application du template

base.nix

@@ -1,4 +1,11 @@
-{ ... }:
+{ config, lib, pkgs, ... }:
+
+let
+  #inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
 
 {
   imports = [

base/activation-manuelle/nix-serve-client.nix

@@ -1,13 +1,14 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf mkMerge;
+  inherit (lib) mkIf mkMerge mkThenElse;
-  profiles = config.r6d.profiles;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
 in
 
 mkIf cfg.nix-serve-client {
+
   nix = {
     # Cache http pour le store
     requireSignedBinaryCaches = false;

base/activation-manuelle/nix-serve-server.nix

@@ -1,12 +1,27 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
-
-with pkgs.lib;
 
 let
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
-in {
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
+
+mkIf cfg.nix-serve-server {
+
   # Cache http pour le store
 
-  services.nix-serve.enable = cfg.nix-serve-server;
+  # Services
-  networking.firewall.allowedTCPPorts = mkIf cfg.nix-serve-server [ 5000 ];
+  services.nix-serve = {
+    enable = true;
+  };
+
+  # Réseau
+  networking.firewall = {
+    allowedTCPPorts = [
+      5000
+    ];
+    allowedUDPPorts = [
+    ];
+  };
 }

base/activation-manuelle/service-fail2ban.nix

@@ -1,17 +1,20 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
-
-with pkgs.lib;
 
 let
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
 
   ignoreip = "pedro.dubronetwork.fr cube.dubronetwork.fr voyage.prunetwork.fr xray.prunetwork.fr 192.168.0.0/16 172.16.0.0/16";
   destemail = "admins@dubronetwork.fr";
+in
 
-in {
+mkIf cfg.fail2ban {
-  # Gestion de fail2ban
 
-  services = mkIf cfg.fail2ban {
+  # Gestion de fail2ban
+  # Services
+  services = {
     fail2ban = {
       enable = true;
       jails = {

base/activation-manuelle/users.nix

@@ -1,9 +1,9 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
-
-with pkgs.lib;
 
 let
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
   profiles = config.r6d.profiles;
 
   # Dubronetwork

base/base.nix

@@ -1,4 +1,11 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
+
+let
+  #inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
 
 {
   imports = [

base/network-dns.nix

@@ -1,6 +1,14 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
+
+mkIf true {
 
-{
   # Définition des domaines utilisés lorsque un identifiant non-FQDN est donné (ping, nslookup)
   networking = {
     search = [

config-generator.nix

@@ -1,6 +1,5 @@
 { config, lib, pkgs, ... }:
 
-# exemple utilisé pour commencer bird.nix
 let
   inherit (lib) mkEnableOption mkIf mkMerge mkOption singleton types;
   cfg = config.r6d.config-generator;

desktop/activation-manuelle/xmonad/xmonad.nix

@@ -1,19 +1,21 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
+in
 
-in  mkIf cfg.xmonad {
+mkIf cfg.xmonad {
-  # Paquets spécifiques pour xmonad
 
-  environment.systemPackages = with pkgs;[
+  # Paquets
+  environment.systemPackages = with pkgs; [
     dmenu
     haskellPackages.xmobar
   ];
 
+  # Services
   services.xserver.windowManager.xmonad = {
     enable = true;
     enableContribAndExtras = true;

desktop/desktop.nix

@@ -13,6 +13,7 @@ in
     ./activation-manuelle/xmonad/xmonad.nix      # gestionnaire de fenêtres xmonad
   ];
 
+  # Paquets
   environment.systemPackages = with pkgs; mkIf profiles.isDesktop [
     # Environement de bureau
     arandr          # interface graphique pour xrandr

public/app-adminsys.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf profiles.isDesktop {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     # Adminsys
     iotop

public/app-awesome.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;

public/app-bureautique.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf profiles.isDesktop {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     # Bureautique
     aspell aspellDicts.fr

public/app-cao.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,7 +9,8 @@ in
 
 mkIf cfg.conception-assistee {
 
-environment.systemPackages = with pkgs; [
+  # Paquets
+  environment.systemPackages = with pkgs; [
     # CAO
     ## Modélisation 3D
     freecad   # modélisation de pièces en 3D

public/app-cartographie.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf cfg.cartographie {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     # Gestion de données géographiques
     expat         

public/app-client-internet.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf profiles.isDesktop {
 
+# Paquets
 environment.systemPackages = with pkgs; [
     # Clients Internet
 

public/app-developpement.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf cfg.developpement {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     # Base de données
     pgadmin

public/app-docker.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf cfg.docker {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     # Ecosystème Docker
     docker

public/app-edition-musique.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,7 +9,8 @@ in
 
 mkIf cfg.edition-musique {
 
-environment.systemPackages = with pkgs; [
+  # Paquets
+  environment.systemPackages = with pkgs; [
     #
     audacity      # montage audio
     easytag       # gestion des métadonnées des fichiers musicaux

public/app-edition-photo.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf cfg.edition-photo {
 
+  # Paquets
 environment.systemPackages = with pkgs; [
     # Méta données
     exif

public/app-edition-video.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,7 +9,8 @@ in
 
 mkIf cfg.edition-video {
 
-environment.systemPackages = with pkgs; [
+  # Paquets
+  environment.systemPackages = with pkgs; [
     # Vidéo
     #cinelerra     # editeur video
     pitivi        # montage vidéo

public/app-jeux.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf cfg.jeux {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     # Jeux
     urbanterror

public/app-multimedia.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf profiles.isDesktop {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     # Multimedia
 

public/app-network.nix

@@ -9,6 +9,7 @@ in
 
 mkIf profiles.isDesktop {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     # Outils réseau
     iperf         # outil de mesure de la qualité du réseau
@@ -23,7 +24,11 @@ mkIf profiles.isDesktop {
   ];
 
   networking.firewall = {
-    allowedTCPPorts = [5201]; # iperf
+    allowedTCPPorts = [
-    allowedUDPPorts = [5201]; # iperf
+      5201 # iperf
+    ];
+    allowedUDPPorts = [
+      5201 # iperf
+    ];
   };
 }

public/app-securite.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf profiles.isDesktop {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     # Securité
     gnome3.seahorse # gestionnaire graphique de clef GPG

public/app-virtualbox.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf cfg.virtualbox {
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     linuxPackages.virtualbox
     linuxPackages.virtualboxGuestAdditions

public/auto-upgrade.nix

@@ -1,13 +1,14 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
 in
 
 mkIf cfg.auto-upgrade {
+
   # Automatic update & automatic clean
 
   system.autoUpgrade.enable = true;

public/environment.nix

@@ -1,4 +1,11 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
 
 {
   # Nombre de process d'installation en parrallèle effectués par Nix
@@ -10,8 +17,7 @@
   # On autorise les paquets non-libres
   nixpkgs.config.allowUnfree = true;
 
-  # List packages installed in system profile. To search by name, run:
+  # Paquets
-  # $ nix-env -qaP | grep wget
   environment = {
     systemPackages = with pkgs; [
       bind          # utilisé pour les utilitaires comme dig

public/laptop.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -19,6 +19,7 @@ mkIf cfg.laptop {
 
   hardware.bluetooth.enable = true;
 
+  # Paquets
   environment.systemPackages = with pkgs; [
     networkmanagerapplet
   ];

public/localisation.nix

@@ -1,6 +1,14 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
+
+mkIf true {
 
-{
   # Select internationalisation properties.
   i18n = {
     consoleFont = "Lat2-Terminus16";

public/network-ipv6.nix

@@ -1,6 +1,14 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
+
+mkIf true {
 
-{
   # Utilisation d'adresse IPv6 temporaire
   
   ## https://blog.linitx.com/control-privacy-addressing-ipv6-linux/

public/print.nix

@@ -1,14 +1,16 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
 in
 
 mkIf cfg.print {
-  # Enable CUPS to print documents.
+
+  # Services
+  ## Enable CUPS to print documents.
   services.printing = {
     enable = true;
     drivers = [

public/public.nix

@@ -1,4 +1,11 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
+
+let
+  #inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
 
 {
   imports = [

public/service-haveged.nix

@@ -1,7 +1,16 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 
-{
+let
-  # Sécurité & Acces distant
+  inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
+
+mkIf true {
+
+  # Sécurité & Accès distant
+  # Services
 
   ## Augmentation de l'entropie du système par un générateur de nombres aléatoires
   ## cat /proc/sys/kernel/random/entropy_avail

public/service-laptop.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -11,6 +11,7 @@ mkIf cfg.laptop {
 
   # Gestion spécifique pour PC portable
 
+  # Services
   services.xserver.synaptics = {
     enable = true;
     twoFingerScroll = true;

public/service-locate.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
@@ -9,6 +9,7 @@ in
 
 mkIf cfg.locate {
 
+  # Services
   services.locate = {
     enable = true;
     interval = "hourly";

public/service-monitoring.nix

@@ -1,14 +1,22 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 
-{
+let
-  # Monitoring
+  inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
 
-  # Noeud de supervision munin = pas de stockage des données locales
+mkIf true {
+
+  # Services
+
+  ## Noeud de supervision munin = pas de stockage des données locales
   services.munin-node = {
     enable = true;
   };
 
-  # Munin server -- generate /var/www/munin
+  ## Munin server -- generate /var/www/munin
   services.munin-cron = {
     enable = true;
     hosts = ''
@@ -20,12 +28,12 @@
     '';
   };
 
-  networking.firewall.allowedTCPPorts = [
+  # Réseau
-    # TODO configurer les bon ports lors de l'ouverture du service
+  networking.firewall = {
-    8000
+    allowedTCPPorts = [
-  ];
+      8000
-
+    ];
-   ## Documentation
+    allowedUDPPorts = [
-   # * https://nixos.org/wiki/Create_and_debug_nix_packages
+    ];
-   # * http://chriswarbo.net/essays/nixos/developing_on_nixos.html
+  };
 }

public/service-pulseaudio.nix

@@ -1,15 +1,16 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 
 let
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
-  mkIf = pkgs.lib.mkIf;
 in
 
-{
+mkIf profiles.isDesktop {
+
   # Pulse Audio
-  hardware.pulseaudio = mkIf profiles.isDesktop {
+  hardware.pulseaudio = {
     enable = true;
     support32Bit = true;
   };

public/service-ssh.nix

@@ -1,7 +1,16 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 
-{
+let
-  # OpenSSH daemon
+  inherit (lib) mkIf mkMerge mkThenElse;
+  cfg = config.r6d.config-generator;
+  computers = config.r6d.computers;
+  profiles = config.r6d.profiles;
+in
+
+mkIf true {
+
+  # Services
+  ## OpenSSH daemon
   services.openssh = {
     enable = true;
     # https://wiki.mozilla.org/Security/Guidelines/OpenSSH#Modern_.28OpenSSH_6.7.2B.29

public/service-x11.nix

@@ -1,15 +1,17 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 
 let
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
-  mkIf = pkgs.lib.mkIf;
 in
 
-{
+mkIf profiles.isDesktop {
+
+  # Services
   # Enable the X11 windowing system.
-  services.xserver = mkIf profiles.isDesktop {
+  services.xserver = {
     enable = true;
     layout = "fr";
     xkbOptions = "eurosign:e";

public/swap.nix

@@ -1,13 +1,14 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf;
+  inherit (lib) mkIf mkMerge mkThenElse;
   cfg = config.r6d.config-generator;
   computers = config.r6d.computers;
   profiles = config.r6d.profiles;
 in
 
 mkIf cfg.swap {
+
   # Gestion du swap
   
   # https://en.wikipedia.org/wiki/Swappiness