          ;
      };
      pkgs = inputs.nixpkgs.legacyPackages.${system};
--- a/lib/mkNixosHost.nix
+++ b/lib/mkNixosHost.nix
@ -1,19 +1,26 @@
-{ inputs, ... }: {
+{ inputs, ... }:
-  mkNixosHost = {
+{
  mkNixosHost =
    {
      system ? "x86_64-linux",
      hostname,
      username ? "gene",
      additionalModules ? [ ],
-    additionalSpecialArgs ? {}
+      additionalSpecialArgs ? { },
-  }: inputs.nixpkgs.lib.nixosSystem {
+    }:
    inputs.nixpkgs.lib.nixosSystem {
      inherit system;
-    specialArgs = { inherit inputs hostname username; } // additionalSpecialArgs;
+      specialArgs = {
        inherit inputs hostname username;
      }
      // additionalSpecialArgs;
      modules = [
        ./nixpkgs-settings.nix
        inputs.disko.nixosModules.disko
-      inputs.home-manager.nixosModules.home-manager {
+        inputs.home-manager.nixosModules.home-manager
        {
          home-manager = {
            extraSpecialArgs = { inherit inputs hostname username; };
            useGlobalPkgs = true;
@ -31,6 +38,7 @@
        inputs.sops-nix.nixosModules.sops # system wide secrets management
        ../modules/hosts/nixos # system-wide stuff
        ../modules/hosts/nixos/${hostname} # host specific stuff
-    ] ++ additionalModules;
+      ]
      ++ additionalModules;
    };
 }
--- a/lib/nixpkgs-settings.nix
+++ b/lib/nixpkgs-settings.nix
@ -1,4 +1,4 @@
-{ inputs, ... }: {
+{
  nixpkgs = {
    config = {
      allowUnfree = true;
--- a/modules/hosts/darwin/AirPuppet/default.nix
+++ b/modules/hosts/darwin/AirPuppet/default.nix
@ -1,4 +1,4 @@
-{ ... }: {
+{
  system.stateVersion = 4;
  homebrew = {
--- a/modules/hosts/darwin/AirPuppet/home-gene.nix
+++ b/modules/hosts/darwin/AirPuppet/home-gene.nix
@ -1,4 +1,5 @@
-{ username, ... }: {
+{ username, ... }:
 {
  home.stateVersion = "23.11";
  sops = {
--- a/modules/hosts/darwin/Blue-Rock/default.nix
+++ b/modules/hosts/darwin/Blue-Rock/default.nix
@ -1,4 +1,5 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
 {
  system.stateVersion = 4;
  environment = {
--- a/modules/hosts/darwin/Blue-Rock/home-gene.liverman.nix
+++ b/modules/hosts/darwin/Blue-Rock/home-gene.liverman.nix
@ -1,4 +1,5 @@
-{ username, ... }: {
+{ username, ... }:
 {
  home.stateVersion = "23.11";
  programs = {
--- a/modules/hosts/darwin/default.nix
+++ b/modules/hosts/darwin/default.nix
@ -1,8 +1,17 @@
-{ pkgs, hostname, username, ... }: {
+{
  pkgs,
  hostname,
  username,
  ...
 }:
 {
  system.primaryUser = username;
  environment = {
-    shells = with pkgs; [ bash zsh ];
+    shells = with pkgs; [
      bash
      zsh
    ];
    pathsToLink = [
      "/Applications"
      "/share/zsh"
@ -113,7 +122,10 @@
        "flox-cache-public-1:7F4OyH7ZCnFhcze3fJdfyXYLQw/aV7GEed86nQ7IsOs="
        "cache.thalheim.io-1:R7msbosLEZKrxk/lKxf9BTjOOH7Ax3H0Qj0/6wiHOgc="
      ];
-      trusted-users = [ "@admin" "${username}" ];
+      trusted-users = [
        "@admin"
        "${username}"
      ];
    };
    extraOptions = ''
      # Generated by https://github.com/DeterminateSystems/nix-installer, version 0.11.0.
--- a/modules/hosts/darwin/home.nix
+++ b/modules/hosts/darwin/home.nix
@ -1,4 +1,5 @@
-{ username, ... }: {
+{ username, ... }:
 {
  # dawrwin-specific shell config
  programs = {
    zsh = {
--- a/modules/hosts/darwin/mightymac/default.nix
+++ b/modules/hosts/darwin/mightymac/default.nix
@ -1,4 +1,5 @@
-{ inputs, pkgs, ... }: {
+{ inputs, pkgs, ... }:
 {
  system.stateVersion = 4;
  environment = {
--- a/modules/hosts/darwin/mightymac/home-gene.liverman.nix
+++ b/modules/hosts/darwin/mightymac/home-gene.liverman.nix
@ -1,4 +1,5 @@
-{ config, ... }: {
+{ config, ... }:
 {
  home.stateVersion = "23.11";
  programs = {
--- a/modules/hosts/home-manager-only/default.nix
+++ b/modules/hosts/home-manager-only/default.nix
@ -1,4 +1,11 @@
-{ config, pkgs, system, username, ... }: {
+{
  config,
  pkgs,
  system,
  username,
  ...
 }:
 {
  home.stateVersion = "25.05";
  home.packages = with pkgs; [
    age
--- a/modules/hosts/home-manager-only/home-gene.liverman.nix
+++ b/modules/hosts/home-manager-only/home-gene.liverman.nix
@ -1,3 +1,3 @@
-{ ... }: {
+{
  # Settings just for work machines go here
 }
--- a/modules/hosts/home-manager-only/home-gene.nix
+++ b/modules/hosts/home-manager-only/home-gene.nix
@ -1,4 +1,5 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
 {
  # Settings just for personal machines go here
  home.packages = with pkgs; [
--- a/modules/hosts/nixos/bigboy/default.nix
+++ b/modules/hosts/nixos/bigboy/default.nix
@ -1,4 +1,9 @@
-{ config, pkgs, username, ... }:
+{
  config,
  pkgs,
  username,
  ...
 }:
 let
  libbluray = pkgs.libbluray.override {
    withAACS = true;
@ -8,7 +13,8 @@
  vlc-with-decoding = pkgs.vlc.override { inherit libbluray; };
 in
 {
-  imports = [ # Include the results of the hardware scan.
+  imports = [
    # Include the results of the hardware scan.
    ./hardware-configuration.nix
    ../../../shared/nixos/flatpaks.nix
    ../../../shared/nixos/ripping.nix
@ -43,7 +49,6 @@
    zoom-us
  ];
  networking.networkmanager.enable = true;
  programs = {
@ -118,7 +123,12 @@
  users.users.${username} = {
    isNormalUser = true;
    description = "Gene Liverman";
-    extraGroups = [ "networkmanager" "wheel" "dialout" "input" ];
+    extraGroups = [
      "networkmanager"
      "wheel"
      "dialout"
      "input"
    ];
    packages = with pkgs; [
      kdePackages.kate
      #  thunderbird
--- a/modules/hosts/nixos/bigboy/hardware-configuration.nix
+++ b/modules/hosts/nixos/bigboy/hardware-configuration.nix
@ -1,31 +1,54 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{
  config,
  lib,
  modulesPath,
  ...
 }:
 {
-  imports =
+  imports = [
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/installer/scan/not-detected.nix")
  ];
-  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot = {
-  boot.initrd.kernelModules = [ ];
+    initrd = {
-  boot.kernelModules = [ "kvm-intel" "sg" ];
+      availableKernelModules = [
-  boot.extraModulePackages = [ ];
+        "xhci_pci"
        "nvme"
        "usb_storage"
        "sd_mod"
        "rtsx_pci_sdmmc"
      ];
      kernelModules = [ ];
    };
    kernelModules = [
      "kvm-intel"
      "sg"
    ];
    extraModulePackages = [ ];
  };
-  fileSystems."/" =
+  fileSystems = {
-    { device = "/dev/disk/by-uuid/9c2d2979-dc8d-40e0-9ec2-c3cce33cd832";
+    "/" = {
      device = "/dev/disk/by-uuid/9c2d2979-dc8d-40e0-9ec2-c3cce33cd832";
      fsType = "ext4";
    };
-  fileSystems."/boot" =
+    "/boot" = {
-    { device = "/dev/disk/by-uuid/59CB-16DE";
+      device = "/dev/disk/by-uuid/59CB-16DE";
      fsType = "vfat";
-      options = [ "fmask=0077" "dmask=0077" ];
+      options = [
        "fmask=0077"
        "dmask=0077"
      ];
    };
  };
-  swapDevices =
+  swapDevices = [
-    [ { device = "/dev/disk/by-uuid/878ff032-3de0-4efe-a12f-8eccd0ac3253"; }
+    { device = "/dev/disk/by-uuid/878ff032-3de0-4efe-a12f-8eccd0ac3253"; }
  ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
--- a/modules/hosts/nixos/bigboy/home-gene.nix
+++ b/modules/hosts/nixos/bigboy/home-gene.nix
@ -1,4 +1,5 @@
-{ ... }: {
+{ ... }:
 {
  home.stateVersion = "24.05";
  imports = [
    ../../../shared/home/general/all-gui.nix
@ -27,4 +28,3 @@
    };
  };
 }
--- a/modules/hosts/nixos/default.nix
+++ b/modules/hosts/nixos/default.nix
@ -1,10 +1,19 @@
-{ hostname, pkgs, username, ... }: {
+{
  hostname,
  pkgs,
  username,
  ...
 }:
 {
  imports = [
    ../shared/nixos/internationalisation.nix
  ];
  environment = {
-    shells = with pkgs; [ bash zsh ];
+    shells = with pkgs; [
      bash
      zsh
    ];
    systemPackages = with pkgs; [
      age
      dconf2nix
--- a/modules/hosts/nixos/hetznix01/default.nix
+++ b/modules/hosts/nixos/hetznix01/default.nix
@ -1,4 +1,9 @@
-{ inputs, pkgs, username,  ... }: {
+{
  pkgs,
  username,
  ...
 }:
 {
  imports = [
    ../../../shared/nixos/nixroutes.nix
    ./disk-config.nix
@ -88,7 +93,10 @@
  users.users.${username} = {
    isNormalUser = true;
    description = "Gene Liverman";
-    extraGroups = [ "networkmanager" "wheel" ];
+    extraGroups = [
      "networkmanager"
      "wheel"
    ];
    linger = true;
  };
 }
--- a/modules/hosts/nixos/hetznix01/hardware-configuration.nix
+++ b/modules/hosts/nixos/hetznix01/hardware-configuration.nix
@ -4,14 +4,25 @@
 { lib, modulesPath, ... }:
 {
-  imports =
+  imports = [
-    [ (modulesPath + "/profiles/qemu-guest.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
  ];
-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot = {
-  boot.initrd.kernelModules = [ ];
+    initrd = {
-  boot.kernelModules = [ ];
+      availableKernelModules = [
-  boot.extraModulePackages = [ ];
+        "ahci"
        "xhci_pci"
        "virtio_pci"
        "virtio_scsi"
        "sd_mod"
        "sr_mod"
      ];
      kernelModules = [ ];
    };
    kernelModules = [ ];
    extraModulePackages = [ ];
  };
  fileSystems."pack1828" = {
    device = "/dev/disk/by-id/scsi-0HC_Volume_102600992";
@ -25,4 +36,3 @@
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 }
--- a/modules/hosts/nixos/hetznix01/home-gene.nix
+++ b/modules/hosts/nixos/hetznix01/home-gene.nix
@ -1,3 +1,3 @@
-{ ... }: {
+{
  home.stateVersion = "24.05";
 }
--- a/modules/hosts/nixos/hetznix01/post-install/containers/emqx.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/containers/emqx.nix
@ -1,6 +1,8 @@
-{ config, username, ... }: let
+{ config, username, ... }:
 let
  volume_base = "/var/lib/emqx";
-in {
+in
 {
  # Based on docs at https://docs.emqx.com/en/emqx/latest/deploy/install-docker.html
  virtualisation.oci-containers.containers = {
    "emqx" = {
--- a/modules/hosts/nixos/hetznix01/post-install/default.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/default.nix
@ -1,7 +1,15 @@
-{ config, lib, pkgs, username, ... }: let
+{
  config,
  lib,
  pkgs,
  username,
  ...
 }:
 let
  domain = "technicalissues.us";
  restic_backup_time = "01:00";
-in {
+in
 {
  imports = [
    ../../../../shared/nixos/lets-encrypt.nix
    ../../../../shared/nixos/restic.nix
@ -180,7 +188,8 @@ in {
  };
  systemd.services = {
-    nextcloud-config-collabora = let
+    nextcloud-config-collabora =
      let
        inherit (config.services.nextcloud) occ;
        wopi_url = "http://[::1]:${toString config.services.collabora-online.port}";
@ -191,9 +200,13 @@ in {
          "5.161.244.95"
          "2a01:4ff:f0:977c::1"
        ];
-    in {
+      in
      {
        wantedBy = [ "multi-user.target" ];
-      after = ["nextcloud-setup.service" "coolwsd.service"];
+        after = [
          "nextcloud-setup.service"
          "coolwsd.service"
        ];
        requires = [ "coolwsd.service" ];
        script = ''
          ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_url --value ${lib.escapeShellArg wopi_url}
--- a/modules/hosts/nixos/hetznix01/post-install/matrix-synapse.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/matrix-synapse.nix
@ -1,4 +1,5 @@
-{ config, ... }: {
+{ config, ... }:
 {
  services.matrix-synapse = {
    enable = true;
    configureRedisLocally = true;
--- a/modules/hosts/nixos/hetznix01/post-install/monitoring.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/monitoring.nix
@ -1,6 +1,8 @@
-{ config, pkgs, ... }: let
+{ config, pkgs, ... }:
 let
  metrics_server = "https://monitoring.home.technicalissues.us/remotewrite";
-in {
+in
 {
  services = {
    vmagent = {
      enable = true;
@ -125,4 +127,3 @@ in {
    };
  };
 }
--- a/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix
@ -1,16 +1,21 @@
-{ config, ... }: let
+{ config, ... }:
 let
  mqtt_domain = "mqtt.technicalissues.us";
-in {
+in
-  security.acme.certs.${mqtt_domain}.postRun = "systemctl restart ${config.systemd.services.mosquitto.name}";
+{
  security.acme.certs.${mqtt_domain}.postRun =
    "systemctl restart ${config.systemd.services.mosquitto.name}";
  services.mosquitto = {
    enable = true;
    bridges = {
      liamcottle = {
-        addresses = [{
+        addresses = [
          {
            address = "mqtt.meshtastic.liamcottle.net";
            port = 1883;
-        }];
+          }
        ];
        topics = [
          "msh/# out 1 \"\""
        ];
@ -24,10 +29,12 @@ in {
        };
      };
      meshtastic = {
-        addresses = [{
+        addresses = [
          {
            address = "mqtt.meshtastic.org";
            port = 1883;
-        }];
+          }
        ];
        topics = [
          "msh/# out 1 \"\""
        ];
@ -42,10 +49,12 @@ in {
        };
      };
      homeassistant = {
-        addresses = [{
+        addresses = [
          {
            address = "homeasistant-lc.atlas-snares.ts.net";
            port = 1883;
-        }];
+          }
        ];
        topics = [
          "msh/US/2/e/LongFast/!a386c80 out 1 \"\""
          "msh/US/2/e/LongFast/!b03bcb24 out 1 \"\""
@ -62,7 +71,8 @@ in {
        };
      };
    };
-    listeners = let
+    listeners =
      let
        mqtt_users = {
          genebean = {
            acl = [
@ -77,7 +87,8 @@ in {
            hashedPasswordFile = config.sops.secrets.mosquitto_mountain_mesh.path;
          };
        };
-    in [
+      in
      [
        {
          port = 1883;
          users = mqtt_users;
@ -86,9 +97,11 @@ in {
        {
          port = 8883;
          users = mqtt_users;
-        settings = let
+          settings =
            let
              certDir = config.security.acme.certs."${mqtt_domain}".directory;
-        in {
+            in
            {
              allow_anonymous = false;
              keyfile = certDir + "/key.pem";
              certfile = certDir + "/cert.pem";
@ -98,9 +111,11 @@ in {
        {
          port = 9001;
          users = mqtt_users;
-        settings = let
+          settings =
            let
              certDir = config.security.acme.certs."${mqtt_domain}".directory;
-        in {
+            in
            {
              allow_anonymous = false;
              keyfile = certDir + "/key.pem";
              certfile = certDir + "/cert.pem";
--- a/modules/hosts/nixos/hetznix01/post-install/nginx.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/nginx.nix
@ -1,9 +1,11 @@
-{ config, ... }: let
+{ config, ... }:
 let
  domain = "technicalissues.us";
  http_port = 80;
  https_port = 443;
  private_btc = "umbrel.atlas-snares.ts.net";
-in {
+in
 {
  services.nginx = {
    enable = true;
@ -134,14 +136,36 @@ in {
      };
      "matrix.${domain}" = {
        listen = [
-          { port = http_port; addr = "0.0.0.0"; }
+          {
-          { port = http_port; addr = "[::]"; }
+            port = http_port;
            addr = "0.0.0.0";
          }
          {
            port = http_port;
            addr = "[::]";
          }
-          { port = https_port; addr = "0.0.0.0"; ssl = true; }
+          {
-          { port = https_port; addr = "[::]"; ssl = true; }
+            port = https_port;
            addr = "0.0.0.0";
            ssl = true;
          }
          {
            port = https_port;
            addr = "[::]";
            ssl = true;
          }
-          { port = 8448; addr = "0.0.0.0"; ssl = true; }
+          {
-          { port = 8448; addr = "[::]"; ssl = true; }
+            port = 8448;
            addr = "0.0.0.0";
            ssl = true;
          }
          {
            port = 8448;
            addr = "[::]";
            ssl = true;
          }
        ];
        enableACME = true;
        acmeRoot = null;
@ -195,7 +219,8 @@ in {
          "/" = {
            proxyPass = "http://127.0.0.1:8083";
          };
-          "/pub" = { # Client apps need to point to this path
+          "/pub" = {
            # Client apps need to point to this path
            extraConfig = "proxy_set_header X-Limit-U $remote_user;";
            proxyPass = "http://127.0.0.1:8083/pub";
          };
--- a/modules/hosts/nixos/hetznix02/default.nix
+++ b/modules/hosts/nixos/hetznix02/default.nix
@ -1,4 +1,10 @@
-{ inputs, pkgs, username,  ... }: {
+{
  inputs,
  pkgs,
  username,
  ...
 }:
 {
  imports = [
    ../../../shared/nixos/nixroutes.nix
    ./disk-config.nix
@ -56,7 +62,10 @@
  users.users.${username} = {
    isNormalUser = true;
    description = "Gene Liverman";
-    extraGroups = [ "networkmanager" "wheel" ];
+    extraGroups = [
      "networkmanager"
      "wheel"
    ];
    linger = true;
  };
--- a/modules/hosts/nixos/hetznix02/hardware-configuration.nix
+++ b/modules/hosts/nixos/hetznix02/hardware-configuration.nix
@ -4,34 +4,43 @@
 { lib, modulesPath, ... }:
 {
-  imports =
+  imports = [
-    [ (modulesPath + "/profiles/qemu-guest.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
  ];
  boot = {
    initrd = {
-      availableKernelModules = [ "xhci_pci" "virtio_scsi" "sr_mod" ];
+      availableKernelModules = [
        "xhci_pci"
        "virtio_scsi"
        "sr_mod"
      ];
      kernelModules = [ ];
    };
    kernelModules = [ ];
    extraModulePackages = [ ];
  };
-  fileSystems."/" =
+  fileSystems = {
-    { device = "/dev/disk/by-partlabel/disk-primary-root";
+    "/" = {
      device = "/dev/disk/by-partlabel/disk-primary-root";
      fsType = "ext4";
    };
-  fileSystems."/boot" =
+    "/boot" = {
-    { device = "/dev/disk/by-partlabel/disk-primary-ESP";
+      device = "/dev/disk/by-partlabel/disk-primary-ESP";
      fsType = "vfat";
-      options = [ "fmask=0022" "dmask=0022" ];
+      options = [
        "fmask=0022"
        "dmask=0022"
      ];
    };
-  fileSystems."/nix" =
+    "/nix" = {
-    { device = "/dev/disk/by-partlabel/disk-volume1-nix";
+      device = "/dev/disk/by-partlabel/disk-volume1-nix";
      fsType = "ext4";
    };
  };
  swapDevices = [ ];
--- a/modules/hosts/nixos/hetznix02/home-gene.nix
+++ b/modules/hosts/nixos/hetznix02/home-gene.nix
@ -1,3 +1,3 @@
-{ ... }: {
+{
  home.stateVersion = "24.05";
 }
--- a/modules/hosts/nixos/hetznix02/post-install/default.nix
+++ b/modules/hosts/nixos/hetznix02/post-install/default.nix
@ -1,4 +1,5 @@
-{ config, username, ... }: {
+{ config, username, ... }:
 {
  imports = [
    ../../../../shared/nixos/lets-encrypt.nix
    ./monitoring.nix
@ -23,4 +24,3 @@
    };
  };
 }
--- a/modules/hosts/nixos/hetznix02/post-install/monitoring.nix
+++ b/modules/hosts/nixos/hetznix02/post-install/monitoring.nix
@ -1,6 +1,8 @@
-{ config, pkgs, ... }: let
+{ config, pkgs, ... }:
 let
  metrics_server = "https://monitoring.home.technicalissues.us/remotewrite";
-in {
+in
 {
  services = {
    vmagent = {
      enable = true;
@ -125,4 +127,3 @@ in {
    };
  };
 }
--- a/modules/hosts/nixos/hetznix02/post-install/nginx.nix
+++ b/modules/hosts/nixos/hetznix02/post-install/nginx.nix
@ -1,7 +1,8 @@
-
+{ pkgs, ... }:
-{ pkgs, ... }: let
+let
  domain = "genebean.me";
-in {
+in
 {
  environment.etc.nginx-littlelinks = {
    # Info generated via
    # nurl https://github.com/genebean/littlelink genebean-sometag
--- a/modules/hosts/nixos/kiosk-entryway/default.nix
+++ b/modules/hosts/nixos/kiosk-entryway/default.nix
@ -1,4 +1,11 @@
-{ config, lib, pkgs, username, ... }: {
+{
  config,
  lib,
  pkgs,
  username,
  ...
 }:
 {
  imports = [
    ./disk-config.nix
    ./hardware-configuration.nix
@ -50,19 +57,20 @@
  };
  nixpkgs.overlays = [
-    (final: super: {
+    (_final: super: {
-      makeModulesClosure = x:
+      makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; });
        super.makeModulesClosure (x // { allowMissing = true; });
    })
  ];
  services = {
-    cage = let
+    cage =
      let
        kioskProgram = pkgs.writeShellScript "kiosk.sh" ''
          WAYLAND_DISPLAY=wayland-0 wlr-randr --output HDMI-A-1
          /etc/profiles/per-user/gene/bin/chromium-browser
        '';
-    in {
+      in
      {
        enable = true;
        program = kioskProgram;
        user = "gene";
@ -115,7 +123,10 @@
  users.users.${username} = {
    isNormalUser = true;
    description = "Gene Liverman";
-    extraGroups = [ "networkmanager" "wheel" ];
+    extraGroups = [
      "networkmanager"
      "wheel"
    ];
    linger = true;
  };
@ -125,4 +136,3 @@
    memoryPercent = 90;
  };
 }
--- a/modules/hosts/nixos/kiosk-entryway/hardware-configuration.nix
+++ b/modules/hosts/nixos/kiosk-entryway/hardware-configuration.nix
@ -1,17 +1,33 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{
  config,
  lib,
  modulesPath,
  ...
 }:
 {
-  imports =
+  imports = [
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/installer/scan/not-detected.nix")
  ];
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot = {
-  boot.initrd.kernelModules = [ ];
+    initrd = {
-  boot.kernelModules = [ "kvm-intel" ];
+      availableKernelModules = [
-  boot.extraModulePackages = [ ];
+        "xhci_pci"
        "ehci_pci"
        "ahci"
        "usbhid"
        "sd_mod"
        "rtsx_pci_sdmmc"
      ];
      kernelModules = [ ];
    };
    kernelModules = [ "kvm-intel" ];
    extraModulePackages = [ ];
  };
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
--- a/modules/hosts/nixos/kiosk-entryway/home-gene.nix
+++ b/modules/hosts/nixos/kiosk-entryway/home-gene.nix
@ -1,4 +1,4 @@
-{ ... }: {
+{
  home.stateVersion = "24.11";
  programs = {
@ -21,4 +21,3 @@
  };
 }
--- a/modules/hosts/nixos/kiosk-entryway/monitoring.nix
+++ b/modules/hosts/nixos/kiosk-entryway/monitoring.nix
@ -1,6 +1,8 @@
-{ config, pkgs, ... }: let
+{ config, pkgs, ... }:
 let
  metrics_server = "https://monitoring.home.technicalissues.us/remotewrite";
-in {
+in
 {
  services = {
    vmagent = {
      enable = true;
@ -125,4 +127,3 @@ in {
    };
  };
 }
--- a/modules/hosts/nixos/kiosk-gene-desk/default.nix
+++ b/modules/hosts/nixos/kiosk-gene-desk/default.nix
@ -1,4 +1,12 @@
-{ inputs, config, lib, pkgs, username, ... }: {
+{
  inputs,
  config,
  lib,
  pkgs,
  username,
  ...
 }:
 {
  imports = [
    # SD card image
    "${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
@ -42,21 +50,22 @@
  };
  nixpkgs.overlays = [
-    (final: super: {
+    (_final: super: {
-      makeModulesClosure = x:
+      makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; });
        super.makeModulesClosure (x // { allowMissing = true; });
    })
  ];
  sdImage.compressImage = true;
  services = {
-    cage = let
+    cage =
      let
        kioskProgram = pkgs.writeShellScript "kiosk.sh" ''
          WAYLAND_DISPLAY=wayland-0 wlr-randr --output HDMI-A-1 --transform 90
          /etc/profiles/per-user/gene/bin/chromium-browser
        '';
-    in {
+      in
      {
        enable = true;
        program = kioskProgram;
        user = "gene";
@ -108,7 +117,10 @@
  users.users.${username} = {
    isNormalUser = true;
    description = "Gene Liverman";
-    extraGroups = [ "networkmanager" "wheel" ];
+    extraGroups = [
      "networkmanager"
      "wheel"
    ];
    linger = true;
  };
@ -118,4 +130,3 @@
    memoryPercent = 90;
  };
 }
--- a/modules/hosts/nixos/kiosk-gene-desk/home-gene.nix
+++ b/modules/hosts/nixos/kiosk-gene-desk/home-gene.nix
@ -1,4 +1,4 @@
-{ ... }: {
+{
  home.stateVersion = "24.11";
  programs = {
@ -20,4 +20,3 @@
  };
 }
--- a/modules/hosts/nixos/nixnas1/default.nix
+++ b/modules/hosts/nixos/nixnas1/default.nix
@ -1,4 +1,10 @@
-{ config, pkgs, username, ... }: {
+{
  config,
  pkgs,
  username,
  ...
 }:
 {
  imports = [
    ./disk-config.nix
    ./hardware-configuration.nix
--- a/modules/hosts/nixos/nixnas1/disk-config.nix
+++ b/modules/hosts/nixos/nixnas1/disk-config.nix
@ -1,4 +1,3 @@
 { ... }:
 {
  disko.devices = {
    disk = {
--- a/modules/hosts/nixos/nixnas1/hardware-configuration.nix
+++ b/modules/hosts/nixos/nixnas1/hardware-configuration.nix
@ -1,45 +1,71 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, modulesPath, ... }:
+{
  config,
  lib,
  modulesPath,
  ...
 }:
 {
-  imports =
+  imports = [
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/installer/scan/not-detected.nix")
  ];
-  boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
+  boot = {
-  boot.initrd.kernelModules = [ "nvme" ];
+    initrd = {
-  boot.kernelModules = [ "kvm-intel" ];
+      availableKernelModules = [
-  boot.extraModulePackages = [ ];
+        "ehci_pci"
        "ahci"
        "usbhid"
        "usb_storage"
        "sd_mod"
        "sr_mod"
      ];
      kernelModules = [ "nvme" ];
    };
    kernelModules = [ "kvm-intel" ];
    extraModulePackages = [ ];
  };
-  fileSystems."/" =
+  fileSystems = {
-    { device = "zroot/root";
+    "/" = {
      device = "zroot/root";
      fsType = "zfs";
    };
-  fileSystems."/nix" =
+    "/nix" = {
-    { device = "zroot/root/nix";
+      device = "zroot/root/nix";
      fsType = "zfs";
    };
-  fileSystems."/home" =
+    "/home" = {
-    { device = "zroot/root/home";
+      device = "zroot/root/home";
      fsType = "zfs";
    };
-  fileSystems."/boot" =
+    "/boot" =
      # { device = "/dev/disk/by-uuid/02A5-6FCC";
-    { device = "/dev/disk/by-partlabel/disk-sdc-BOOT";
+      {
        device = "/dev/disk/by-partlabel/disk-sdc-BOOT";
        fsType = "vfat";
-      options = [ "fmask=0022" "dmask=0022" ];
+        options = [
          "fmask=0022"
          "dmask=0022"
        ];
      };
-  fileSystems."/boot-fallback" =
+    "/boot-fallback" =
      # { device = "/dev/disk/by-uuid/02F1-B12D";
-    { device = "/dev/disk/by-partlabel/disk-sdd-BOOT-FALLBACK";
+      {
        device = "/dev/disk/by-partlabel/disk-sdd-BOOT-FALLBACK";
        fsType = "vfat";
-      options = [ "fmask=0022" "dmask=0022" ];
+        options = [
          "fmask=0022"
          "dmask=0022"
        ];
      };
  };
  swapDevices = [ ];
--- a/modules/hosts/nixos/nixnas1/home-gene.nix
+++ b/modules/hosts/nixos/nixnas1/home-gene.nix
@ -1,3 +1,3 @@
-{ ... }: {
+{
  home.stateVersion = "24.05";
 }
--- a/modules/hosts/nixos/nixnuc/containers/audiobookshelf.nix
+++ b/modules/hosts/nixos/nixnuc/containers/audiobookshelf.nix
@ -1,7 +1,9 @@
-{ ... }: let
+_:
 let
  volume_base = "/var/lib/audiobookshelf";
  http_port = "13378";
-in {
+in
 {
  # Audiobookshelf
  virtualisation.oci-containers.containers = {
--- a/modules/hosts/nixos/nixnuc/containers/mountain-mesh-bot-discord.nix
+++ b/modules/hosts/nixos/nixnuc/containers/mountain-mesh-bot-discord.nix
@ -1,6 +1,8 @@
-{ config, username, ... }: let
+{ config, ... }:
 let
  volume_base = "/orico/mountain-mesh-bot-discord";
-in {
+in
 {
  # My mountain-mesh-bot-discord container
  virtualisation.oci-containers.containers = {
@ -17,6 +19,8 @@ in {
  sops.secrets.mtnmesh_bot_dot_env = {
    path = "${volume_base}/.env";
-    restartUnits = [ "${config.virtualisation.oci-containers.containers.mtnmesh_bot_discord.serviceName}" ];
+    restartUnits = [
      "${config.virtualisation.oci-containers.containers.mtnmesh_bot_discord.serviceName}"
    ];
  };
 }
--- a/modules/hosts/nixos/nixnuc/containers/psitransfer.nix
+++ b/modules/hosts/nixos/nixnuc/containers/psitransfer.nix
@ -1,8 +1,10 @@
-{ config, ... }: let
+{ config, ... }:
 let
  volume_base = "/orico/psitransfer";
  http_port = "3000";
  psitransfer_dot_env = "${config.sops.secrets.psitransfer_dot_env.path}";
-in {
+in
 {
  #############################################################################
  # My intent as of now is to only make this available to the outside world   #
@ -29,4 +31,3 @@ in {
    };
  };
 }
--- a/modules/hosts/nixos/nixnuc/default.nix
+++ b/modules/hosts/nixos/nixnuc/default.nix
@ -1,10 +1,17 @@
-{ inputs, config, pkgs, username,  ... }: let
+{
-  http_port = 80;
+  inputs,
  config,
  pkgs,
  username,
  ...
 }:
 let
  https_port = 443;
  home_domain = "home.technicalissues.us";
  backend_ip = "127.0.0.1";
  restic_backup_time = "02:00";
-in {
+in
 {
  imports = [
    ./hardware-configuration.nix
    ./containers/audiobookshelf.nix
@ -31,7 +38,9 @@ in {
  };
  environment = {
-    sessionVariables = { LIBVA_DRIVER_NAME = "iHD"; };
+    sessionVariables = {
      LIBVA_DRIVER_NAME = "iHD";
    };
    systemPackages = with pkgs; [
      inputs.compose2nix.packages.${pkgs.stdenv.hostPlatform.system}.default
      docker-compose
@ -112,23 +121,24 @@ in {
    networkmanager.enable = false;
    useNetworkd = true;
    vlans = {
-      vlan23 = { id = 23; interface = "eno1"; };
+      vlan23 = {
        id = 23;
        interface = "eno1";
      };
    };
    interfaces = {
      eno1.useDHCP = true;
-      vlan23.ipv4.addresses = [{ address = "192.168.23.21"; prefixLength = 24; }];
+      vlan23.ipv4.addresses = [
        {
          address = "192.168.23.21";
          prefixLength = 24;
        }
      ];
    };
  };
  # Enable sound with pipewire.
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
  };
  services.pulseaudio.enable = false;
  programs = {
    mtr.enable = true;
@ -136,6 +146,13 @@ in {
  # List services that you want to enable:
  services = {
    pipewire = {
      enable = true;
      alsa.enable = true;
      alsa.support32Bit = true;
      pulse.enable = true;
    };
    pulseaudio.enable = false;
    atuin = {
      enable = true;
      host = "127.0.0.1";
@ -311,7 +328,11 @@ in {
            "nix-tester.${home_domain}"
          ];
          listen = [
-            { port = https_port; addr = "0.0.0.0"; ssl = true; }
+            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
@ -331,7 +352,13 @@ in {
          };
        };
        "ab.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
@ -342,17 +369,41 @@ in {
          '';
        };
        "atuin.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
          locations."/".proxyPass = "http://${backend_ip}:8888";
        };
        # budget.${home_domain}
-        "${config.services.firefly-iii.virtualHost}".listen = [{ port = 3005; addr = "0.0.0.0"; ssl = false; }];
+        "${config.services.firefly-iii.virtualHost}".listen = [
-        "${config.services.firefly-iii-data-importer.virtualHost}".listen = [{ port = 3006; addr = "0.0.0.0"; ssl = false; }];
+          {
            port = 3005;
            addr = "0.0.0.0";
            ssl = false;
          }
        ];
        "${config.services.firefly-iii-data-importer.virtualHost}".listen = [
          {
            port = 3006;
            addr = "0.0.0.0";
            ssl = false;
          }
        ];
        "git.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
@ -362,7 +413,13 @@ in {
          '';
        };
        "id.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
@ -374,7 +431,13 @@ in {
          '';
        };
        "immich.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
@ -388,7 +451,13 @@ in {
          '';
        };
        "immich-kiosk.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
@ -403,7 +472,13 @@ in {
          '';
        };
        "jellyfin.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
@ -428,7 +503,13 @@ in {
          '';
        };
        "mealie.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
@ -438,7 +519,13 @@ in {
          '';
        };
        "monitoring.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
@ -469,7 +556,13 @@ in {
          '';
        };
        "readit.${home_domain}" = {
-          listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
+          listen = [
            {
              port = https_port;
              addr = "0.0.0.0";
              ssl = true;
            }
          ];
          enableACME = true;
          acmeRoot = null;
          forceSSL = true;
@ -622,20 +715,25 @@ in {
  users.users.${username} = {
    isNormalUser = true;
    description = "Gene Liverman";
-    extraGroups = [ "docker" "podman" "networkmanager" "wheel" ];
+    extraGroups = [
      "docker"
      "podman"
      "networkmanager"
      "wheel"
    ];
    linger = true;
  };
  # Enable common container config files in /etc/containers
-  virtualisation.containers.enable = true;
+  virtualisation = {
-
+    containers.enable = true;
-  virtualisation.oci-containers.backend = "podman";
+    oci-containers.backend = "podman";
    # Compose based apps were crashing with podman compose, so back to Docker...
-  virtualisation.docker.enable = true;
+    docker = {
-  virtualisation.docker.package = pkgs.docker;
+      enable = true;
-
+      package = pkgs.docker;
-  virtualisation.podman = {
+    };
    podman = {
      enable = true;
      autoPrune.enable = true;
      #dockerCompat = true;
@ -644,4 +742,5 @@ in {
      # Required for container networking to be able to use names.
      defaultNetwork.settings.dns_enabled = true;
    };
  };
 }
--- a/modules/hosts/nixos/nixnuc/hardware-configuration.nix
+++ b/modules/hosts/nixos/nixnuc/hardware-configuration.nix
@ -1,42 +1,60 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, modulesPath, ... }:
+{
  config,
  lib,
  modulesPath,
  ...
 }:
 {
-  imports =
+  imports = [
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/installer/scan/not-detected.nix")
  ];
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot = {
-  boot.initrd.kernelModules = [ ];
+    initrd = {
-  boot.kernelModules = [ "kvm-intel" ];
+      availableKernelModules = [
-  boot.extraModulePackages = [ ];
+        "xhci_pci"
        "ahci"
        "usbhid"
        "usb_storage"
        "sd_mod"
        "sdhci_pci"
      ];
      kernelModules = [ ];
    };
    kernelModules = [ "kvm-intel" ];
    extraModulePackages = [ ];
  };
-  fileSystems."/" =
+  fileSystems = {
-    { device = "/dev/disk/by-uuid/0ee15ee9-37ea-448d-aa3b-23eb25994df0";
+    "/" = {
      device = "/dev/disk/by-uuid/0ee15ee9-37ea-448d-aa3b-23eb25994df0";
      fsType = "ext4";
    };
-  fileSystems."/boot" =
+    "/boot" = {
-    { device = "/dev/disk/by-uuid/4814-3E47";
+      device = "/dev/disk/by-uuid/4814-3E47";
      fsType = "vfat";
    };
-  fileSystems."/var/lib/audiobookshelf" =
+    "/var/lib/audiobookshelf" = {
-    { device = "orico/audiobookshelf";
+      device = "orico/audiobookshelf";
      fsType = "zfs";
    };
-  fileSystems."/var/lib/postgresql" =
+    "/var/lib/postgresql" = {
-    { device = "orico/postgresql-data";
+      device = "orico/postgresql-data";
      fsType = "zfs";
    };
-  fileSystems."/var/lib/postgresql/16/pg_wal" =
+    "/var/lib/postgresql/16/pg_wal" = {
-    { device = "orico/postgresql-wal-16";
+      device = "orico/postgresql-wal-16";
      fsType = "zfs";
    };
  };
  # Second disk inside case
  #fileSystems."/var/lib/postgresql" =
--- a/modules/hosts/nixos/nixnuc/home-gene.nix
+++ b/modules/hosts/nixos/nixnuc/home-gene.nix
@ -1,3 +1,3 @@
-{ ... }: {
+{
  home.stateVersion = "23.11";
 }
--- a/modules/hosts/nixos/nixnuc/monitoring-stack.nix
+++ b/modules/hosts/nixos/nixnuc/monitoring-stack.nix
@ -1,6 +1,8 @@
-{ config, pkgs, ... }: let
+{ config, pkgs, ... }:
 let
  home_domain = "home.technicalissues.us";
-in {
+in
 {
  environment.systemPackages = with pkgs; [
    # Keeping empty for manual testing if needed
  ];
@ -55,7 +57,10 @@ in {
            ];
            metric_relabel_configs = [
              {
-                source_labels = ["__name__" "nodename"];
+                source_labels = [
                  "__name__"
                  "nodename"
                ];
                regex = "node_uname_info;0d869efa-prometheus-node-exporter";
                target_label = "nodename";
                replacement = "homeassistant";
@ -221,7 +226,6 @@ in {
        ];
      };
      settings = {
        auth = {
          # Set to true to disable (hide) the login form, useful if you use OAuth
@ -378,4 +382,3 @@ in {
    ];
  };
 }
--- a/modules/hosts/nixos/rainbow-planet/default.nix
+++ b/modules/hosts/nixos/rainbow-planet/default.nix
@ -1,4 +1,11 @@
-{ inputs, config, pkgs, username, ... }: {
+{
  inputs,
  config,
  pkgs,
  username,
  ...
 }:
 {
  imports = [
    ./hardware-configuration.nix
    ../../../shared/nixos/flatpaks.nix
@ -108,9 +115,13 @@
    boinc.enable = true;
    bpftune.enable = true;
    dbus.implementation = "broker";
-    desktopManager.cosmic.enable = false;
+    desktopManager = {
-    desktopManager.cosmic.xwayland.enable = false;
+      cosmic = {
-    desktopManager.plasma6.enable = true;
+        enable = false;
        xwayland.enable = false;
      };
      plasma6.enable = true;
    };
    displayManager.cosmic-greeter.enable = false;
    displayManager.sddm = {
      enable = true;
@ -179,7 +190,15 @@
  users.users.${username} = {
    isNormalUser = true;
    description = "Gene Liverman";
-    extraGroups = [ "adbusers" "dialout" "docker" "input" "networkmanager" "podman" "wheel" ];
+    extraGroups = [
      "adbusers"
      "dialout"
      "docker"
      "input"
      "networkmanager"
      "podman"
      "wheel"
    ];
    packages = with pkgs; [
      tailscale-systray
    ];
--- a/modules/hosts/nixos/rainbow-planet/gnome.nix
+++ b/modules/hosts/nixos/rainbow-planet/gnome.nix
@ -1,4 +1,5 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
 {
  environment.systemPackages = with pkgs; [
    gnome.gnome-tweaks
    gnome.nautilus
@ -33,4 +34,3 @@
    };
  };
 }
--- a/modules/hosts/nixos/rainbow-planet/hardware-configuration.nix
+++ b/modules/hosts/nixos/rainbow-planet/hardware-configuration.nix
@ -1,35 +1,55 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, modulesPath, pkgs, ... }:
+{
  config,
  lib,
  modulesPath,
  ...
 }:
 {
-  imports =
+  imports = [
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/installer/scan/not-detected.nix")
  ];
-  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot = {
    initrd = {
      availableKernelModules = [
        "xhci_pci"
        "nvme"
        "usb_storage"
        "sd_mod"
        "rtsx_pci_sdmmc"
      ];
      # boot.kernelPackages = pkgs.linuxPackages_zen;
-  boot.initrd.kernelModules = [ ];
+      kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" "sg" ];
+    };
-  boot.kernelParams = [
+    kernelModules = [
      "kvm-intel"
      "sg"
    ];
    kernelParams = [
      "i915.enable_fbc=1"
      "i915.enable_psr=2"
    ];
-  boot.extraModulePackages = [ ];
+    extraModulePackages = [ ];
  };
-  fileSystems."/" =
+  fileSystems = {
-    { device = "/dev/disk/by-uuid/eb9a2c7e-ae61-4d06-9464-49b98d576f7c";
+    "/" = {
      device = "/dev/disk/by-uuid/eb9a2c7e-ae61-4d06-9464-49b98d576f7c";
      fsType = "ext4";
    };
-  fileSystems."/boot" =
+    "/boot" = {
-    { device = "/dev/disk/by-uuid/924D-E7A4";
+      device = "/dev/disk/by-uuid/924D-E7A4";
      fsType = "vfat";
    };
  };
-  swapDevices =
+  swapDevices = [
-    [ { device = "/dev/disk/by-uuid/166d24ca-401c-492e-845d-bb1d0d6d7d86"; }
+    { device = "/dev/disk/by-uuid/166d24ca-401c-492e-845d-bb1d0d6d7d86"; }
  ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
--- a/modules/hosts/nixos/rainbow-planet/home-gene.nix
+++ b/modules/hosts/nixos/rainbow-planet/home-gene.nix
@ -1,4 +1,5 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
 {
  home.stateVersion = "23.11";
  imports = [
    ../../../shared/home/general/all-gui.nix
@ -10,12 +11,14 @@
  ];
  home.file = {
-    ".config/hypr/frappe.conf".source = (pkgs.fetchFromGitHub {
+    ".config/hypr/frappe.conf".source =
      pkgs.fetchFromGitHub {
        owner = "catppuccin";
        repo = "hyprland";
        rev = "99a88fd21fac270bd999d4a26cf0f4a4222c58be";
        hash = "sha256-07B5QmQmsUKYf38oWU3+2C6KO4JvinuTwmW1Pfk8CT8=";
-    } + "/themes/frappe.conf");
+      }
      + "/themes/frappe.conf";
  };
  programs = {
--- a/modules/shared/home/general/all-gui.nix
+++ b/modules/shared/home/general/all-gui.nix
@ -1,4 +1,5 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
 {
  home.packages = with pkgs; [
    esptool
  ];
--- a/modules/shared/home/general/default.nix
+++ b/modules/shared/home/general/default.nix
@ -1,17 +1,30 @@
-{ config, inputs, pkgs, ... }: let
+{
-  sqlite_lib = if builtins.elem pkgs.stdenv.hostPlatform.system [
+  config,
  inputs,
  pkgs,
  ...
 }:
 let
  sqlite_lib =
    if
      builtins.elem pkgs.stdenv.hostPlatform.system [
        "aarch64-darwin"
        "x86_64-darwin"
      ]
-               then "libsqlite3.dylib"
+    then
-               else "libsqlite3.so";
+      "libsqlite3.dylib"
-in {
+    else
-  home.packages = with pkgs; [
+      "libsqlite3.so";
 in
 {
  home = {
    packages = with pkgs; [
      btop
      bundix
      cargo
      cheat
      colordiff
      deadnix
      dogdns
      dos2unix
      duf
@ -39,6 +52,7 @@ in {
      nodejs
      nurl
      nvd
      nixfmt-tree
      onefetch
      powershell
      pre-commit
@ -46,6 +60,7 @@ in {
      rename
      ruby
      subversion
      statix
      tldr
      tree
      trippy
@ -54,10 +69,25 @@ in {
      wget
      yq-go
    ];
-  home.sessionVariables = {
+    sessionVariables = {
      CLICLOLOR = 1;
      PAGER = "less";
    };
    file = {
      ".config/nvim/lua/config" = {
        source = ../../files/nvim/lua/config;
        recursive = true;
      };
      ".config/nvim/lua/plugins" = {
        source = ../../files/nvim/lua/plugins;
        recursive = true;
      };
      ".config/powershell/Microsoft.PowerShell_profile.ps1".source =
        ../../files/Microsoft.PowerShell_profile.ps1;
      ".config/powershell/Microsoft.VSCode_profile.ps1".source =
        ../../files/Microsoft.PowerShell_profile.ps1;
    };
  };
  programs = {
    atuin = {
      enable = true;
@ -171,7 +201,11 @@ in {
    oh-my-posh = {
      enable = true;
      enableZshIntegration = true;
-      settings = builtins.fromJSON (builtins.unsafeDiscardStringContext (builtins.readFile (inputs.genebean-omp-themes + "/beanbag.omp.json")));
+      settings = builtins.fromJSON (
        builtins.unsafeDiscardStringContext (
          builtins.readFile (inputs.genebean-omp-themes + "/beanbag.omp.json")
        )
      );
      #useTheme = "amro";
      #useTheme = "montys";
    };
@ -350,17 +384,4 @@ in {
      };
    }; # end zsh
  }; # end programs
  home.file = {
    ".config/nvim/lua/config" = {
      source = ../../files/nvim/lua/config;
      recursive = true;
    };
    ".config/nvim/lua/plugins" = {
      source = ../../files/nvim/lua/plugins;
      recursive = true;
    };
    ".config/powershell/Microsoft.PowerShell_profile.ps1".source = ../../files/Microsoft.PowerShell_profile.ps1;
    ".config/powershell/Microsoft.VSCode_profile.ps1".source = ../../files/Microsoft.PowerShell_profile.ps1;
  };
 }
--- a/modules/shared/home/linux/apps/hexchat.nix
+++ b/modules/shared/home/linux/apps/hexchat.nix
@ -1,3 +1,3 @@
-{ ... }: {
+{
  programs.hexchat.enable = true;
 }
--- a/modules/shared/home/linux/apps/pidgin.nix
+++ b/modules/shared/home/linux/apps/pidgin.nix
@ -1,3 +1,3 @@
-{ ... }: {
+{
  programs.pidgin.enable = true;
 }
--- a/modules/shared/home/linux/apps/tilix.nix
+++ b/modules/shared/home/linux/apps/tilix.nix
@ -1,4 +1,6 @@
-{ lib, pkgs, ... }: with lib.hm.gvariant; {
+{ lib, pkgs, ... }:
 with lib.hm.gvariant;
 {
  dconf.settings = {
    "com/gexperts/Tilix/profiles/2b7c4080-0ddd-46c5-8f23-563fd3ba789d" = {
@ -10,7 +12,24 @@
      font = "Hack Nerd Font Mono 12";
      foreground-color = "#F8F8F2";
      highlight-colors-set = false;
-      palette = [ "#272822" "#F92672" "#A6E22E" "#F4BF75" "#66D9EF" "#AE81FF" "#A1EFE4" "#F8F8F2" "#75715E" "#F92672" "#A6E22E" "#F4BF75" "#66D9EF" "#AE81FF" "#A1EFE4" "#F9F8F5" ];
+      palette = [
        "#272822"
        "#F92672"
        "#A6E22E"
        "#F4BF75"
        "#66D9EF"
        "#AE81FF"
        "#A1EFE4"
        "#F8F8F2"
        "#75715E"
        "#F92672"
        "#A6E22E"
        "#F4BF75"
        "#66D9EF"
        "#AE81FF"
        "#A1EFE4"
        "#F9F8F5"
      ];
      use-system-font = false;
      use-theme-colors = false;
      visible-name = "Default";
@ -20,11 +39,13 @@
  home.file = {
    ".config/tilix/schemes/Beanbag-Mathias.json".source = ../../../files/tilix/Beanbag-Mathias.json;
-    ".config/tilix/schemes/Catppuccin-Frappe.json".source = (pkgs.fetchFromGitHub {
+    ".config/tilix/schemes/Catppuccin-Frappe.json".source =
      pkgs.fetchFromGitHub {
        owner = "catppuccin";
        repo = "tilix";
        rev = "3fd05e03419321f2f2a6aad6da733b28be1765ef";
        hash = "sha256-SI7QxQ+WBHzeuXbTye+s8pi4tDVZOV4Aa33mRYO276k=";
-    } + "/src/Catppuccin-Frappe.json");
+      }
      + "/src/Catppuccin-Frappe.json";
  };
 }
--- a/modules/shared/home/linux/apps/waybar.nix
+++ b/modules/shared/home/linux/apps/waybar.nix
@ -1,12 +1,15 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
 {
  home.file = {
    ".config/waybar/config".source = ../../../files/waybar/config;
-    ".config/waybar/frappe.css".source = (pkgs.fetchFromGitHub {
+    ".config/waybar/frappe.css".source =
      pkgs.fetchFromGitHub {
        owner = "catppuccin";
        repo = "waybar";
        rev = "f74ab1eecf2dcaf22569b396eed53b2b2fbe8aff";
        hash = "sha256-WLJMA2X20E5PCPg0ZPtSop0bfmu+pLImP9t8A8V4QK8=";
-    } + "/themes/frappe.css");
+      }
      + "/themes/frappe.css";
    ".config/waybar/style.css".source = ../../../files/waybar/style.css;
  };
--- a/modules/shared/home/linux/apps/xfce4-terminal.nix
+++ b/modules/shared/home/linux/apps/xfce4-terminal.nix
@ -1,4 +1,4 @@
-{ ... }: {
+{
  home.file = {
    ".config/xfce4/terminal/accels.scm".source = ../../../files/xfce4/terminal/accels.scm;
  };
@ -11,7 +11,8 @@
      "color-background" = "#08052b";
      "color-cursor" = "#ff7f7f";
      "color-cursor-use-default" = false;
-      "color-palette" = "#000000;#e52222;#a6e32d;#fc951e;#c48dff;#fa2573;#67d9f0;#f2f2f2;#555555;#ff5555;#55ff55;#ffff55;#5555ff;#ff55ff;#55ffff;#ffffff";
+      "color-palette" =
        "#000000;#e52222;#a6e32d;#fc951e;#c48dff;#fa2573;#67d9f0;#f2f2f2;#555555;#ff5555;#55ff55;#ffff55;#5555ff;#ff55ff;#55ffff;#ffffff";
      "font-name" = "Hack Nerd Font Mono 12";
      "misc-always-show-tabs" = false;
      "misc-bell" = false;
--- a/modules/shared/home/linux/default.nix
+++ b/modules/shared/home/linux/default.nix
@ -1,4 +1,5 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
 {
  home.packages = with pkgs; [
    fastfetch
  ];
--- a/modules/shared/nixos/flatpaks.nix
+++ b/modules/shared/nixos/flatpaks.nix
@ -1,5 +1,4 @@
-
+{
 { ... }: {
  services = {
    flatpak = {
      enable = true;
--- a/modules/shared/nixos/internationalisation.nix
+++ b/modules/shared/nixos/internationalisation.nix
@ -1,4 +1,4 @@
-{ ... }: {
+{
  # Select internationalisation properties.
  i18n = {
    defaultLocale = "en_US.UTF-8";
--- a/modules/shared/nixos/lets-encrypt.nix
+++ b/modules/shared/nixos/lets-encrypt.nix
@ -1,4 +1,5 @@
-{ config, username, ... }: {
+{ config, username, ... }:
 {
  ##########################################################################
  #                                                                        #
@ -10,7 +11,9 @@
    acceptTerms = true;
    defaults = {
      email = "lets-encrypt@technicalissues.us";
-      credentialFiles = { "GANDIV5_PERSONAL_ACCESS_TOKEN_FILE" = "${config.sops.secrets.gandi_dns_pat.path}"; };
+      credentialFiles = {
        "GANDIV5_PERSONAL_ACCESS_TOKEN_FILE" = "${config.sops.secrets.gandi_dns_pat.path}";
      };
      dnsProvider = "gandiv5";
      dnsResolver = "ns1.gandi.net";
      # uncomment below for testing
--- a/modules/shared/nixos/nixroutes.nix
+++ b/modules/shared/nixos/nixroutes.nix
@ -1,7 +1,7 @@
-{ config, lib, ... }:
+{ config, ... }:
 let
-  hostName = config.networking.hostName;
+  inherit (config.networking) hostName;
-in {
+in
-  programs.zsh.shellAliases.nixroutes =
+{
-    "cd ~/repos/dots && echo '=== Current Routes ===' && ip route show && ip -6 route show && echo '' && echo '=== New Build Routes ===' && nix eval --json '.#nixosConfigurations.${hostName}.config.systemd.network.networks.\"10-wan\".routes'";
+  programs.zsh.shellAliases.nixroutes = "cd ~/repos/dots && echo '=== Current Routes ===' && ip route show && ip -6 route show && echo '' && echo '=== New Build Routes ===' && nix eval --json '.#nixosConfigurations.${hostName}.config.systemd.network.networks.\"10-wan\".routes'";
 }
--- a/modules/shared/nixos/restic.nix
+++ b/modules/shared/nixos/restic.nix
@ -1,4 +1,5 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, ... }:
 {
  environment.systemPackages = with pkgs; [
    restic
  ];
@ -29,4 +30,3 @@
    };
  };
 }
--- a/modules/shared/nixos/ripping.nix
+++ b/modules/shared/nixos/ripping.nix
@ -1,4 +1,5 @@
-{ pkgs, ... }: {
+{ pkgs, ... }:
 {
  # Be sure this is added if on NixOS
  # boot.kernelModules = [ "sg" ];
@ -20,4 +21,3 @@
    mkvtoolnix-cli
  ];
 }
`@ -1,2 +1,3 @@`
	`*.yaml diff=sopsdiffer`	`*.yaml diff=sopsdiffer`
		`.pre-commit-config.yaml diff=default`