diff --git a/modules/dev/emacs.nix b/modules/dev/emacs.nix index 467fa96..ffc91c6 100644 --- a/modules/dev/emacs.nix +++ b/modules/dev/emacs.nix @@ -15,10 +15,12 @@ "doom/templates/programming.org".source = ../../dotfiles/doom/templates/programming.org; }; services.lorri.enable = true; - programs.${config.my.shell.type}.shellAliases = inputs.self.lib.mergeAliases inputs.self.lib.commonAliases { - edit = "emacsclient -t"; - e = "edit"; - }; + programs.${config.my.shell.type}.shellAliases = + inputs.self.lib.mergeAliases inputs.self.lib.commonAliases + { + edit = "emacsclient -t"; + e = "edit"; + }; }; users.users.jawz.packages = builtins.attrValues { inherit (pkgs.xorg) xwininfo; diff --git a/modules/dev/nix.nix b/modules/dev/nix.nix index 0253068..f8df268 100644 --- a/modules/dev/nix.nix +++ b/modules/dev/nix.nix @@ -34,12 +34,14 @@ in }; config = lib.mkIf config.my.dev.nix.enable { users.users.jawz = { inherit packages; }; - home-manager.users.jawz.programs.${shellType}.shellAliases = inputs.self.lib.mergeAliases inputs.self.lib.commonAliases { - nixformat = '' - deadnix -e && \ - nix run nixpkgs#nixfmt-tree && \ - statix fix - ''; - }; + home-manager.users.jawz.programs.${shellType}.shellAliases = + inputs.self.lib.mergeAliases inputs.self.lib.commonAliases + { + nixformat = '' + deadnix -e && \ + nix run nixpkgs#nixfmt-tree && \ + statix fix + ''; + }; }; } diff --git a/modules/network/firewall.nix b/modules/network/firewall.nix index fec5e7b..be2fbd3 100644 --- a/modules/network/firewall.nix +++ b/modules/network/firewall.nix @@ -1,18 +1,23 @@ -{ lib, config, ... }: +{ + lib, + config, + inputs, + ... +}: let - nativeServicesWithOpenFirewall = [ - "adguardhome" - "plex" - "nix-serve" - "radarr" - "sonarr" - "jellyfin" - "prowlarr" - "bazarr" - "stash" - "ombi" - "flaresolverr" + firewallBlacklist = [ + "lidarr" + "maloja" + "tranga" + "flame" + "flameSecret" + "ryot" + "drpp" + "metube" + "multi-scrobbler" + "plex-discord-bot" ]; + nativeServicesWithOpenFirewall = inputs.self.lib.getServicesWithNativeFirewall config firewallBlacklist; servicesConfig = lib.listToAttrs ( map (serviceName: { name = serviceName; @@ -37,17 +42,7 @@ in config = lib.mkIf config.my.network.firewall.enabledServicePorts { services = servicesConfig; networking.firewall.allowedTCPPorts = - config.my.network.firewall.staticPorts - ++ config.my.network.firewall.additionalPorts - ++ ( - config.my.servers - |> lib.filterAttrs ( - name: srv: - (srv.enable or false) && (srv ? port) && !(builtins.elem name nativeServicesWithOpenFirewall) - ) - |> lib.attrValues - |> map (srv: srv.port) - ) + inputs.self.lib.generateFirewallPorts config nativeServicesWithOpenFirewall lib ++ (lib.optionals config.services.nginx.enable [ config.services.nginx.defaultHTTPListenPort config.services.nginx.defaultSSLListenPort diff --git a/modules/scripts/download.nix b/modules/scripts/download.nix index 85c487f..93ad2f8 100644 --- a/modules/scripts/download.nix +++ b/modules/scripts/download.nix @@ -23,17 +23,20 @@ gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"''; }; } - // inputs.self.lib.shellConditional config.my.shell.type '' - list_root=$XDG_CONFIG_HOME/jawz/lists/jawz - export LW=$list_root/watch.txt - export LI=$list_root/instant.txt - export LC=$list_root/comic.txt - '' '' - list_root=$XDG_CONFIG_HOME/jawz/lists/jawz - export LW=$list_root/watch.txt - export LI=$list_root/instant.txt - export LC=$list_root/comic.txt - ''; + // + inputs.self.lib.shellConditional config.my.shell.type + '' + list_root=$XDG_CONFIG_HOME/jawz/lists/jawz + export LW=$list_root/watch.txt + export LI=$list_root/instant.txt + export LC=$list_root/comic.txt + '' + '' + list_root=$XDG_CONFIG_HOME/jawz/lists/jawz + export LW=$list_root/watch.txt + export LI=$list_root/instant.txt + export LC=$list_root/comic.txt + ''; systemd.user = { services = let diff --git a/modules/shell/tools.nix b/modules/shell/tools.nix index 48629a8..1e7dee1 100644 --- a/modules/shell/tools.nix +++ b/modules/shell/tools.nix @@ -70,17 +70,20 @@ in uniq --count | sort -rn''; }; } - // inputs.self.lib.shellConditional shellType '' - if command -v fzf-share >/dev/null; then - source "$(fzf-share)/key-bindings.bash" - source "$(fzf-share)/completion.bash" - fi - '' '' - if command -v fzf-share >/dev/null; then - source "$(fzf-share)/key-bindings.bash" - source "$(fzf-share)/completion.bash" - fi - ''; + // + inputs.self.lib.shellConditional shellType + '' + if command -v fzf-share >/dev/null; then + source "$(fzf-share)/key-bindings.bash" + source "$(fzf-share)/completion.bash" + fi + '' + '' + if command -v fzf-share >/dev/null; then + source "$(fzf-share)/key-bindings.bash" + source "$(fzf-share)/completion.bash" + fi + ''; }; programs = { starship.enable = true; diff --git a/parts/core.nix b/parts/core.nix index 69ab957..7989fad 100644 --- a/parts/core.nix +++ b/parts/core.nix @@ -192,12 +192,33 @@ in |> builtins.filter ( name: !(lib.hasPrefix "wg-" name) && name != "vps" && name != "router" && name != hostName ); - shellConditional = shellType: bashContent: zshContent: - if shellType == "bash" then - { initExtra = bashContent; } - else - { initContent = zshContent; }; + shellConditional = + shellType: bashContent: zshContent: + if shellType == "bash" then { initExtra = bashContent; } else { initContent = zshContent; }; mergeAliases = baseAliases: extraAliases: baseAliases // extraAliases; + getServicesWithNativeFirewall = + config: blacklist: + config.my.servers + |> builtins.attrNames + |> builtins.filter ( + name: + (config.my.servers.${name}.enable or false) + && !(builtins.elem name blacklist) + && builtins.hasAttr name config.services + && (config.services.${name} ? openFirewall) + ); + generateFirewallPorts = + config: nativeServices: lib: + config.my.network.firewall.staticPorts + ++ config.my.network.firewall.additionalPorts + ++ ( + config.my.servers + |> lib.filterAttrs ( + name: srv: (srv.enable or false) && (srv ? port) && !(builtins.elem name nativeServices) + ) + |> lib.attrValues + |> map (srv: srv.port) + ); }; }; }