NixOS/parts/core.nix

{ inputs, ... }:
let
  system = "x86_64-linux";
  mkpkgs =
    repo:
    import repo {
      inherit system;
      config.allowUnfree = true;
    };
in
{
  systems = [ system ];
  flake = {
    lib = {
      commonModules = name: [
        ../hosts/${name}/configuration.nix
        inputs.nur.modules.nixos.default
        inputs.sops-nix.nixosModules.sops
        inputs.stylix.nixosModules.stylix
        inputs.nixtendo-switch.nixosModules.nixtendo-switch
        {
          nixpkgs.overlays = [
            (import ../config/overlay.nix { inherit mkpkgs inputs; })
            inputs.doom-emacs.overlays.default
          ];
        }
        {
          nix.registry = {
            jawz.flake = inputs.self;
            unstable.flake = inputs.nixpkgs-unstable;
          };
        }
      ];
      createConfig =
        name: local-nixpkgs:
        let
          lib = local-nixpkgs.lib // inputs.home-manager.lib;
        in
        lib.nixosSystem {
          inherit system;
          modules = inputs.self.lib.commonModules name;
          specialArgs = {
            inherit inputs;
            outputs = inputs.self;
          };
        };
      langList =
        builtins.readDir ../modules/dev
        |> builtins.attrNames
        |> map (file: baseNameOf file |> builtins.replaceStrings [ ".nix" ] [ "" ])
        |> builtins.filter (name: name != "emacs");
      autoImport =
        dir: filterFn:
        builtins.readDir dir
        |> builtins.attrNames
        |> builtins.filter (file: builtins.match ".*\\.nix" file != null && filterFn file)
        |> map (file: dir + "/${file}");
      proxy = locations: {
        inherit locations;
        forceSSL = true;
        enableACME = true;
        http2 = true;
      };
      proxyReverse =
        cfg:
        inputs.self.lib.proxy {
          "/" = {
            proxyPass = "http://${cfg.ip}:${toString cfg.port}/";
            proxyWebsockets = cfg.enableSocket or false;
          };
        };
      proxyReverseFix =
        cfg:
        let
          useLocalhost = cfg.hostName == cfg.hostName;
          localHeaders = ''
            proxy_set_header   Host $host;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Proto $scheme;
          '';
        in
        inputs.self.lib.proxyReverse cfg
        // {
          extraConfig = ''
            ${if useLocalhost then localHeaders else ""}
            proxy_set_header   X-Forwarded-Host $host;
            proxy_set_header   Upgrade $http_upgrade;
            proxy_set_header   Connection $http_connection;
            proxy_redirect     off;
            proxy_http_version 1.1;
          '';
        };
      proxyReversePrivate =
        cfg:
        inputs.self.lib.proxyReverse cfg
        // {
          extraConfig = ''
            ssl_verify_client on;
            ssl_client_certificate ${cfg.certPath};
            error_page 403 /403.html;
          '';
        };
      commonAliases = {
        cp = "cp -i";
        mv = "mv -i";
        mkdir = "mkdir -p";
        mkcd = "(){ mkdir -p \"$1\" && cd \"$1\" }";
        copy = "xclip -selection clipboard";
        cdp = "pwd | copy";
        cfp = "(){ readlink -f \"$1\" | copy }";
        ".." = "cd ..";
        "..." = "cd ../..";
        ".3" = "cd ../../..";
        ".4" = "cd ../../../..";
        ".5" = "cd ../../../../..";
        c = "cat";
        sc = "systemctl --user";
        jc = "journalctl --user -xefu";
      };
      xdgEnvironment =
        let
          XDG_DATA_HOME = "\${HOME}/.local/share";
          XDG_CONFIG_HOME = "\${HOME}/.config";
          XDG_CACHE_HOME = "\${HOME}/.cache";
        in
        {
          inherit XDG_DATA_HOME XDG_CONFIG_HOME XDG_CACHE_HOME;
          XDG_BIN_HOME = "\${HOME}/.local/bin";
          XDG_STATE_HOME = "\${HOME}/.local/state";
          PSQL_HISTORY = "${XDG_DATA_HOME}/psql_history";
          REDISCLI_HISTFILE = "${XDG_DATA_HOME}/redis/rediscli_history";
          WINEPREFIX = "${XDG_DATA_HOME}/wine";
          ELECTRUMDIR = "${XDG_DATA_HOME}/electrum";
          WGETRC = "${XDG_CONFIG_HOME}/wgetrc";
          XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose";
          "_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=${XDG_CONFIG_HOME}/java";
          ORG_DEVICE = "workstation";
          PATH = [ "\${HOME}/.local/bin" ];
        };
      getNixosHosts =
        ips: hostName: lib:
        builtins.attrNames ips
        |> builtins.filter (
          name: !(lib.hasPrefix "wg-" name) && name != "vps" && name != "router" && name != hostName
        );
      shellConditional =
        shellType: bashContent: zshContent:
        if shellType == "bash" then { initExtra = bashContent; } else { initContent = zshContent; };
      mergeAliases = baseAliases: extraAliases: baseAliases // extraAliases;
      importDotfile = path: import path;
      getServicesWithNativeFirewall =
        config: blacklist:
        config.my.servers
        |> builtins.attrNames
        |> builtins.filter (
          name:
          (config.my.servers.${name}.enable or false)
          && !(builtins.elem name blacklist)
          && builtins.hasAttr name config.services
          && (config.services.${name} ? openFirewall)
        );
      generateFirewallPorts =
        config: nativeServices: lib:
        config.my.network.firewall.staticPorts
        ++ config.my.network.firewall.additionalPorts
        ++ (
          config.my.servers
          |> lib.filterAttrs (
            name: srv: (srv.enable or false) && (srv ? port) && !(builtins.elem name nativeServices)
          )
          |> lib.attrValues
          |> map (srv: srv.port)
        );
    };
  };
}