assertions + more descriptive initializations

config/stylix.nix

@@ -10,7 +10,7 @@ let
   cfg = config.my.stylix;
 in
 {
-  options.my.stylix.enable = lib.mkEnableOption "enable";
+  options.my.stylix.enable = lib.mkEnableOption "system-wide theming with Stylix";
   config = {
     stylix = {
       inherit (scheme) image polarity;

modules/apps/art.nix

@@ -37,8 +37,8 @@ let
 in
 {
   options.my = {
-    apps.art.enable = lib.mkEnableOption "enable";
+    apps.art.enable = lib.mkEnableOption "digital art and creative applications";
-    dev.gameDev.enable = lib.mkEnableOption "enable";
+    dev.gameDev.enable = lib.mkEnableOption "game development tools and engines";
   };
   config.users.users.jawz.packages = artPackages ++ gameDevPackages;
 }

modules/apps/dictionaries.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.apps.dictionaries.enable = lib.mkEnableOption "enable";
+  options.my.apps.dictionaries.enable = lib.mkEnableOption "dictionaries and language tools";
   config = lib.mkIf config.my.apps.dictionaries.enable {
     users.users.jawz.packages = builtins.attrValues {
       inherit (pkgs)

modules/apps/fonts.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.apps.fonts.enable = lib.mkEnableOption "enable";
+  options.my.apps.fonts.enable = lib.mkEnableOption "additional fonts and typography";
   config = lib.mkIf config.my.apps.fonts.enable {
     nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "corefonts" ];
     fonts.packages = builtins.attrValues {

modules/apps/gaming.nix

@@ -8,8 +8,8 @@
 {
   imports = [ inputs.nix-gaming.nixosModules.platformOptimizations ];
   options.my.apps = {
-    gaming.enable = lib.mkEnableOption "enable";
+    gaming.enable = lib.mkEnableOption "gaming applications and emulators";
-    switch.enable = lib.mkEnableOption "enable";
+    switch.enable = lib.mkEnableOption "Nintendo Switch homebrew tools";
   };
   config = lib.mkIf config.my.apps.gaming.enable {
     # sops.secrets.switch-presence = lib.mkIf config.my.apps.gaming.switch.enable {

modules/apps/internet.nix

@@ -30,7 +30,7 @@ let
       );
 in
 {
-  options.my.apps.internet.enable = lib.mkEnableOption "enable";
+  options.my.apps.internet.enable = lib.mkEnableOption "internet browsers and communication apps";
   config = lib.mkIf config.my.apps.internet.enable {
     home-manager.users.jawz.programs.librewolf = import ./librewolf.nix;
     programs.geary.enable = true;

modules/apps/misc.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.apps.misc.enable = lib.mkEnableOption "enable";
+  options.my.apps.misc.enable = lib.mkEnableOption "miscellaneous desktop applications";
   config = lib.mkIf config.my.apps.misc.enable {
     users.users.jawz.packages = builtins.attrValues {
       inherit (pkgs)

modules/apps/multimedia.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.apps.multimedia.enable = lib.mkEnableOption "enable";
+  options.my.apps.multimedia.enable = lib.mkEnableOption "multimedia applications and media players";
   config = lib.mkIf config.my.apps.multimedia.enable {
     users.users.jawz.packages = builtins.attrValues {
       inherit (pkgs)

modules/apps/music.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.apps.piano.enable = lib.mkEnableOption "enable";
+  options.my.apps.piano.enable = lib.mkEnableOption "piano learning and music theory apps";
   config = lib.mkIf config.my.apps.piano.enable {
     users.users.jawz.packages = builtins.attrValues {
       inherit (pkgs)

modules/apps/office.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.apps.office.enable = lib.mkEnableOption "enable";
+  options.my.apps.office.enable = lib.mkEnableOption "office applications and productivity tools";
   config = lib.mkIf config.my.apps.office.enable {
     environment.variables.CALIBRE_USE_SYSTEM_THEME = "1";
     users.users.jawz.packages = builtins.attrValues {

modules/dev/emacs.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.emacs.enable = lib.mkEnableOption "enable";
+  options.my.emacs.enable = lib.mkEnableOption "Doom Emacs configuration";
   config = lib.mkIf config.my.emacs.enable {
     home-manager.users.jawz = {
       xdg.dataFile = {

modules/factories/mkserver.nix

@@ -1,7 +1,7 @@
 { lib, config, ... }:
 let
   mkOptions = name: subdomain: port: {
-    enable = lib.mkEnableOption "enable";
+    enable = lib.mkEnableOption "this server service";
     enableCron = lib.mkEnableOption "enable cronjob";
     enableProxy = lib.mkEnableOption "enable reverse proxy";
     port = lib.mkOption {

modules/modules.nix

@@ -116,10 +116,69 @@ in
       default = "America/Mexico_City";
       description = "Timezone";
     };
-    enableContainers = lib.mkEnableOption "enable";
+    enableContainers = lib.mkEnableOption "container services (Docker/Podman)";
-    enableProxy = lib.mkEnableOption "enable";
+    enableProxy = lib.mkEnableOption "nginx reverse proxy for services";
   };
   config = {
+    assertions = [
+      {
+        assertion = config.my.servers.nextcloud.enable -> config.my.servers.postgres.enable;
+        message = "Nextcloud requires PostgreSQL to be enabled";
+      }
+      {
+        assertion = config.my.servers.vaultwarden.enable -> config.my.servers.postgres.enable;
+        message = "Vaultwarden requires PostgreSQL to be enabled";
+      }
+      {
+        assertion = config.my.servers.firefly-iii.enable -> config.my.servers.postgres.enable;
+        message = "Firefly III requires PostgreSQL to be enabled";
+      }
+      {
+        assertion = config.my.servers.mealie.enable -> config.my.servers.postgres.enable;
+        message = "Mealie requires PostgreSQL to be enabled";
+      }
+      {
+        assertion = config.my.servers.shiori.enable -> config.my.servers.postgres.enable;
+        message = "Shiori requires PostgreSQL to be enabled";
+      }
+      {
+        assertion = config.my.servers.ryot.enable -> config.my.servers.postgres.enable;
+        message = "Ryot requires PostgreSQL to be enabled";
+      }
+      {
+        assertion = config.my.servers.synapse.enable -> config.my.servers.postgres.enable;
+        message = "Matrix Synapse requires PostgreSQL to be enabled";
+      }
+      {
+        assertion = config.my.servers.gitea.enable -> config.my.servers.postgres.enable;
+        message = "Gitea requires PostgreSQL to be enabled";
+      }
+      {
+        assertion =
+          config.my.enableProxy
+          -> (builtins.any (s: s.enableProxy or false) (builtins.attrValues config.my.servers));
+        message = "enableProxy is true but no services have enableProxy enabled";
+      }
+      {
+        assertion =
+          config.my.enableContainers
+          || !(builtins.any (opt: opt) [
+            config.my.servers.ryot.enable
+            config.my.servers.lidarr.enable
+            config.my.servers.prowlarr.enable
+            config.my.servers.maloja.enable
+            config.my.servers.multi-scrobbler.enable
+            config.my.servers.flame.enable
+            config.my.servers.flameSecret.enable
+            config.my.servers.metube.enable
+            config.my.servers.go-vod.enable
+            config.my.servers.tranga.enable
+            config.my.servers.drpp.enable
+            config.my.servers.plex-discord-bot.enable
+          ]);
+        message = "Container services are enabled but enableContainers is false";
+      }
+    ];
     virtualisation = {
       containers.enable = true;
       oci-containers.backend = "podman";

modules/scripts/download.nix

@@ -8,8 +8,8 @@
 {
   imports = [ ../factories/mkscript.nix ];
   options.my.units = {
-    download.enable = lib.mkEnableOption "enable";
+    download.enable = lib.mkEnableOption "media download automation scripts";
-    downloadManga.enable = lib.mkEnableOption "enable";
+    downloadManga.enable = lib.mkEnableOption "manga download automation";
   };
   config =
     let

modules/scripts/stream-dl.nix

@@ -7,7 +7,7 @@
 }:
 {
   imports = [ ../factories/mkscript.nix ];
-  options.my.units.stream-dl.enable = lib.mkEnableOption "enable";
+  options.my.units.stream-dl.enable = lib.mkEnableOption "streaming media download service";
   config =
     let
       inherit (inputs.jawz-scripts.packages.x86_64-linux) stream-dl;

modules/servers/adguardhome.nix

@@ -3,7 +3,7 @@ let
   cfg = config.my.servers.adguardhome;
 in
 {
-  options.my.servers.adguardhome.enable = lib.mkEnableOption "enable";
+  options.my.servers.adguardhome.enable = lib.mkEnableOption "AdGuard Home DNS ad blocker";
   config = lib.mkIf (cfg.enable && config.my.secureHost) {
     services.adguardhome = {
       inherit (cfg) enable;

modules/servers/firefly-iii.nix

@@ -4,7 +4,7 @@ let
 in
 {
   options.my.servers.firefly-iii = {
-    enable = lib.mkEnableOption "enable";
+    enable = lib.mkEnableOption "Firefly III personal finance manager";
     enableProxy = lib.mkEnableOption "enableProxy";
   };
   config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) {

modules/servers/nextcloud.nix

@@ -37,7 +37,7 @@ in
   options.my.servers = {
     nextcloud = setup.mkOptions "nextcloud" "cloud" 80;
     collabora = setup.mkOptions "collabora" "collabora" 9980;
-    go-vod.enable = lib.mkEnableOption "enable";
+    go-vod.enable = lib.mkEnableOption "Go-VOD video transcoding service";
   };
   config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) {
     sops.secrets.nextcloud-adminpass = {

modules/servers/paperless.nix

@@ -3,7 +3,7 @@ let
   cfg = config.my.servers.paperless;
 in
 {
-  options.my.servers.paperless.enable = lib.mkEnableOption "enable";
+  options.my.servers.paperless.enable = lib.mkEnableOption "Paperless-ngx document management system";
   config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable) {
     networking.firewall.allowedTCPPorts = [ config.services.paperless.port ];
     services.paperless = {

modules/servers/postgres.nix

@@ -42,7 +42,7 @@ let
   ];
 in
 {
-  options.my.servers.postgres.enable = lib.mkEnableOption "enable";
+  options.my.servers.postgres.enable = lib.mkEnableOption "PostgreSQL database server";
   config = lib.mkIf cfg.enable {
     environment.systemPackages = [ upgrade-pg-cluster ];
     services.postgresql = {

modules/servers/qbittorrent.nix

@@ -38,9 +38,9 @@ let
 in
 {
   options.my.servers = {
-    unpackerr.enable = lib.mkEnableOption "enable";
+    unpackerr.enable = lib.mkEnableOption "automatic archive extraction service";
     qbittorrent = {
-      enable = lib.mkEnableOption "enable";
+      enable = lib.mkEnableOption "qBittorrent torrent client";
       port = lib.mkOption {
         type = lib.types.int;
         default = 9091;

modules/servers/sabnzbd.nix

@@ -4,7 +4,7 @@ let
 in
 {
   options.my.servers.sabnzbd = {
-    enable = lib.mkEnableOption "enable";
+    enable = lib.mkEnableOption "SABnzbd Usenet downloader";
     port = lib.mkOption {
       type = lib.types.int;
       default = 3399;

modules/services/network.nix

@@ -1,6 +1,6 @@
 { config, lib, ... }:
 {
-  options.my.services.network.enable = lib.mkEnableOption "enable";
+  options.my.services.network.enable = lib.mkEnableOption "network configuration and services";
   config = lib.mkIf config.my.services.network.enable {
     networking = {
       enableIPv6 = true;

modules/services/nvidia.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.services.nvidia.enable = lib.mkEnableOption "enable";
+  options.my.services.nvidia.enable = lib.mkEnableOption "NVIDIA GPU drivers and CUDA";
   config = lib.mkIf config.my.services.nvidia.enable {
     environment.variables.CUDA_CACHE_PATH = "\${XDG_CACHE_HOME}/nv";
     boot.kernelParams = lib.mkIf (config.networking.hostName == "workstation") [ "nvidia-drm.fbdev=1" ];

modules/services/printing.nix

@@ -11,7 +11,7 @@ let
   ];
 in
 {
-  options.my.services.printing.enable = lib.mkEnableOption "enable";
+  options.my.services.printing.enable = lib.mkEnableOption "printing services and drivers";
   config = lib.mkIf config.my.services.printing.enable {
     users.users.jawz.packages = [ pkgs.simple-scan ];
     services.printing = {

modules/services/sound.nix

@@ -6,7 +6,7 @@
 }:
 {
   imports = [ inputs.nix-gaming.nixosModules.pipewireLowLatency ];
-  options.my.services.sound.enable = lib.mkEnableOption "enable";
+  options.my.services.sound.enable = lib.mkEnableOption "audio system and PipeWire";
   config = lib.mkIf config.my.services.sound.enable {
     services.pulseaudio.enable = false;
     security.rtkit.enable = true; # make pipewire realtime-capable

modules/services/wireguard.nix

@@ -9,7 +9,7 @@ let
   interface = config.my.interfaces.${config.networking.hostName};
 in
 {
-  options.my.services.wireguard.enable = lib.mkEnableOption "enable";
+  options.my.services.wireguard.enable = lib.mkEnableOption "WireGuard VPN configuration";
   config = lib.mkIf (config.my.services.wireguard.enable && config.my.secureHost) {
     sops.secrets."wireguard/private".sopsFile = ../../secrets/wireguard.yaml;
     networking = {

modules/shell/exercism.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.shell.exercism.enable = lib.mkEnableOption "enable";
+  options.my.shell.exercism.enable = lib.mkEnableOption "Exercism coding practice platform";
   config = lib.mkIf config.my.shell.exercism.enable {
     users.users.jawz.packages = builtins.attrValues {
       inherit (pkgs)

modules/shell/multimedia.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  options.my.shell.multimedia.enable = lib.mkEnableOption "enable";
+  options.my.shell.multimedia.enable = lib.mkEnableOption "multimedia CLI tools and codecs";
   config = lib.mkIf config.my.shell.multimedia.enable {
     home-manager.users.jawz.programs = {
       yt-dlp = {

modules/shell/tools.nix

@@ -6,7 +6,7 @@
   ...
 }:
 {
-  options.my.shell.tools.enable = lib.mkEnableOption "enable";
+  options.my.shell.tools.enable = lib.mkEnableOption "shell tools and utilities";
   config = lib.mkIf config.my.shell.tools.enable {
     home-manager.users.jawz.programs = {
       hstr.enable = true;