feat: format via 'ls **/*.nix | each { |it| nixfmt $it.name }'

2026-01-11 20:40:24 +01:00 · 2025-07-30 12:17:24 +08:00
parent d10b30b06b
commit 13bb77108c
219 changed files with 2103 additions and 1728 deletions
--- a/hardening/apparmor/default.nix
+++ b/hardening/apparmor/default.nix
@@ -2,7 +2,8 @@
  config,
  pkgs,
  ...
-}: {
+}:
+{
  services.dbus.apparmor = "enabled";
  security.apparmor = {
    enable = true;
--- a/hardening/bwraps/default.nix
+++ b/hardening/bwraps/default.nix
@@ -2,7 +2,7 @@
  nixpkgs.overlays = [
    (_: super: {
      bwraps = {
-        wechat = super.callPackage ./wechat.nix {};
+        wechat = super.callPackage ./wechat.nix { };
      };
    })
  ];
--- a/hardening/bwraps/wechat.nix
+++ b/hardening/bwraps/wechat.nix
@@ -10,7 +10,8 @@
  appimageTools,
  fetchurl,
  stdenvNoCC,
-}: let
+}:
+let
  pname = "wechat";
  # https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/we/wechat/package.nix
  sources = {
@@ -41,7 +42,7 @@
    '';
  };
 in
-  appimageTools.wrapAppImage {
+appimageTools.wrapAppImage {
  inherit pname version;

  src = appimageContents;
@@ -95,4 +96,4 @@ in
  unshareUts = true;
  unshareCgroup = true;
  privateTmp = true;
-  }
+}
--- a/hardening/nixpaks/default.nix
+++ b/hardening/nixpaks/default.nix
@@ -2,7 +2,8 @@
  pkgs,
  nixpak,
  ...
-}: let
+}:
+let
  callArgs = {
    mkNixPak = nixpak.lib.nixpak {
      inherit (pkgs) lib;
@@ -14,19 +15,20 @@
    ];
  };
  wrapper = _pkgs: path: (_pkgs.callPackage path callArgs).config.script;
-in {
+in
+{
  # Add nixpaked Apps into nixpkgs, and reference them in home-manager or other nixos modules
  nixpkgs.overlays = [
    (_: super: {
      nixpaks = {
        qq = wrapper super ./qq.nix;
-        qq-desktop-item = super.callPackage ./qq-desktop-item.nix {};
+        qq-desktop-item = super.callPackage ./qq-desktop-item.nix { };

        wechat = wrapper super ./wechat.nix;
-        wechat-desktop-item = super.callPackage ./wechat-desktop-item.nix {};
+        wechat-desktop-item = super.callPackage ./wechat-desktop-item.nix { };

        firefox = wrapper super ./firefox.nix;
-        firefox-desktop-item = super.callPackage ./firefox-desktop-item.nix {};
+        firefox-desktop-item = super.callPackage ./firefox-desktop-item.nix { };
      };
    })
  ];
--- a/hardening/nixpaks/firefox-desktop-item.nix
+++ b/hardening/nixpaks/firefox-desktop-item.nix
@@ -1,4 +1,4 @@
-{makeDesktopItem}:
+{ makeDesktopItem }:
 makeDesktopItem {
  name = "firefox";
  desktopName = "firefox";
@@ -6,6 +6,6 @@ makeDesktopItem {
  terminal = false;
  icon = "firefox";
  type = "Application";
-  categories = ["Network"];
+  categories = [ "Network" ];
  comment = "firefox boxed";
 }
--- a/hardening/nixpaks/firefox.nix
+++ b/hardening/nixpaks/firefox.nix
@@ -10,11 +10,13 @@
  ...
 }:
 mkNixPak {
-  config = {
+  config =
+    {
      config,
      sloth,
      ...
-  }: {
+    }:
+    {
      app = {
        package = pkgs.firefox-wayland;
        binPath = "bin/firefox";
@@ -61,7 +63,10 @@ mkNixPak {
        ];
        bind.ro = [
          "/sys/bus/pci"
-        ["${config.app.package}/lib/firefox" "/app/etc/firefox"]
+          [
+            "${config.app.package}/lib/firefox"
+            "/app/etc/firefox"
+          ]

          # ================ for browserpass extension ===============================
          "/etc/gnupg"
--- a/hardening/nixpaks/modules/gui-base.nix
+++ b/hardening/nixpaks/modules/gui-base.nix
@@ -5,12 +5,14 @@
  pkgs,
  sloth,
  ...
-}: let
+}:
+let
  envSuffix = envKey: suffix: sloth.concat' (sloth.env envKey) suffix;
  # cursor & icon's theme should be the same as the host's one.
  cursorTheme = pkgs.bibata-cursors;
  iconTheme = pkgs.papirus-icon-theme;
-in {
+in
+{
  config = {
    dbus.policies = {
      "${config.flatpak.appId}" = "own";
@@ -89,15 +91,19 @@ in {
      ];

      env = {
-        XDG_DATA_DIRS = lib.mkForce (lib.makeSearchPath "share" [
+        XDG_DATA_DIRS = lib.mkForce (
+          lib.makeSearchPath "share" [
            iconTheme
            cursorTheme
            pkgs.shared-mime-info
-        ]);
-        XCURSOR_PATH = lib.mkForce (lib.concatStringsSep ":" [
+          ]
+        );
+        XCURSOR_PATH = lib.mkForce (
+          lib.concatStringsSep ":" [
            "${cursorTheme}/share/icons"
            "${cursorTheme}/share/pixmaps"
-        ]);
+          ]
+        );
      };
    };
  };
--- a/hardening/nixpaks/modules/network.nix
+++ b/hardening/nixpaks/modules/network.nix
@@ -2,7 +2,7 @@
 {
  etc.sslCertificates.enable = true;
  bubblewrap = {
-    bind.ro = ["/etc/resolv.conf"];
+    bind.ro = [ "/etc/resolv.conf" ];
    network = true;
  };
 }
--- a/hardening/nixpaks/qq-desktop-item.nix
+++ b/hardening/nixpaks/qq-desktop-item.nix
@@ -12,6 +12,6 @@ makeDesktopItem {
  #   tree $"($p)/share/icons"
  icon = "${qq}/share/icons/hicolor/512x512/apps/qq.png";
  type = "Application";
-  categories = ["Network"];
+  categories = [ "Network" ];
  comment = "QQ boxed";
 }
--- a/hardening/nixpaks/qq.nix
+++ b/hardening/nixpaks/qq.nix
@@ -10,11 +10,13 @@
  ...
 }:
 mkNixPak {
-  config = {sloth, ...}: {
+  config =
+    { sloth, ... }:
+    {
      app = {
        package = pkgs.qq.override {
          # fix fcitx5 input method
-        commandLineArgs = lib.concatStringsSep " " ["--enable-wayland-ime"];
+          commandLineArgs = lib.concatStringsSep " " [ "--enable-wayland-ime" ];
        };
        binPath = "bin/qq";
      };
@@ -45,7 +47,12 @@ mkNixPak {
        bind.rw = [
          # given the read write permission to the following directories.
          # NOTE: sloth.mkdir is used to create the directory if it does not exist!
-        (sloth.mkdir (sloth.concat [sloth.xdgConfigHome "/QQ"]))
+          (sloth.mkdir (
+            sloth.concat [
+              sloth.xdgConfigHome
+              "/QQ"
+            ]
+          ))

          sloth.xdgDocumentsDir
          sloth.xdgDownloadDir
--- a/hardening/profiles/default.nix
+++ b/hardening/profiles/default.nix
@@ -1,4 +1,5 @@
-{modulesPath, ...}: {
+{ modulesPath, ... }:
+{
  imports = [
    (modulesPath + "/profiles/hardened.nix")
  ];
--- a/home/base/core/core.nix
+++ b/home/base/core/core.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  home.packages = with pkgs; [
    # Misc
    cowsay
@@ -12,7 +13,7 @@
    # search for files by name, faster than find
    fd
    # search for files by its content, replacement of grep
-    (ripgrep.override {withPCRE2 = true;})
+    (ripgrep.override { withPCRE2 = true; })

    # A fast and polyglot tool for code searching, linting, rewriting at large scale
    # supported languages: only some mainstream languages currently(do not support nix/nginx/yaml/toml/...)
--- a/home/base/core/default.nix
+++ b/home/base/core/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/base/core/editors/default.nix
+++ b/home/base/core/editors/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/base/core/editors/helix/default.nix
+++ b/home/base/core/editors/helix/default.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  programs.helix = {
    enable = true;
  };
--- a/home/base/core/editors/neovim/default.nix
+++ b/home/base/core/editors/neovim/default.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  programs = {
    neovim = {
      enable = true;
--- a/home/base/core/git.nix
+++ b/home/base/core/git.nix
@@ -4,12 +4,13 @@
  pkgs,
  myvars,
  ...
-}: {
+}:
+{
  # `programs.git` will generate the config file: ~/.config/git/config
  # to make git use this config file, `~/.gitconfig` should not exist!
  #
  #    https://git-scm.com/docs/git-config#Documentation/git-config.txt---global
-  home.activation.removeExistingGitconfig = lib.hm.dag.entryBefore ["checkLinkTargets"] ''
+  home.activation.removeExistingGitconfig = lib.hm.dag.entryBefore [ "checkLinkTargets" ] ''
    rm -f ${config.home.homeDirectory}/.gitconfig
  '';

--- a/home/base/core/npm.nix
+++ b/home/base/core/npm.nix
@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
  # make `npm install -g <pkg>` happey
  #
  # mainly used to install npm packages that updates frequently
--- a/home/base/core/shells/default.nix
+++ b/home/base/core/shells/default.nix
@@ -1,4 +1,5 @@
-{config, ...}: let
+{ config, ... }:
+let
  shellAliases = {
    k = "kubectl";

@@ -10,7 +11,8 @@
  goBin = "${config.home.homeDirectory}/go/bin";
  rustBin = "${config.home.homeDirectory}/.cargo/bin";
  npmBin = "${config.home.homeDirectory}/.npm/bin";
-in {
+in
+{
  programs.bash = {
    enable = true;
    enableCompletion = true;
--- a/home/base/core/theme.nix
+++ b/home/base/core/theme.nix
@@ -1,4 +1,5 @@
-{catppuccin, ...}: {
+{ catppuccin, ... }:
+{
  # https://github.com/catppuccin/nix
  imports = [
    catppuccin.homeModules.catppuccin
--- a/home/base/core/yazi.nix
+++ b/home/base/core/yazi.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  # terminal file manager
  programs.yazi = {
    enable = true;
--- a/home/base/core/zellij/default.nix
+++ b/home/base/core/zellij/default.nix
@@ -2,7 +2,8 @@ let
  shellAliases = {
    "zj" = "zellij";
  };
-in {
+in
+{
  programs.zellij = {
    enable = true;
  };
--- a/home/base/gui/default.nix
+++ b/home/base/gui/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/base/gui/dev-tools.nix
+++ b/home/base/gui/dev-tools.nix
@@ -1,5 +1,7 @@
-{pkgs, ...}: {
-  home.packages = with pkgs;
+{ pkgs, ... }:
+{
+  home.packages =
+    with pkgs;
    [
      mitmproxy # http/https proxy tool
      wireshark # network analyzer
--- a/home/base/gui/terminal/alacritty/default.nix
+++ b/home/base/gui/terminal/alacritty/default.nix
@@ -52,10 +52,7 @@
        bold_italic = {
          family = "Maple Mono NF CN";
        };
-        size =
-          if pkgs.stdenv.isDarwin
-          then 14
-          else 13;
+        size = if pkgs.stdenv.isDarwin then 14 else 13;
      };
      terminal = {
        # Spawn a nushell in login mode via `bash`
--- a/home/base/gui/terminal/default.nix
+++ b/home/base/gui/terminal/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/base/gui/terminal/foot.nix
+++ b/home/base/gui/terminal/foot.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  programs.foot = {
    # foot is designed only for Linux
    enable = pkgs.stdenv.isLinux;
--- a/home/base/gui/terminal/ghostty.nix
+++ b/home/base/gui/terminal/ghostty.nix
@@ -12,9 +12,10 @@
  programs.ghostty = {
    enable = true;
    package =
-      if pkgs.stdenv.isDarwin
-      then pkgs.hello # pkgs.ghostty is currently broken on darwin
-      else pkgs.ghostty; # the stable version
+      if pkgs.stdenv.isDarwin then
+        pkgs.hello # pkgs.ghostty is currently broken on darwin
+      else
+        pkgs.ghostty; # the stable version
    # package = ghostty.packages.${pkgs.system}.default; # the latest version
    enableBashIntegration = false;
    installBatSyntax = false;
--- a/home/base/gui/terminal/kitty.nix
+++ b/home/base/gui/terminal/kitty.nix
@@ -19,10 +19,7 @@
    font = {
      name = "Maple Mono NF CN";
      # use different font size on macOS
-      size =
-        if pkgs.stdenv.isDarwin
-        then 14
-        else 13;
+      size = if pkgs.stdenv.isDarwin then 14 else 13;
    };

    # consistent with other terminal emulators
@@ -48,6 +45,6 @@
    };

    # macOS specific settings
-    darwinLaunchOptions = ["--start-as=maximized"];
+    darwinLaunchOptions = [ "--start-as=maximized" ];
  };
 }
--- a/home/base/home.nix
+++ b/home/base/home.nix
@@ -1,4 +1,5 @@
-{myvars, ...}: {
+{ myvars, ... }:
+{
  # Home Manager needs a bit of information about you and the
  # paths it should manage.
  home = {
--- a/home/base/tui/cloud/default.nix
+++ b/home/base/tui/cloud/default.nix
@@ -2,7 +2,8 @@
  lib,
  pkgs,
  ...
-}: {
+}:
+{
  # https://developer.hashicorp.com/terraform/cli/config/config-file
  home.file.".terraformrc".source = ./terraformrc;

@@ -30,9 +31,12 @@
    # digitalocean
    doctl
    # google cloud
-    (google-cloud-sdk.withExtraComponents (with google-cloud-sdk.components; [
+    (google-cloud-sdk.withExtraComponents (
+      with google-cloud-sdk.components;
+      [
        gke-gcloud-auth-plugin
-    ]))
+      ]
+    ))

    # cloud tools that nix do not have cache for.
    terraform
--- a/home/base/tui/container.nix
+++ b/home/base/tui/container.nix
@@ -3,7 +3,8 @@
  pkgs-unstable,
  nur-ryan4yin,
  ...
-}: {
+}:
+{
  home.packages = with pkgs; [
    podman-compose
    dive # explore docker layers
--- a/home/base/tui/default.nix
+++ b/home/base/tui/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/base/tui/dev-tools.nix
+++ b/home/base/tui/dev-tools.nix
@@ -2,7 +2,8 @@
  pkgs,
  pkgs-unstable,
  ...
-}: {
+}:
+{
  #############################################################
  #
  #  Basic settings for development environment
--- a/home/base/tui/editors/default.nix
+++ b/home/base/tui/editors/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/base/tui/editors/helix/default.nix
+++ b/home/base/tui/editors/helix/default.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  programs.helix = {
    enable = true;
    package = pkgs.helix;
--- a/home/base/tui/editors/neovim/default.nix
+++ b/home/base/tui/editors/neovim/default.nix
@@ -18,7 +18,8 @@ let
  # the path to nvim directory
  # to make this symlink work, we need to git clone this repo to your home directory.
  configPath = "${config.home.homeDirectory}/nix-config/home/base/tui/editors/neovim/nvim";
-in {
+in
+{
  xdg.configFile."nvim".source = config.lib.file.mkOutOfStoreSymlink configPath;
  # Disable catppuccin to avoid conflict with my non-nix config.
  catppuccin.nvim.enable = false;
--- a/home/base/tui/editors/packages.nix
+++ b/home/base/tui/editors/packages.nix
@@ -2,8 +2,11 @@
  pkgs,
  pkgs-unstable,
  ...
-}: {
-  home.packages = with pkgs; (
+}:
+{
+  home.packages =
+    with pkgs;
+    (
      # -*- Data & Configuration Languages -*-#
      [
        #-- nix
@@ -64,8 +67,7 @@
          uv # python project package manager
          pyright # python language server
          (python313.withPackages (
-        ps:
-          with ps; [
+            ps: with ps; [
              ruff
              black # python formatter
              # debugpy
@@ -148,7 +150,7 @@
        nodePackages.prettier # common code formatter
        fzf
        gdu # disk usage analyzer, required by AstroNvim
-      (ripgrep.override {withPCRE2 = true;}) # recursively searches directories for a regex pattern
+        (ripgrep.override { withPCRE2 = true; }) # recursively searches directories for a regex pattern
      ]
    );
 }
--- a/home/base/tui/encryption/default.nix
+++ b/home/base/tui/encryption/default.nix
@@ -2,7 +2,8 @@
  pkgs,
  pkgs-unstable,
  ...
-}: {
+}:
+{
  home.packages = with pkgs; [
    age
    sops
--- a/home/base/tui/gpg/default.nix
+++ b/home/base/tui/gpg/default.nix
@@ -2,7 +2,8 @@
  config,
  mysecrets,
  ...
-}: {
+}:
+{
  programs.gpg = {
    enable = true;
    homedir = "${config.home.homeDirectory}/.gnupg";
--- a/home/base/tui/password-store/default.nix
+++ b/home/base/tui/password-store/default.nix
@@ -3,9 +3,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  passwordStoreDir = "${config.xdg.dataHome}/password-store";
-in {
+in
+{
  programs.password-store = {
    enable = true;
    package = pkgs.pass.withExtensions (exts: [
--- a/home/base/tui/shell.nix
+++ b/home/base/tui/shell.nix
@@ -2,9 +2,11 @@
  config,
  pkgs-unstable,
  ...
-}: let
+}:
+let
  inherit (pkgs-unstable) nu_scripts;
-in {
+in
+{
  programs.nushell = {
    # load the alias file for work
    # the file must exist, otherwise nushell will complain about it!
--- a/home/base/tui/ssh.nix
+++ b/home/base/tui/ssh.nix
@@ -2,7 +2,8 @@
  config,
  mysecrets,
  ...
-}: {
+}:
+{
  home.file.".ssh/romantic.pub".source = "${mysecrets}/public/romantic.pub";

  programs.ssh = {
--- a/home/base/tui/zellij/default.nix
+++ b/home/base/tui/zellij/default.nix
@@ -1,8 +1,10 @@
-{pkgs, ...}: let
+{ pkgs, ... }:
+let
  shellAliases = {
    "zj" = "zellij";
  };
-in {
+in
+{
  programs.zellij = {
    enable = true;
    package = pkgs.zellij;
--- a/home/darwin/aerospace/default.nix
+++ b/home/darwin/aerospace/default.nix
@@ -1,5 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
  home.file.".aerospace.toml".source =
-    config.lib.file.mkOutOfStoreSymlink
-    "${config.home.homeDirectory}/nix-config/home/darwin/aerospace/aerospace.toml";
+    config.lib.file.mkOutOfStoreSymlink "${config.home.homeDirectory}/nix-config/home/darwin/aerospace/aerospace.toml";
 }
--- a/home/darwin/default.nix
+++ b/home/darwin/default.nix
@@ -2,11 +2,10 @@
  mylib,
  myvars,
  ...
-}: {
+}:
+{
  home.homeDirectory = "/Users/${myvars.username}";
-  imports =
-    (mylib.scanPaths ./.)
-    ++ [
+  imports = (mylib.scanPaths ./.) ++ [
    ../base/core
    ../base/tui
    ../base/gui
--- a/home/darwin/proxy/default.nix
+++ b/home/darwin/proxy/default.nix
@@ -2,12 +2,12 @@
  config,
  pkgs,
  ...
-}: {
+}:
+{
  home.packages = with pkgs; [
    clash-meta
  ];

  home.file.".proxychains/proxychains.conf".source =
-    config.lib.file.mkOutOfStoreSymlink
-    "${config.home.homeDirectory}/nix-config/home/darwin/proxy/proxychains.conf";
+    config.lib.file.mkOutOfStoreSymlink "${config.home.homeDirectory}/nix-config/home/darwin/proxy/proxychains.conf";
 }
--- a/home/darwin/rime-squirrel.nix
+++ b/home/darwin/rime-squirrel.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  # Squirrel Input Method
  home.file."Library/Rime" = {
    # my custom squirrel data (flypy input method)
--- a/home/darwin/shell.nix
+++ b/home/darwin/shell.nix
@@ -1,4 +1,5 @@
-{lib, ...}: let
+{ lib, ... }:
+let
  envExtra = ''
    export PATH="$PATH:/opt/homebrew/bin:/usr/local/bin"
  '';
@@ -20,7 +21,8 @@
      true
    fi
  '';
-in {
+in
+{
  # Homebrew's default install location:
  #   /opt/homebrew for Apple Silicon
  #   /usr/local for macOS Intel
--- a/home/linux/base/default.nix
+++ b/home/linux/base/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/linux/base/shell.nix
+++ b/home/linux/base/shell.nix
@@ -2,11 +2,13 @@
  config,
  myvars,
  ...
-}: let
+}:
+let
  d = config.xdg.dataHome;
  c = config.xdg.configHome;
  cache = config.xdg.cacheHome;
-in rec {
+in
+rec {
  home.homeDirectory = "/home/${myvars.username}";

  # environment variables that always set at login
--- a/home/linux/base/tools.nix
+++ b/home/linux/base/tools.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  # Linux Only Packages, not available on Darwin
  home.packages = with pkgs; [
    # misc
--- a/home/linux/gui/base/creative.nix
+++ b/home/linux/gui/base/creative.nix
@@ -6,8 +6,10 @@
  nur-ryan4yin,
  blender-bin,
  ...
-}: {
-  home.packages = with pkgs;
+}:
+{
+  home.packages =
+    with pkgs;
    [
      # creative
      # gimp      # image editing, I prefer using figma in browser instead of this one
@@ -41,7 +43,8 @@
    # live streaming
    obs-studio = {
      enable = pkgs.stdenv.isx86_64;
-      plugins = with pkgs.obs-studio-plugins;
+      plugins =
+        with pkgs.obs-studio-plugins;
        [
          # screen capture
          wlrobs
--- a/home/linux/gui/base/default.nix
+++ b/home/linux/gui/base/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/linux/gui/base/dev-tools.nix
+++ b/home/linux/gui/base/dev-tools.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  home.packages = with pkgs; [
    android-tools
  ];
--- a/home/linux/gui/base/eye-protection.nix
+++ b/home/linux/gui/base/eye-protection.nix
@@ -2,7 +2,8 @@
  pkgs,
  lib,
  ...
-}: {
+}:
+{
  # Adjust the color temperature(& brightness) of your screen according to
  # your surroundings. This may help your eyes hurt less if you are
  # working in front of the screen at night.
--- a/home/linux/gui/base/fcitx5/default.nix
+++ b/home/linux/gui/base/fcitx5/default.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  xdg.configFile = {
    "fcitx5/profile" = {
      source = ./profile;
--- a/home/linux/gui/base/games.nix
+++ b/home/linux/gui/base/games.nix
@@ -2,7 +2,8 @@
  pkgs,
  nix-gaming,
  ...
-}: {
+}:
+{
  home.packages = with pkgs; [
    # nix-gaming.packages.${pkgs.system}.osu-laser-bin
    gamescope # SteamOS session compositing window manager
--- a/home/linux/gui/base/gtk.nix
+++ b/home/linux/gui/base/gtk.nix
@@ -2,7 +2,8 @@
  pkgs,
  config,
  ...
-}: {
+}:
+{
  # If your themes for mouse cursor, icons or windows don’t load correctly,
  # try setting them with home.pointerCursor and gtk.theme,
  # which enable a bunch of compatibility options that should make the themes load in all situations.
--- a/home/linux/gui/base/immutable-file.nix
+++ b/home/linux/gui/base/immutable-file.nix
@@ -16,7 +16,8 @@
 #  TODO not used yet, need to test it.
 #
 ##############################################################################################
-with lib; let
+with lib;
+let
  cfg = config.home.immutable-file;
  immutableFileOpts = _: {
    options = {
@@ -42,24 +43,25 @@ with lib; let
    sudo cp $2 $1
    sudo chattr +i $1
  '';
-in {
+in
+{
  options.home.immutable-file = mkOption {
    type = with types; attrsOf (submodule immutableFileOpts);
-    default = {};
+    default = { };
  };

-  config = mkIf (cfg != {}) {
-    home.activation =
-      mapAttrs'
-      (name: {
+  config = mkIf (cfg != { }) {
+    home.activation = mapAttrs' (
+      name:
+      {
        src,
        dst,
      }:
-        nameValuePair
-        "make-immutable-${name}"
-        (lib.hm.dag.entryAfter ["writeBoundary"] ''
+      nameValuePair "make-immutable-${name}" (
+        lib.hm.dag.entryAfter [ "writeBoundary" ] ''
          ${mkImmutableFile} ${dst} ${src}
-        ''))
-      cfg;
+        ''
+      )
+    ) cfg;
  };
 }
--- a/home/linux/gui/base/media.nix
+++ b/home/linux/gui/base/media.nix
@@ -6,7 +6,8 @@
 }:
 # media - control and enjoy audio/video
 {
-  home.packages = with pkgs;
+  home.packages =
+    with pkgs;
    [
      # audio control
      pavucontrol
@@ -22,13 +23,13 @@
      nvitop
    ]
    ++ (lib.optionals pkgs.stdenv.isx86_64 [
-      (zoom-us.override {hyprlandXdgDesktopPortalSupport = true;})
+      (zoom-us.override { hyprlandXdgDesktopPortalSupport = true; })
    ]);

  programs.mpv = {
    enable = true;
-    defaultProfiles = ["gpu-hq"];
-    scripts = [pkgs.mpvScripts.mpris];
+    defaultProfiles = [ "gpu-hq" ];
+    scripts = [ pkgs.mpvScripts.mpris ];
  };

  services = {
--- a/home/linux/gui/base/misc.nix
+++ b/home/linux/gui/base/misc.nix
@@ -2,7 +2,8 @@
  pkgs,
  pkgs-unstable,
  ...
-}: {
+}:
+{
  home.packages = with pkgs; [
    # GUI apps
    # e-book viewer(.epub/.mobi/...)
--- a/home/linux/gui/base/note-taking.nix
+++ b/home/linux/gui/base/note-taking.nix
@@ -1,5 +1,8 @@
-{pkgs, ...}: {
-  home.packages = with pkgs; (lib.optionals pkgs.stdenv.isx86_64 [
+{ pkgs, ... }:
+{
+  home.packages =
+    with pkgs;
+    (lib.optionals pkgs.stdenv.isx86_64 [
      # https://joplinapp.org/help/
      joplin # joplin-cli
      joplin-desktop
--- a/home/linux/gui/base/wallpaper/default.nix
+++ b/home/linux/gui/base/wallpaper/default.nix
@@ -4,18 +4,28 @@
  lib,
  wallpapers,
  ...
-}: {
+}:
+{
  systemd.user.services.wallpaper = {
    Unit = {
      Description = "Wallpaper Switcher daemon";
-      After = ["graphical-session-pre.target" "xdg-desktop-autostart.target"];
-      Wants = ["graphical-session-pre.target"];
+      After = [
+        "graphical-session-pre.target"
+        "xdg-desktop-autostart.target"
+      ];
+      Wants = [ "graphical-session-pre.target" ];
    };
-    Install.WantedBy = ["graphical-session.target"];
+    Install.WantedBy = [ "graphical-session.target" ];
    Service = {
-      ExecStart = lib.getExe (pkgs.writeShellApplication {
+      ExecStart = lib.getExe (
+        pkgs.writeShellApplication {
          name = "wallpaper";
-        runtimeInputs = with pkgs; [procps feh swaybg python3];
+          runtimeInputs = with pkgs; [
+            procps
+            feh
+            swaybg
+            python3
+          ];
          text = ''
            export WALLPAPERS_DIR="${wallpapers}"
            export WALLPAPERS_STATE_FILEPATH="${config.xdg.stateHome}/wallpaper-switcher/switcher_state"
@@ -23,7 +33,8 @@
            export WALLPAPER_WAIT_MAX=180
            exec ${./wallpaper-switcher.py}
          '';
-      });
+        }
+      );
      RestartSec = 3;
      Restart = "on-failure";
    };
--- a/home/linux/gui/base/xdg.nix
+++ b/home/linux/gui/base/xdg.nix
@@ -6,7 +6,8 @@
  config,
  pkgs,
  ...
-}: {
+}:
+{
  home.packages = with pkgs; [
    xdg-utils # provides cli tools such as `xdg-mime` `xdg-open`
    xdg-user-dirs
@@ -31,10 +32,20 @@
    mimeApps = {
      enable = true;
      # let `xdg-open` to open the url with the correct application.
-      defaultApplications = let
-        browser = ["google-chrome.desktop" "firefox.desktop"];
-        editor = ["nvim.desktop" "Helix.desktop" "code.desktop" "code-insiders.desktop"];
-      in {
+      defaultApplications =
+        let
+          browser = [
+            "google-chrome.desktop"
+            "firefox.desktop"
+          ];
+          editor = [
+            "nvim.desktop"
+            "Helix.desktop"
+            "code.desktop"
+            "code-insiders.desktop"
+          ];
+        in
+        {
          "application/json" = browser;
          "application/pdf" = browser; # TODO: pdf viewer

@@ -59,24 +70,24 @@
          "x-scheme-handler/http" = browser;
          "x-scheme-handler/https" = browser;
          # https://github.com/microsoft/vscode/issues/146408
-        "x-scheme-handler/vscode" = ["code-url-handler.desktop"]; # open `vscode://` url with `code-url-handler.desktop`
-        "x-scheme-handler/vscode-insiders" = ["code-insiders-url-handler.desktop"]; # open `vscode-insiders://` url with `code-insiders-url-handler.desktop`
-        "x-scheme-handler/zoommtg" = ["Zoom.desktop"];
+          "x-scheme-handler/vscode" = [ "code-url-handler.desktop" ]; # open `vscode://` url with `code-url-handler.desktop`
+          "x-scheme-handler/vscode-insiders" = [ "code-insiders-url-handler.desktop" ]; # open `vscode-insiders://` url with `code-insiders-url-handler.desktop`
+          "x-scheme-handler/zoommtg" = [ "Zoom.desktop" ];

          # all other unknown schemes will be opened by this default application.
          # "x-scheme-handler/unknown" = editor;

-        "x-scheme-handler/tg" = ["org.telegram.desktop.desktop "];
+          "x-scheme-handler/tg" = [ "org.telegram.desktop.desktop " ];

-        "audio/*" = ["mpv.desktop"];
-        "video/*" = ["mpv.desktop"];
-        "image/*" = ["imv-dir.desktop"];
-        "image/gif" = ["imv-dir.desktop"];
-        "image/jpeg" = ["imv-dir.desktop"];
-        "image/png" = ["imv-dir.desktop"];
-        "image/webp" = ["imv-dir.desktop"];
+          "audio/*" = [ "mpv.desktop" ];
+          "video/*" = [ "mpv.desktop" ];
+          "image/*" = [ "imv-dir.desktop" ];
+          "image/gif" = [ "imv-dir.desktop" ];
+          "image/jpeg" = [ "imv-dir.desktop" ];
+          "image/png" = [ "imv-dir.desktop" ];
+          "image/webp" = [ "imv-dir.desktop" ];

-        "inode/directory" = ["yazi.desktop"];
+          "inode/directory" = [ "yazi.desktop" ];
        };

      associations.removed = {
--- a/home/linux/gui/default.nix
+++ b/home/linux/gui/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/linux/gui/editors/default.nix
+++ b/home/linux/gui/editors/default.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  home.packages = with pkgs; [
    zed-editor
    code-cursor
--- a/home/linux/gui/hyprland/default.nix
+++ b/home/linux/gui/hyprland/default.nix
@@ -4,10 +4,12 @@
  lib,
  anyrun,
  ...
-} @ args:
-with lib; let
+}@args:
+with lib;
+let
  cfg = config.modules.desktop.hyprland;
-in {
+in
+{
  imports = [
    # anyrun.homeManagerModules.default # the module is already in hm now.
    ./options
@@ -16,7 +18,9 @@ in {
  options.modules.desktop.hyprland = {
    enable = mkEnableOption "hyprland compositor";
    settings = lib.mkOption {
-      type = with lib.types; let
+      type =
+        with lib.types;
+        let
          valueType =
            nullOr (oneOf [
              bool
@@ -32,16 +36,18 @@ in {
            };
        in
        valueType;
-      default = {};
+      default = { };
    };
  };

  config = mkIf cfg.enable (
-    mkMerge ([
+    mkMerge (
+      [
        {
          wayland.windowManager.hyprland.settings = cfg.settings;
        }
      ]
-      ++ (import ./values args))
+      ++ (import ./values args)
+    )
  );
 }
--- a/home/linux/gui/hyprland/options/default.nix
+++ b/home/linux/gui/hyprland/options/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/home/linux/gui/hyprland/options/nvidia.nix
+++ b/home/linux/gui/hyprland/options/nvidia.nix
@@ -3,9 +3,11 @@
  lib,
  ...
 }:
-with lib; let
+with lib;
+let
  cfg = config.modules.desktop.hyprland;
-in {
+in
+{
  options.modules.desktop.hyprland = {
    nvidia = mkEnableOption "whether nvidia GPU is used";
  };
--- a/home/linux/gui/hyprland/values/anyrun.nix
+++ b/home/linux/gui/hyprland/values/anyrun.nix
@@ -2,7 +2,8 @@
  pkgs,
  anyrun,
  ...
-}: {
+}:
+{
  programs.anyrun = {
    enable = true;
    config = {
--- a/home/linux/gui/hyprland/values/default.nix
+++ b/home/linux/gui/hyprland/values/default.nix
@@ -1,4 +1 @@
-{mylib, ...} @ args:
-map
-(path: import path args)
-(mylib.scanPaths ./.)
+{ mylib, ... }@args: map (path: import path args) (mylib.scanPaths ./.)
--- a/home/linux/gui/hyprland/values/hyprland.nix
+++ b/home/linux/gui/hyprland/values/hyprland.nix
@@ -2,13 +2,17 @@
  pkgs,
  config,
  ...
-}: let
+}:
+let
  package = pkgs.hyprland;
-in {
-  xdg.configFile = let
+in
+{
+  xdg.configFile =
+    let
      mkSymlink = config.lib.file.mkOutOfStoreSymlink;
      hyprPath = "${config.home.homeDirectory}/nix-config/home/linux/gui/hyprland/conf";
-  in {
+    in
+    {
      "mako".source = mkSymlink "${hyprPath}/mako";
      "waybar".source = mkSymlink "${hyprPath}/waybar";
      "wlogout".source = mkSymlink "${hyprPath}/wlogout";
@@ -46,9 +50,11 @@ in {
    inherit package;
    enable = true;
    settings = {
-      source = let
+      source =
+        let
          configPath = "${config.home.homeDirectory}/.config/hypr/configs";
-      in [
+        in
+        [
          "${configPath}/exec.conf"
          "${configPath}/fcitx5.conf"
          "${configPath}/keybindings.conf"
@@ -71,7 +77,7 @@ in {
    # gammastep/wallpaper-switcher need this to be enabled.
    systemd = {
      enable = true;
-      variables = ["--all"];
+      variables = [ "--all" ];
    };
  };

--- a/home/linux/gui/hyprland/values/packages.nix
+++ b/home/linux/gui/hyprland/values/packages.nix
@@ -1,8 +1,8 @@
 {
  pkgs,
  ...
-}: {
-
+}:
+{

  home.packages = with pkgs; [
    swaybg # the wallpaper
--- a/home/linux/gui/hyprland/values/wayland-apps.nix
+++ b/home/linux/gui/hyprland/values/wayland-apps.nix
@@ -1,7 +1,8 @@
 {
  pkgs,
  ...
-}: {
+}:
+{
  home.packages = with pkgs; [
    # firefox-wayland
    nixpaks.firefox
@@ -31,9 +32,7 @@

    vscode = {
      enable = true;
-      package =
-        pkgs.vscode.override
-        {
+      package = pkgs.vscode.override {
        isInsiders = false;
        # https://wiki.archlinux.org/title/Wayland#Electron
        commandLineArgs = [
--- a/home/linux/gui/hyprland/values/xdg.nix
+++ b/home/linux/gui/hyprland/values/xdg.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  xdg.portal = {
    enable = true;

--- a/hosts/12kingdoms-shoukei/hardware-configuration.nix
+++ b/hosts/12kingdoms-shoukei/hardware-configuration.nix
@@ -24,7 +24,10 @@ in
  boot.loader.efi.efiSysMountPoint = "/boot";

  # Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
-  boot.binfmt.emulatedSystems = ["x86_64-linux" "riscv64-linux"];
+  boot.binfmt.emulatedSystems = [
+    "x86_64-linux"
+    "riscv64-linux"
+  ];
  # supported file systems, so we can mount any removable disks with these filesystems
  boot.supportedFilesystems = lib.mkForce [
    "ext4"
--- a/hosts/darwin-fern/default.nix
+++ b/hosts/darwin-fern/default.nix
@@ -6,7 +6,8 @@ _:
 #############################################################
 let
  hostname = "fern";
-in {
+in
+{
  networking.hostName = hostname;
  networking.computerName = hostname;
  system.defaults.smb.NetBIOSName = hostname;
--- a/hosts/darwin-fern/home.nix
+++ b/hosts/darwin-fern/home.nix
@@ -1,5 +1,8 @@
-{config, ...}: let
+{ config, ... }:
+let
  hostName = "fern";
-in {
-  programs.ssh.matchBlocks."github.com".identityFile = "${config.home.homeDirectory}/.ssh/${hostName}";
+in
+{
+  programs.ssh.matchBlocks."github.com".identityFile =
+    "${config.home.homeDirectory}/.ssh/${hostName}";
 }
--- a/hosts/darwin-frieren/default.nix
+++ b/hosts/darwin-frieren/default.nix
@@ -6,7 +6,8 @@ _:
 #############################################################
 let
  hostname = "frieren";
-in {
+in
+{
  networking.hostName = hostname;
  networking.computerName = hostname;
  system.defaults.smb.NetBIOSName = hostname;
--- a/hosts/darwin-frieren/home.nix
+++ b/hosts/darwin-frieren/home.nix
@@ -1,5 +1,8 @@
-{config, ...}: let
+{ config, ... }:
+let
  hostName = "frieren";
-in {
-  programs.ssh.matchBlocks."github.com".identityFile = "${config.home.homeDirectory}/.ssh/${hostName}";
+in
+{
+  programs.ssh.matchBlocks."github.com".identityFile =
+    "${config.home.homeDirectory}/.ssh/${hostName}";
 }
--- a/hosts/idols-ai/ai/default.nix
+++ b/hosts/idols-ai/ai/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/hosts/idols-ai/ai/ollama.nix
+++ b/hosts/idols-ai/ai/ollama.nix
@@ -2,13 +2,15 @@
  pkgs,
  nixpkgs-ollama,
  ...
-}: let
+}:
+let
  pkgs-ollama = import nixpkgs-ollama {
    inherit (pkgs) system;
    # To use cuda, we need to allow the installation of non-free software
    config.allowUnfree = true;
  };
-in {
+in
+{
  services.ollama = rec {
    enable = true;
    package = pkgs-ollama.ollama;
--- a/hosts/idols-ai/default.nix
+++ b/hosts/idols-ai/default.nix
@@ -1,4 +1,4 @@
-{myvars, ...}:
+{ myvars, ... }:
 #############################################################
 #
 #  Ai - my main computer, with NixOS + I5-13600KF + RTX 4090 GPU, for gaming & daily use.
@@ -11,7 +11,8 @@ let
  inherit (myvars.networking.hostsAddr.${hostName}) iface ipv4 ipv6;
  ipv4WithMask = "${ipv4}/24";
  ipv6WithMask = "${ipv6}/64";
-in {
+in
+{
  imports = [
    ./netdev-mount.nix
    # Include the results of the hardware scan.
@@ -35,9 +36,12 @@ in {
  systemd.network.enable = true;

  systemd.network.networks."10-${iface}" = {
-    matchConfig.Name = [iface];
+    matchConfig.Name = [ iface ];
    networkConfig = {
-      Address = [ipv4WithMask ipv6WithMask];
+      Address = [
+        ipv4WithMask
+        ipv6WithMask
+      ];
      DNS = nameservers;
      DHCP = "ipv6"; # enable DHCPv6 only, so we can get a GUA.
      IPv6AcceptRA = true; # for Stateless IPv6 Autoconfiguraton (SLAAC)
--- a/hosts/idols-ai/game/default.nix
+++ b/hosts/idols-ai/game/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/hosts/idols-ai/game/gamemode.nix
+++ b/hosts/idols-ai/game/gamemode.nix
@@ -5,7 +5,8 @@
  nix-gaming,
  lib,
  ...
-}: let
+}:
+let
  programs = lib.makeBinPath [
    config.programs.hyprland.package
    pkgs.coreutils
@@ -25,7 +26,8 @@
    hyprctl --batch 'keyword decoration:blur 1 ; keyword animations:enabled 1 ; keyword misc:vfr 1'
    powerprofilesctl set power-saver
  '';
-in {
+in
+{
  # Optimise Linux system performance on demand
  # https://github.com/FeralInteractive/GameMode
  # https://wiki.archlinux.org/title/Gamemode
--- a/hosts/idols-ai/game/steam.nix
+++ b/hosts/idols-ai/game/steam.nix
@@ -1,5 +1,6 @@
 # https://github.com/fufexan/dotfiles/blob/483680e/system/programs/steam.nix
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  # https://wiki.archlinux.org/title/steam
  # Games installed by Steam works fine on NixOS, no other configuration needed.
  programs.steam = {
@@ -15,8 +16,8 @@

    # fix gamescope inside steam
    package = pkgs.steam.override {
-      extraPkgs = pkgs:
-        with pkgs; [
+      extraPkgs =
+        pkgs: with pkgs; [
          xorg.libXcursor
          xorg.libXi
          xorg.libXinerama
--- a/hosts/idols-ai/hardware-configuration.nix
+++ b/hosts/idols-ai/hardware-configuration.nix
@@ -7,7 +7,8 @@
  pkgs,
  modulesPath,
  ...
-}: {
+}:
+{
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];
@@ -21,16 +22,26 @@
  boot.kernelPackages = pkgs.linuxPackages_latest;
  # boot.kernelPackages = pkgs.linuxPackages_xanmod_latest;

-  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
-  boot.initrd.kernelModules = [];
-  boot.kernelModules = ["kvm-intel"]; # kvm virtualization support
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "nvme"
+    "usbhid"
+    "usb_storage"
+    "sd_mod"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ]; # kvm virtualization support
  boot.extraModprobeConfig = "options kvm_intel nested=1"; # for intel cpu
-  boot.extraModulePackages = [];
+  boot.extraModulePackages = [ ];
  # clear /tmp on boot to get a stateless /tmp directory.
  boot.tmp.cleanOnBoot = true;

  # Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
-  boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
+  boot.binfmt.emulatedSystems = [
+    "aarch64-linux"
+    "riscv64-linux"
+  ];
  # supported file systems, so we can mount any removable disks with these filesystems
  boot.supportedFilesystems = [
    "ext4"
@@ -67,7 +78,7 @@
    fsType = "btrfs";
    # btrfs's top-level subvolume, internally has an id 5
    # we can access all other subvolumes from this subvolume.
-    options = ["subvolid=5"];
+    options = [ "subvolid=5" ];
  };

  # equal to `mount -t tmpfs tmpfs /`
@@ -76,26 +87,40 @@
    fsType = "tmpfs";
    # set mode to 755, otherwise systemd will set it to 777, which cause problems.
    # relatime: Update inode access times relative to modify or change time.
-    options = ["relatime" "mode=755"];
+    options = [
+      "relatime"
+      "mode=755"
+    ];
  };

  fileSystems."/nix" = {
    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
    fsType = "btrfs";
-    options = ["subvol=@nix" "noatime" "compress-force=zstd:1"];
+    options = [
+      "subvol=@nix"
+      "noatime"
+      "compress-force=zstd:1"
+    ];
  };

  # for guix store, which use `/gnu/store` as its store directory.
  fileSystems."/gnu" = {
    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
    fsType = "btrfs";
-    options = ["subvol=@guix" "noatime" "compress-force=zstd:1"];
+    options = [
+      "subvol=@guix"
+      "noatime"
+      "compress-force=zstd:1"
+    ];
  };

  fileSystems."/persistent" = {
    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
    fsType = "btrfs";
-    options = ["subvol=@persistent" "compress-force=zstd:1"];
+    options = [
+      "subvol=@persistent"
+      "compress-force=zstd:1"
+    ];
    # preservation's data is required for booting.
    neededForBoot = true;
  };
@@ -103,30 +128,42 @@
  fileSystems."/snapshots" = {
    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
    fsType = "btrfs";
-    options = ["subvol=@snapshots" "compress-force=zstd:1"];
+    options = [
+      "subvol=@snapshots"
+      "compress-force=zstd:1"
+    ];
  };

  fileSystems."/tmp" = {
    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
    fsType = "btrfs";
-    options = ["subvol=@tmp" "compress-force=zstd:1"];
+    options = [
+      "subvol=@tmp"
+      "compress-force=zstd:1"
+    ];
  };

  # mount swap subvolume in readonly mode.
  fileSystems."/swap" = {
    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
    fsType = "btrfs";
-    options = ["subvol=@swap" "ro"];
+    options = [
+      "subvol=@swap"
+      "ro"
+    ];
  };

  # remount swapfile in read-write mode
  fileSystems."/swap/swapfile" = {
    # the swapfile is located in /swap subvolume, so we need to mount /swap first.
-    depends = ["/swap"];
+    depends = [ "/swap" ];

    device = "/swap/swapfile";
    fsType = "none";
-    options = ["bind" "rw"];
+    options = [
+      "bind"
+      "rw"
+    ];
  };

  fileSystems."/boot" = {
@@ -135,7 +172,7 @@
  };

  swapDevices = [
-    {device = "/swap/swapfile";}
+    { device = "/swap/swapfile"; }
  ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
--- a/hosts/idols-ai/home.nix
+++ b/hosts/idols-ai/home.nix
@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
  modules.desktop = {
    hyprland = {
      nvidia = true;
--- a/hosts/idols-ai/netdev-mount.nix
+++ b/hosts/idols-ai/netdev-mount.nix
@@ -2,7 +2,8 @@
  config,
  myvars,
  ...
-}: {
+}:
+{
  # supported file systems, so we can mount any removable disks with these filesystems
  boot.supportedFilesystems = [
    # "cifs"
--- a/hosts/idols-ai/nvidia.nix
+++ b/hosts/idols-ai/nvidia.nix
@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
  # ===============================================================================================
  # for Nvidia GPU
  # https://wiki.nixos.org/wiki/NVIDIA
@@ -10,7 +11,7 @@
    # enabling it is required to make Wayland compositors function properly.
    "nvidia-drm.fbdev=1"
  ];
-  services.xserver.videoDrivers = ["nvidia"]; # will install nvidia-vaapi-driver by default
+  services.xserver.videoDrivers = [ "nvidia" ]; # will install nvidia-vaapi-driver by default
  hardware.nvidia = {
    # Open-source kernel modules are preferred over and planned to steadily replace proprietary modules
    open = true;
--- a/hosts/idols-ai/preservation.nix
+++ b/hosts/idols-ai/preservation.nix
@@ -3,9 +3,11 @@
  pkgs,
  myvars,
  ...
-}: let
+}:
+let
  inherit (myvars) username;
-in {
+in
+{
  imports = [
    preservation.nixosModules.default
  ];
@@ -330,13 +332,15 @@ in {
  # Note that immediate parent directories of persisted files can also be
  # configured with ownership and permissions from the `parent` settings if
  # `configureParent = true` is set for the file.
-  systemd.tmpfiles.settings.preservation = let
+  systemd.tmpfiles.settings.preservation =
+    let
      permission = {
        user = username;
        group = "users";
        mode = "0755";
      };
-  in {
+    in
+    {
      "/home/${username}/.config".d = permission;
      "/home/${username}/.cache".d = permission;
      "/home/${username}/.local".d = permission;
@@ -350,7 +354,7 @@ in {
  # in this specific setup for a persistent machine-id so we disable it
  #
  # see the firstboot example below for an alternative approach
-  systemd.suppressedSystemUnits = ["systemd-machine-id-commit.service"];
+  systemd.suppressedSystemUnits = [ "systemd-machine-id-commit.service" ];

  # let the service commit the transient ID to the persistent volume
  systemd.services.systemd-machine-id-commit = {
--- a/hosts/idols-ai/secureboot.nix
+++ b/hosts/idols-ai/secureboot.nix
@@ -3,7 +3,8 @@
  lib,
  lanzaboote,
  ...
-}: {
+}:
+{
  # How to enter setup mode - msi motherboard
  ## 1. enter BIOS via [Del] Key
  ## 2. <Advance mode> => <Settings> => <Security> => <Secure Boot>
--- a/hosts/idols-aquamarine/caddy.nix
+++ b/hosts/idols-aquamarine/caddy.nix
@@ -3,7 +3,8 @@
  config,
  wallpapers,
  ...
-}: let
+}:
+let
  hostCommonConfig = ''
    encode zstd gzip
    tls ${../../certs/ecc-server.crt} ${config.age.secrets."caddy-ecc-server.key".path} {
@@ -11,7 +12,8 @@
      curves x25519 secp384r1 secp521r1
    }
  '';
-in {
+in
+{
  services.caddy = {
    enable = true;
    # Reload Caddy instead of restarting it when configuration file changes.
@@ -124,7 +126,10 @@ in {
    #   reverse_proxy http://localhost:9090
    # '';
  };
-  networking.firewall.allowedTCPPorts = [80 443];
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ];

  # Create Directories
  # https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html#Type
--- a/hosts/idols-aquamarine/default.nix
+++ b/hosts/idols-aquamarine/default.nix
@@ -17,10 +17,9 @@ let
  inherit (myvars.networking) defaultGateway defaultGateway6 nameservers;
  inherit (myvars.networking.hostsAddr.${hostName}) iface ipv4;
  ipv4WithMask = "${ipv4}/24";
-in {
-  imports =
-    (mylib.scanPaths ./.)
-    ++ [
+in
+{
+  imports = (mylib.scanPaths ./.) ++ [
    disko.nixosModules.default
  ];

@@ -42,7 +41,7 @@ in {
  zramSwap.memoryPercent = lib.mkForce 100;

  boot.kernelPackages = pkgs.linuxPackages_latest;
-  boot.kernelModules = ["kvm-amd"];
+  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModprobeConfig = "options kvm_amd nested=1"; # for amd cpu

  networking = {
@@ -57,9 +56,9 @@ in {
  systemd.network.enable = true;

  systemd.network.networks."10-${iface}" = {
-    matchConfig.Name = [iface];
+    matchConfig.Name = [ iface ];
    networkConfig = {
-      Address = [ipv4WithMask];
+      Address = [ ipv4WithMask ];
      DNS = nameservers;
      DHCP = "ipv6"; # enable DHCPv6 only, so we can get a GUA.
      IPv6AcceptRA = true; # for Stateless IPv6 Autoconfiguraton (SLAAC)
--- a/hosts/idols-aquamarine/disko-fs.nix
+++ b/hosts/idols-aquamarine/disko-fs.nix
@@ -3,8 +3,9 @@
 let
  cryptKeyFile = "/etc/agenix/hdd-luks-crypt-key";
  unlockDisk = "data-encrypted";
-in {
-  fileSystems."/data/fileshare/public".depends = ["/data/fileshare"];
+in
+{
+  fileSystems."/data/fileshare/public".depends = [ "/data/fileshare" ];

  # By adding this crypttab entry, the disk will be unlocked by systemd-cryptsetup@xxx.service at boot time.
  # This systemd service is running after agenix, so that the keyfile is already available.
@@ -59,7 +60,7 @@ in {
              ];
              content = {
                type = "btrfs";
-                extraArgs = ["-f"]; # Force override existing partition
+                extraArgs = [ "-f" ]; # Force override existing partition
                subvolumes = {
                  "@apps" = {
                    mountpoint = "/data/apps";
@@ -71,15 +72,27 @@ in {
                  };
                  "@fileshare" = {
                    mountpoint = "/data/fileshare";
-                    mountOptions = ["compress-force=zstd:1" "noatime" "nofail"];
+                    mountOptions = [
+                      "compress-force=zstd:1"
+                      "noatime"
+                      "nofail"
+                    ];
                  };
                  "@backups" = {
                    mountpoint = "/data/backups";
-                    mountOptions = ["compress-force=zstd:1" "noatime" "nofail"];
+                    mountOptions = [
+                      "compress-force=zstd:1"
+                      "noatime"
+                      "nofail"
+                    ];
                  };
                  "@snapshots" = {
                    mountpoint = "/data/apps-snapshots";
-                    mountOptions = ["compress-force=zstd:1" "noatime" "nofail"];
+                    mountOptions = [
+                      "compress-force=zstd:1"
+                      "noatime"
+                      "nofail"
+                    ];
                  };
                };
              };
@@ -101,7 +114,10 @@ in {
            subvolumes = {
              "@persistent" = {
                mountpoint = "/data/fileshare/public";
-                mountOptions = ["compress-force=zstd:1" "nofail"];
+                mountOptions = [
+                  "compress-force=zstd:1"
+                  "nofail"
+                ];
              };
            };
          };
--- a/hosts/idols-aquamarine/exporters/default.nix
+++ b/hosts/idols-aquamarine/exporters/default.nix
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
+{
  imports = mylib.scanPaths ./.;
 }
--- a/hosts/idols-aquamarine/gitea.nix
+++ b/hosts/idols-aquamarine/gitea.nix
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
  # https://github.com/NixOS/nixpkgs/blob/nixos-25.05/nixos/modules/services/misc/gitea.nix
  services.gitea = {
    enable = true;
--- a/hosts/idols-aquamarine/grafana/default.nix
+++ b/hosts/idols-aquamarine/grafana/default.nix
@@ -2,7 +2,8 @@
  config,
  myvars,
  ...
-}: {
+}:
+{
  services.grafana = {
    enable = true;
    dataDir = "/data/apps/grafana";
--- a/hosts/idols-aquamarine/minio.nix
+++ b/hosts/idols-aquamarine/minio.nix
@@ -1,7 +1,9 @@
-{config, ...}: let
-  dataDir = ["/data/apps/minio/data"];
+{ config, ... }:
+let
+  dataDir = [ "/data/apps/minio/data" ];
  configDir = "/data/apps/minio/config";
-in {
+in
+{
  # https://github.com/NixOS/nixpkgs/blob/nixos-25.05/nixos/modules/services/web-servers/minio.nix
  services.minio = {
    enable = true;
--- a/Show More
+++ b/Show More