From 387fb668b3d2fd32764608663417e6859ca6de8e Mon Sep 17 00:00:00 2001
From: Christine Elisabeth Koppel <kuutruu@posteo.net>
Date: Thu, 12 Feb 2026 20:11:30 +0100
Subject: [PATCH] Alejandra'd repo, added better dry run script.

---
 README.md                                     |  9 +++--
 dry_run.zsh                                   | 39 ++++++++++++++++++-
 .../secrets-config/sops-build-machine.nix     |  1 -
 .../system/blank_system_USE_THIS_AS_COPY.nix  | 10 ++---
 .../modules/system/build_machine.nix          | 22 +++++------
 .../modules/system/compose-songsheet.nix      | 14 +++----
 .../modules/system/database.nix               | 22 ++++++-----
 nix-system-configs/modules/system/forgejo.nix | 12 +++---
 .../modules/system/teamspeak.nix              | 14 +++----
 nix-system-configs/modules/system/traefik.nix | 10 ++---
 .../modules/system/wireguard_server.nix       | 12 +++---
 11 files changed, 101 insertions(+), 64 deletions(-)

diff --git a/README.md b/README.md
index 9df1296..15c4664 100644
--- a/README.md
+++ b/README.md
@@ -14,19 +14,20 @@ TODO HECK
 
  - [x] Do a massive overhaul of the file structure, like there should be like modules where it is possible to call things to be packages. I.e. Calling the OVMF/SeaBIOS + Gnome/Plasma/Sway + Local changes, which two former would be separate .nix files. -> Probably will do a V3 or v2.1 later on when mature
  - [ ] Add the .env for the configurations so that we add the `git config --global user.email "you@example.com"` and `git config --global user.name "Your Name"` with the account custom made for this.
- - [?] Clean up the hanging configurations -> PiHole DNS Stuff needs to be transferred over elegantly, don't want to touch it unless I am myself en-site.
+ - [ ] Clean up the hanging configurations -> PiHole DNS Stuff needs to be transferred over elegantly, don't want to touch it unless I am myself en-site.
  - [x] Find a more clean way to store initial passwords (.env??) -> [nix-sops](https://github.com/Mic92/sops-nix)
- - [?] Create proper build automation scripts -> Needs to be properly done.
+ - [x] Create proper build automation scripts -> Needs to be properly done.
  - [ ] Attach more NixOS weblinks... 
  - [ ] Update Forgejo Styling
  - [x] Figure out what the ***hecc*** to do with SSL Certifications in the most elegant way -> Use Traefik
  - [x] Add Git Actions to Forgejo -> It was already added, just need to setup the CI itself.
- - [ ] Setup the CI backend.
+ - [x] Setup the CI backend.
  - [x] Create the Podman x Portainer NixOS module -> See `Songsheet`
  - [ ] Read up more about how to a backup machine stuff and making it Nix-y... 
  - [ ] Figure out my life
  - [ ] Setup Hardware Keys
- - [ ] Setup a VPN (Likely OpenVPN)
+ - [x] Setup a VPN
+ - [ ] Setup Alejandra pre-commit hook
 
 
 ## NOTES FOR FUTURE
diff --git a/dry_run.zsh b/dry_run.zsh
index 9fe02d0..db5f6c5 100755
--- a/dry_run.zsh
+++ b/dry_run.zsh
@@ -21,8 +21,43 @@ if [[ -n "$1" ]]; then
   configs=("$1")
 fi
 
+# Track results
+passed_configs=()
+failed_configs=()
+
 for config in "${configs[@]}"; do
-  echo "=== Dry-run: $config ==="
-  nix build --dry-run ".#nixosConfigurations.${config}.config.system.build.toplevel" || true
+  echo "Dry-run: $config ==="
+  if nix build --dry-run ".#nixosConfigurations.${config}.config.system.build.toplevel" 2>&1; then
+    echo "[PASSED]: $config"
+    passed_configs+=("$config")
+  else
+    echo "[FAILED]: $config"
+    failed_configs+=("$config")
+  fi
   echo
 done
+
+# Print summary
+echo "BUILD SUMMARY"
+echo "Total: ${#configs[@]} | Passed: ${#passed_configs[@]} | Failed: ${#failed_configs[@]}"
+echo
+
+if [[ ${#passed_configs[@]} -gt 0 ]]; then
+  echo "Passed configs:"
+  for c in "${passed_configs[@]}"; do
+    echo "   - $c"
+  done
+  echo
+fi
+
+if [[ ${#failed_configs[@]} -gt 0 ]]; then
+  echo "Failed configs:"
+  for c in "${failed_configs[@]}"; do
+    echo "   - $c"
+  done
+  echo
+  exit 1
+fi
+
+echo "All configurations passed!"
+exit 0
diff --git a/nix-system-configs/modules/secrets-config/sops-build-machine.nix b/nix-system-configs/modules/secrets-config/sops-build-machine.nix
index d66aeda..75b9931 100644
--- a/nix-system-configs/modules/secrets-config/sops-build-machine.nix
+++ b/nix-system-configs/modules/secrets-config/sops-build-machine.nix
@@ -34,5 +34,4 @@
     owner = "root";
     mode = "0400";
   };
-
 }
diff --git a/nix-system-configs/modules/system/blank_system_USE_THIS_AS_COPY.nix b/nix-system-configs/modules/system/blank_system_USE_THIS_AS_COPY.nix
index c4c9bec..dc2d50c 100644
--- a/nix-system-configs/modules/system/blank_system_USE_THIS_AS_COPY.nix
+++ b/nix-system-configs/modules/system/blank_system_USE_THIS_AS_COPY.nix
@@ -30,11 +30,11 @@ in {
   };
 
   imports = lib.filter (x: x != null) [
-    (choose [ ./modules/local/hostname_username.nix ../local/hostname_username.nix ])
-    (choose [ ./modules/local/networking_local.nix ../local/networking_local.nix ])
-    (choose [ ./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix ])
-    (choose [ ./modules/lix-default.nix ../lix-default.nix ])
-    (choose [ ./modules/secrets-config/sops-the-blank-system.nix ../secrets-config/sops-the-blank-system.nix ])
+    (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
+    (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
+    (choose [./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix])
+    (choose [./modules/lix-default.nix ../lix-default.nix])
+    (choose [./modules/secrets-config/sops-the-blank-system.nix ../secrets-config/sops-the-blank-system.nix])
   ];
 
   config = {
diff --git a/nix-system-configs/modules/system/build_machine.nix b/nix-system-configs/modules/system/build_machine.nix
index d34234d..40c791d 100644
--- a/nix-system-configs/modules/system/build_machine.nix
+++ b/nix-system-configs/modules/system/build_machine.nix
@@ -13,7 +13,6 @@
       fsType = "ext4";
     };
   };
-
 in {
   options.local = {
     hostname = lib.mkOption {
@@ -38,14 +37,16 @@ in {
     };
   };
 
-  imports = [
-    (choose [ ./modules/local/hostname_username.nix ../local/hostname_username.nix ])
-    (choose [ ./modules/local/networking_local.nix ../local/networking_local.nix ])
-    (choose [ ./modules/lix-default.nix ../lix-default.nix ])
-    (choose [ ./modules/secrets-config/sops-build-machine.nix ../secrets-config/sops-build-machine.nix ])
-    ## TODO: Make this more elegant and less risky for unexpected errors happening.
-  ] ++ lib.optional (builtins.pathExists ./hardware-configuration.nix) ./hardware-configuration.nix
-      ++ lib.optional (!builtins.pathExists ./hardware-configuration.nix) dummyFileSystems;
+  imports =
+    [
+      (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
+      (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
+      (choose [./modules/lix-default.nix ../lix-default.nix])
+      (choose [./modules/secrets-config/sops-build-machine.nix ../secrets-config/sops-build-machine.nix])
+      ## TODO: Make this more elegant and less risky for unexpected errors happening.
+    ]
+    ++ lib.optional (builtins.pathExists ./hardware-configuration.nix) ./hardware-configuration.nix
+    ++ lib.optional (!builtins.pathExists ./hardware-configuration.nix) dummyFileSystems;
 
   config = {
     # Local metadata
@@ -173,14 +174,13 @@ in {
     # Enable the OpenSSH daemon.
     services.openssh.enable = true;
 
-# Enable Podman for Gitea Actions Runner
+    # Enable Podman for Gitea Actions Runner
     virtualisation.podman = {
       enable = true;
       dockerCompat = true;
       defaultNetwork.settings.dns_enabled = true;
     };
 
-
     # Network configuration for the build machine on the Proxmox bridge
     networking.interfaces.ens18.ipv4.addresses = [
       {
diff --git a/nix-system-configs/modules/system/compose-songsheet.nix b/nix-system-configs/modules/system/compose-songsheet.nix
index 95fd8fc..a26c324 100644
--- a/nix-system-configs/modules/system/compose-songsheet.nix
+++ b/nix-system-configs/modules/system/compose-songsheet.nix
@@ -30,16 +30,16 @@ in {
   };
 
   imports = [
-    (choose [ ./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix ])
-    (choose [ ./modules/local/hostname_username.nix ../local/hostname_username.nix ])
-    (choose [ ./modules/local/networking_local.nix ../local/networking_local.nix ])
-    (choose [ ./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix ])
-    (choose [ ./modules/lix-default.nix ../lix-default.nix ])
+    (choose [./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix])
+    (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
+    (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
+    (choose [./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix])
+    (choose [./modules/lix-default.nix ../lix-default.nix])
     # Optionally: (choose [ ./modules/toolsets/remote_building.nix ../toolsets/remote_building.nix ])
 
     ## Compose modules for Portainer service
-    (choose [ ./modules/songsheet/wavelog/docker-compose.nix ../songsheet/wavelog/docker-compose.nix ])
-    (choose [ ./modules/secrets-config/sops-composesongsheet.nix ../secrets-config/sops-composesongsheet.nix ])
+    (choose [./modules/songsheet/wavelog/docker-compose.nix ../songsheet/wavelog/docker-compose.nix])
+    (choose [./modules/secrets-config/sops-composesongsheet.nix ../secrets-config/sops-composesongsheet.nix])
   ];
 
   config = {
diff --git a/nix-system-configs/modules/system/database.nix b/nix-system-configs/modules/system/database.nix
index f22ec06..106670e 100644
--- a/nix-system-configs/modules/system/database.nix
+++ b/nix-system-configs/modules/system/database.nix
@@ -29,16 +29,18 @@ in {
     };
   };
 
-  imports = [
-    (choose [ ./modules/desktop-manager/gnome.nix ../desktop-manager/gnome.nix ])
-    (choose [ ./modules/local/hostname_username.nix ../local/hostname_username.nix ])
-    (choose [ ./modules/local/networking_local.nix ../local/networking_local.nix ])
-    (choose [ ./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix ])
-    (choose [ ./modules/lix-default.nix ../lix-default.nix ])
-    (choose [ ./modules/secrets-config/sops-database.nix ../secrets-config/sops-database.nix ])
-    (choose [ ./modules/system_scripts/gcloud_backup.nix ../system_scripts/gcloud_backup.nix ])
-    ## TODO: Make this more elegant and less risky for unexpected errors happening.
-  ] ++ lib.optional (builtins.pathExists ./hardware-configuration.nix) ./hardware-configuration.nix;
+  imports =
+    [
+      (choose [./modules/desktop-manager/gnome.nix ../desktop-manager/gnome.nix])
+      (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
+      (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
+      (choose [./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix])
+      (choose [./modules/lix-default.nix ../lix-default.nix])
+      (choose [./modules/secrets-config/sops-database.nix ../secrets-config/sops-database.nix])
+      (choose [./modules/system_scripts/gcloud_backup.nix ../system_scripts/gcloud_backup.nix])
+      ## TODO: Make this more elegant and less risky for unexpected errors happening.
+    ]
+    ++ lib.optional (builtins.pathExists ./hardware-configuration.nix) ./hardware-configuration.nix;
 
   config = {
     local.hostname = "nixosdd";
diff --git a/nix-system-configs/modules/system/forgejo.nix b/nix-system-configs/modules/system/forgejo.nix
index 5a1a6da..4da5e8b 100644
--- a/nix-system-configs/modules/system/forgejo.nix
+++ b/nix-system-configs/modules/system/forgejo.nix
@@ -33,12 +33,12 @@ in {
   };
 
   imports = [
-    (choose [ ./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix ])
-    (choose [ ./modules/local/hostname_username.nix ../local/hostname_username.nix ])
-    (choose [ ./modules/local/networking_local.nix ../local/networking_local.nix ])
-    (choose [ ./modules/toolsets/remote_building.nix ../toolsets/remote_building.nix ])
-    (choose [ ./modules/bootloader/seabios-assigned-proxmox-at-birth.nix ../bootloader/seabios-assigned-proxmox-at-birth.nix ])
-    (choose [ ./modules/lix-default.nix ../lix-default.nix ])
+    (choose [./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix])
+    (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
+    (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
+    (choose [./modules/toolsets/remote_building.nix ../toolsets/remote_building.nix])
+    (choose [./modules/bootloader/seabios-assigned-proxmox-at-birth.nix ../bootloader/seabios-assigned-proxmox-at-birth.nix])
+    (choose [./modules/lix-default.nix ../lix-default.nix])
   ];
 
   config = {
diff --git a/nix-system-configs/modules/system/teamspeak.nix b/nix-system-configs/modules/system/teamspeak.nix
index fc57454..5e6cf5c 100644
--- a/nix-system-configs/modules/system/teamspeak.nix
+++ b/nix-system-configs/modules/system/teamspeak.nix
@@ -30,15 +30,15 @@ in {
   };
 
   imports = [
-    (choose [ ./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix ])
-    (choose [ ./modules/local/hostname_username.nix ../local/hostname_username.nix ])
-    (choose [ ./modules/local/networking_local.nix ../local/networking_local.nix ])
-    (choose [ ./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix ])
-    (choose [ ./modules/lix-default.nix ../lix-default.nix ])
+    (choose [./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix])
+    (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
+    (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
+    (choose [./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix])
+    (choose [./modules/lix-default.nix ../lix-default.nix])
     # Optionally: (choose [ ./modules/toolsets/remote_building.nix ../toolsets/remote_building.nix ])
     ## Compose modules for Portainer service
-    (choose [ ./modules/songsheet/wavelog/docker-compose.nix ../songsheet/wavelog/docker-compose.nix ])
-    (choose [ ./modules/secrets-config/sops-composesongsheet.nix ../secrets-config/sops-composesongsheet.nix ])
+    (choose [./modules/songsheet/wavelog/docker-compose.nix ../songsheet/wavelog/docker-compose.nix])
+    (choose [./modules/secrets-config/sops-composesongsheet.nix ../secrets-config/sops-composesongsheet.nix])
   ];
 
   config = {
diff --git a/nix-system-configs/modules/system/traefik.nix b/nix-system-configs/modules/system/traefik.nix
index 28b6d7c..ff09310 100644
--- a/nix-system-configs/modules/system/traefik.nix
+++ b/nix-system-configs/modules/system/traefik.nix
@@ -30,11 +30,11 @@ in {
   };
 
   imports = [
-    (choose [ ./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix ])
-    (choose [ ./modules/local/hostname_username.nix ../local/hostname_username.nix ])
-    (choose [ ./modules/local/networking_local.nix ../local/networking_local.nix ])
-    (choose [ ./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix ])
-    (choose [ ./modules/lix-default.nix ../lix-default.nix ])
+    (choose [./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix])
+    (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
+    (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
+    (choose [./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix])
+    (choose [./modules/lix-default.nix ../lix-default.nix])
     # Optionally: (choose [ ./modules/toolsets/remote_building.nix ../toolsets/remote_building.nix ])
   ];
 
diff --git a/nix-system-configs/modules/system/wireguard_server.nix b/nix-system-configs/modules/system/wireguard_server.nix
index 32ee0fb..30d845a 100644
--- a/nix-system-configs/modules/system/wireguard_server.nix
+++ b/nix-system-configs/modules/system/wireguard_server.nix
@@ -30,12 +30,12 @@ in {
   };
 
   imports = [
-    (choose [ ./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix ])
-    (choose [ ./modules/local/hostname_username.nix ../local/hostname_username.nix ])
-    (choose [ ./modules/local/networking_local.nix ../local/networking_local.nix ])
-    (choose [ ./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix ])
-    (choose [ ./modules/lix-default.nix ../lix-default.nix ])
-    (choose [ ./modules/secrets-config/sops-wireguard.nix ../secrets-config/sops-wireguard.nix ])
+    (choose [./modules/desktop-manager/sway_greetd_homemanager.nix ../desktop-manager/sway_greetd_homemanager.nix])
+    (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
+    (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
+    (choose [./modules/bootloader/seabios-assigned-iso-at-birth.nix ../bootloader/seabios-assigned-iso-at-birth.nix])
+    (choose [./modules/lix-default.nix ../lix-default.nix])
+    (choose [./modules/secrets-config/sops-wireguard.nix ../secrets-config/sops-wireguard.nix])
     # Optionally to enable remote building: ./modules/toolsets/remote_building.nix
     #./modules/songsheet/wavelog/docker-compose.nix
     #./modules/secrets-config/sops-the-blank-system.nix