1
0
Fork 0

Snowfall - replace aux.system

This commit is contained in:
Aires 2024-12-06 11:46:10 -05:00
parent df02d39ced
commit 1ebf66e78d
62 changed files with 427 additions and 313 deletions

View file

@ -1,6 +1,6 @@
# NixOS Configuration # NixOS Configuration
A full set of configuration files managed via NixOS. This project is an **unofficial** extension of the [Auxolotl system template](https://git.auxolotl.org/auxolotl/templates). A full set of configuration files managed via NixOS. This project uses the [Snowfall library](https://snowfall.org/guides/lib/quickstart).
> [!WARNING] > [!WARNING]
> DO NOT DOWNLOAD AND RUN `nixos-rebuild` ON THIS REPOSITORY! These are my personal configuration files. I invite you to look through them, modify them, and take inspiration from them, but if you run `nixos-rebuild`, it _will completely overwrite your current system_! > DO NOT DOWNLOAD AND RUN `nixos-rebuild` ON THIS REPOSITORY! These are my personal configuration files. I invite you to look through them, modify them, and take inspiration from them, but if you run `nixos-rebuild`, it _will completely overwrite your current system_!
@ -9,7 +9,7 @@ A full set of configuration files managed via NixOS. This project is an **unoffi
### Note on secrets management ### Note on secrets management
Secrets are managed using [git-crypt](https://github.com/AGWA/git-crypt). To unlock the repo, use `git-crypt unlock [path to key file]`. git-crypt will transparently encrypt/decrypt files stored in `modules/nixos/secrets` going forward, but you'll need this key file on all hosts that are using secrets. Secrets are managed using [transcrypt](https://github.com/elasticdog/transcrypt). To unlock the repo, use `transcrypt -c [cipher] -p '[password]'`. Transcrypt will transparently encrypt/decrypt files stored in `modules/nixos/secrets` going forward. You can get the cipher and password from a host with transcrypt already configured by running `transcrypt --display`.
> [!NOTE] > [!NOTE]
> This is a poor man's secret management solution. If you use this, your secrets will be world-readable in the `/nix/store/`. > This is a poor man's secret management solution. If you use this, your secrets will be world-readable in the `/nix/store/`.
@ -22,9 +22,9 @@ When installing on a brand new system, partition the main drive into two partiti
./bin/format-drives.sh --boot /dev/nvme0n1p1 --luks /dev/nvme0n1p2 ./bin/format-drives.sh --boot /dev/nvme0n1p1 --luks /dev/nvme0n1p2
``` ```
Next, set up the host's config under in the `hosts` folder by copying `configuration.nix.template` and `hardware-configuration.nix.template` into a new folder. Running `format-drives.sh` also generates a `hardware-configuration.nix` file you can use. Next, set up the host's config in the `systems/[architecture]` folder by copying `default.nix.template` and `hardware-configuration.nix.template` into a new folder named after the hostname. Running `format-drives.sh` also generates a `hardware-configuration.nix` file you can use.
Then, add the host to `flake.nix` under the `nixosConfigurations` section. If necessary, import modules by adding the host to `flake.nix` under the `outputs.systems.hosts` section.
Finally, run the NixOS installer, replacing `host` with your actual hostname: Finally, run the NixOS installer, replacing `host` with your actual hostname:
@ -41,10 +41,10 @@ To update a system, run `nixos-operations-script` (or just `nos`). To commit upd
#### Automatic updates #### Automatic updates
To enable automatic updates for a host, set `aux.system.services.autoUpgrade = true;`. You can configure the autoUpgrade module with additional settings, e.g.: To enable automatic updates for a host, set `config.${namespace}.services.autoUpgrade = true;`. You can configure the autoUpgrade module with additional settings, e.g.:
```nix ```nix
aux.system.services.autoUpgrade = { services.autoUpgrade = {
enable = true; enable = true;
configDir = config.secrets.nixConfigFolder; configDir = config.secrets.nixConfigFolder;
onCalendar = "daily"; onCalendar = "daily";
@ -52,7 +52,7 @@ aux.system.services.autoUpgrade = {
}; };
``` ```
Automatic updates work by running `nos`. There's an additional `pushUpdates` option that, when enabled, updates the `flake.lock` file and pushes it back up to the Git repository. Only one host needs to do this (in this case, it's [Hevana](./hosts/Hevana), but you can safely enable it on multiple hosts as long as they use the same repository and update at different times. Automatic updates work by running `nos`. There's an additional `pushUpdates` option that, when enabled, updates the `flake.lock` file and pushes it back up to the Git repository. Only one host needs to do this (in this case, it's [Hevana](./systems/x86_64-linux/Hevana)), but you can safely enable it on multiple hosts as long as they use the same repository and update at different times.
#### Manually updating #### Manually updating
@ -127,19 +127,7 @@ nixos-rebuild build-vm --flake .
## About this repository ## About this repository
### Layout This config uses the [Snowfall lib](https://snowfall.org/), along with some default options and settings for common software. It features:
This config uses a custom templating system built off of the [Auxolotl system templates](https://git.auxolotl.org/auxolotl/templates).
- Flakes are the entrypoint, via `flake.nix`. This is where Flake inputs and Flake-specific options get defined.
- Hosts are defined in the `hosts` folder.
- Modules are defined in `modules`. All of these files are automatically imported (except home-manager modules). You simply enable the ones you want to use, and disable the ones you don't. For example, to install Flatpak support, set `aux.system.ui.flatpak.enable = true;`.
- After adding a new module, make sure to `git add` it before running `nixos-rebuild`.
- Home-manager configs live in the `users/` folders.
### Features
This Nix config features:
- Flakes - Flakes
- Home Manager - Home Manager

View file

@ -228,11 +228,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1733050161, "lastModified": 1733482664,
"narHash": "sha256-lYnT+EYE47f5yY3KS/Kd4pJ6CO9fhCqumkYYkQ3TK20=", "narHash": "sha256-ZD+h1fwvZs+Xvg46lzTWveAqyDe18h9m7wZnTIJfFZ4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "62d536255879be574ebfe9b87c4ac194febf47c5", "rev": "e38d3dd1d355a003cc63e8fe6ff66ef2257509ed",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -307,11 +307,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1733217105, "lastModified": 1733481457,
"narHash": "sha256-fc6jTzIwCIVWTX50FtW6AZpuukuQWSEbPiyg6ZRGWFY=", "narHash": "sha256-IS3bxa4N1VMSh3/P6vhEAHQZecQ3oAlKCDvzCQSO5Is=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "cceee0a31d2f01bcc98b2fbd591327c06a4ea4f9", "rev": "e563803af3526852b6b1d77107a81908c66a9fcf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -355,11 +355,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1733212471, "lastModified": 1733392399,
"narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=", "narHash": "sha256-kEsTJTUQfQFIJOcLYFt/RvNxIK653ZkTBIs4DG+cBns=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "55d15ad12a74eb7d4646254e13638ad0c4128776", "rev": "d0797a04b81caeae77bcff10a9dde78bc17f5661",
"type": "github" "type": "github"
}, },
"original": { "original": {

View file

@ -1,4 +1,4 @@
# Based on the Auxolotl template: https://github.com/auxolotl/templates # Uses Snowfall: https://snowfall.org/
# For info on Flakes, see: https://nixos-and-flakes.thiscute.world/nixos-with-flakes/nixos-with-flakes-enabled # For info on Flakes, see: https://nixos-and-flakes.thiscute.world/nixos-with-flakes/nixos-with-flakes-enabled
{ {
description = "Aires' system Flake"; description = "Aires' system Flake";
@ -39,8 +39,7 @@
# NixOS hardware quirks # NixOS hardware quirks
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
# Snowfall - a unified configuration manager for NixOS # Snowfall lib: https://snowfall.org/guides/lib/quickstart/
# Quickstart guide: https://snowfall.org/guides/lib/quickstart/
# Jake's reference config: https://github.com/jakehamilton/config # Jake's reference config: https://github.com/jakehamilton/config
snowfall-lib = { snowfall-lib = {
url = "github:snowfallorg/lib"; url = "github:snowfallorg/lib";

View file

@ -2,15 +2,16 @@
config, config,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.apps.development; cfg = config.${namespace}.apps.development;
in in
{ {
options = { options = {
aux.system.apps.development = { ${namespace}.apps.development = {
enable = lib.mkEnableOption "Enables development tools"; enable = lib.mkEnableOption "Enables development tools";
kubernetes.enable = lib.mkEnableOption "Enables kubectl, virtctl, and similar tools."; kubernetes.enable = lib.mkEnableOption "Enables kubectl, virtctl, and similar tools.";
}; };
@ -18,7 +19,7 @@ in
config = lib.mkMerge [ config = lib.mkMerge [
(lib.mkIf cfg.enable { (lib.mkIf cfg.enable {
aux.system = { ${namespace} = {
packages = with pkgs; [ packages = with pkgs; [
nil # Nix Language server: https://github.com/oxalica/nil nil # Nix Language server: https://github.com/oxalica/nil
nix-prefetch-scripts nix-prefetch-scripts

View file

@ -2,12 +2,13 @@
config, config,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
# Gaming-related settings # Gaming-related settings
let let
cfg = config.aux.system.apps.gaming; cfg = config.${namespace}.apps.gaming;
reset-controllers-script = pkgs.writeShellScriptBin "reset-controllers" '' reset-controllers-script = pkgs.writeShellScriptBin "reset-controllers" ''
#!/usr/bin/env bash #!/usr/bin/env bash
sudo rmmod hid_xpadneo && sudo modprobe hid_xpadneo sudo rmmod hid_xpadneo && sudo modprobe hid_xpadneo
@ -16,25 +17,27 @@ let
in in
{ {
options = { options = {
aux.system.apps.gaming.enable = lib.mkEnableOption "Enables gaming features"; ${namespace}.apps.gaming.enable = lib.mkEnableOption "Enables gaming features";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.flatpak = { ${namespace} = {
enable = true; # Add script to restart xpadneo in case of issues
packages = [ packages = [ reset-controllers-script ];
"gg.minion.Minion"
"com.valvesoftware.Steam" ui.flatpak = {
"org.firestormviewer.FirestormViewer" enable = true;
]; packages = [
"gg.minion.Minion"
"com.valvesoftware.Steam"
"org.firestormviewer.FirestormViewer"
];
};
}; };
# Enable Xbox controller driver (XPadNeo) # Enable Xbox controller driver (XPadNeo)
hardware.xpadneo.enable = true; hardware.xpadneo.enable = true;
# Add script to restart xpadneo in case of issues
aux.system.packages = [ reset-controllers-script ];
# Enable GameMode # Enable GameMode
programs.gamemode.enable = true; programs.gamemode.enable = true;
}; };

View file

@ -1,18 +1,23 @@
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.apps.media; cfg = config.${namespace}.apps.media;
in in
{ {
options = { options = {
aux.system.apps.media = { ${namespace}.apps.media = {
enable = lib.mkEnableOption "Enables media playback and editing apps."; enable = lib.mkEnableOption "Enables media playback and editing apps.";
mixxx.enable = lib.mkEnableOption "Installs the Mixxx DJing software."; mixxx.enable = lib.mkEnableOption "Installs the Mixxx DJing software.";
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.flatpak = { ${namespace}.ui.flatpak = {
enable = true; enable = true;
packages = [ packages = [
"app.drey.EarTag" "app.drey.EarTag"

View file

@ -1,15 +1,20 @@
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.apps.office; cfg = config.${namespace}.apps.office;
in in
{ {
options = { options = {
aux.system.apps.office.enable = lib.mkEnableOption "Enables office and workstation apps"; ${namespace}.apps.office.enable = lib.mkEnableOption "Enables office and workstation apps";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.flatpak = { ${namespace}.ui.flatpak = {
enable = true; enable = true;
packages = [ packages = [
"org.onlyoffice.desktopeditors" "org.onlyoffice.desktopeditors"

View file

@ -2,19 +2,20 @@
config, config,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.apps.recording; cfg = config.${namespace}.apps.recording;
in in
{ {
options = { options = {
aux.system.apps.recording.enable = lib.mkEnableOption "Enables video editing tools"; ${namespace}.apps.recording.enable = lib.mkEnableOption "Enables video editing tools";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.flatpak.enable = true; ${namespace}.ui.flatpak.enable = true;
services.flatpak.packages = [ services.flatpak.packages = [
"com.obsproject.Studio" "com.obsproject.Studio"

View file

@ -2,19 +2,20 @@
config, config,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.apps.social; cfg = config.${namespace}.apps.social;
in in
{ {
options = { options = {
aux.system.apps.social.enable = lib.mkEnableOption "Enables chat apps"; ${namespace}.apps.social.enable = lib.mkEnableOption "Enables chat apps";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system = { ${namespace} = {
packages = [ pkgs.beeper ]; packages = [ pkgs.beeper ];
ui.flatpak = { ui.flatpak = {
enable = true; enable = true;

View file

@ -2,11 +2,12 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.apps.writing; cfg = config.${namespace}.apps.writing;
compile-manuscript = pkgs.writeShellScriptBin "compile-manuscript" ( compile-manuscript = pkgs.writeShellScriptBin "compile-manuscript" (
builtins.readFile ../../../../bin/compile-manuscript.sh builtins.readFile ../../../../bin/compile-manuscript.sh
@ -14,7 +15,7 @@ let
in in
{ {
options = { options = {
aux.system.apps.writing.enable = lib.mkEnableOption "Enables writing and editing tools"; ${namespace}.apps.writing.enable = lib.mkEnableOption "Enables writing and editing tools";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {

View file

@ -1,11 +1,12 @@
# Modules common to all systems # Modules common to all systems
{ {
pkgs, pkgs,
namespace,
... ...
}: }:
{ {
aux.system = { ${namespace} = {
# Install base packages # Install base packages
packages = with pkgs; [ packages = with pkgs; [
fastfetch # Show a neat system statistics screen when opening a terminal fastfetch # Show a neat system statistics screen when opening a terminal

View file

@ -2,11 +2,11 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.aux.system.services.myModule; cfg = config.${namespace}.services.myModule;
in in
{ {
options = { options = {
aux.system.services.myModule = { ${namespace}.services.myModule = {
enable = lib.mkEnableOption "Enables this example module."; enable = lib.mkEnableOption "Enables this example module.";
attributes = lib.mkOption { attributes = lib.mkOption {
default = { }; default = { };

View file

@ -1,111 +1,109 @@
U2FsdGVkX18XLcC6KPfRaGSo5Qz34PSSmgpl/qnz5d5TxlKG+pMhtUt0t/iGnyQV U2FsdGVkX1/RQfGVP76sNDrjrnhTIFoeGKoRj1M66ltbkzqEVZrSGke1jDZA9e0Q
guWUZIvUrnTfP0LSZym1eDEFJqsnGX4mMdf7vjFv17lco2FogP3/1WeneMvS1Q5s cwUIfzRo+k2bhNi6VbG4OvteEFeABGn6aoL38owyEgKDlGEti2m6/MPfIrTOYpWS
383TGpr78ufpizc5L1D9U8fWNePzHYxfT9F7AiviwjuoJJR0jxHEHLvPwKPxib6b UArXOKkSCgPi+mzD6ez6ZKXRdaVgn230Iipg4ZacUXkFzUf1YqybTMyp3xVuPaID
zPLpX+XbBzmGMt9fOVv6WJLGHU8s3eaq4bGNiTsGX2WAzDx72u2eNqiYhom/Cqnr AKCdEa9YiL0R5cOMBIKyN3zaj509R9ocauKeJ9w/pVPzgqMoeFNgkeUBh42Z+QFg
OSxWrC4rtICZ1qi3/duWzeCcJOjKPuZ/w92ENYYAPc9OiJWbmejaEddu6vcu+ZDV /0vy9jX2yoNQrWlOJNfkq50UeivWF90RJzf30gm1uAPX5102Pt0dvUOdfouunFIE
6Xn2hdZRGJzh/Tuuzq/w0vBQ3We9ODW8YI+S2HDvYRprBmuoitZp/NWwfewxbOz0 OxYwnBrqJAq2bnoCMCEJkogspVeBVWY/RdJZEhr6Fj6R8Dd/K1rPhvL1UzrrwMo4
R7fZgeNeiOtFHiSUxawh/kwqVSytmh/YX7Go3f6EGiN+dng62mxqwp5GGD0WsLf/ 3vcXy6AcvEGVA+i7nfSj7J4EfDJnNfsQl0hOV8tm2o/rlOqGiRwPLdi3PxUrAm5I
JvvzD9qhAqhswRNZBBRNb+iTUw78Y5rGFtHlMRVZ3N4JKE72jq70x52gFaOq5T6w jZdcNWeendXtBuXZwZSpVFDvi85taasgE7IaPdYj5VfKMwZmdmm7vpmVe3wKtxJf
OykZNJVqx7/Okw53Dbfrss5/W8parx0XmvKC689WvQZLWM8uj4mXXMik6myVDY77 D1Z2kW34dtUkAAA5LXAnEYpM0jJo1hLQyOSm8KUcOOmLHHRa3vNHzUxLdSSZluCY
hu4K7Sqahw/GYnnJMvH+9ljaVg+Tjeoz+XdceFn+5eCogTuU51hFpmB0+MqfUWfX DqLfRdx/3Krio8WoypopgG4mW0/nI1jUl5aRVgM2tuBVUjz2meDtTZk4dnTx8ys4
ppPJxchb53+d0Dp+I5dnSKpQFfb9lnuA5DqA1S3T5VjA+XnKNC6vktpruFOu4UEP bEmEn+BIzmMHzVK7PlNLAQWBGFj4e2rdLUsy3846YB2tRo/IUxQSv32gF/RYW5Py
+m0OB7UgVEcaSM1DJyOVoEUUqMCVNhY/0BkMlYueL7TnaeEbiK+PyJyr2D1a2Lgg ToOjRpoaVDSJPT26w25/rwMYoqvtYDakoRXmSFOLg9k1WIlEhCJFSZRts9DuFU23
dcgzczEyOscGlFq2aOxOk9qmDFuIHhYx1zjBxk/PDCTpmuiFZ7QkRVobposjGvoW XxXmhxC+R0I9InY/+JGBHqkmKcTpILZItjL0jLrIggXwE5wJ3emNBJsh8zwoKlWY
JI3Oa3pyGQOOHHTnUafrT0cTTcnYtjtq1JYBUt8BYGUvvReCwFsw2CIJ24RezLBY 6mUhG0xiiVrNWXlOOc9mw8ElRzxqhUDMd5mBiGQoZuBzXt8z05s8DA1ZDbrx9sQZ
vDmyP/YWs12naxLKW9PJPnKLio2Q1mQB6UtWuloHligob3XKaxiD6SwijoHE6q9G LVapZlUiYPcO/C29Bk2elK10IeQrzdqSSiF504afudaMPUcHSDWpG7Ew70R9wPHU
2eSN+1MYE2lDJnL8taXzUTPomXF0r3r9vVqePjmU/uaFFwibWiZP8wAFwtpQLI0P h3I/q/YPoyYC2txrC9lJGfnJnylXf6eXoJNNgUIsqFMViTVYDBRbZ/4er1tB8bZl
VmeDAXYD3mtfMvDAQkiqxZ1Nsd2qfl0CKJvIbjUfP4IXbj9oqdnHUm6/uD8dnGcf TjOgyRxgheUT0y/FodKznOEFtGSOsiO+ErQ04G6LAp59iJu5XJr3QVTyj4bvZa/S
IFCaar7wFqIwfGk1vT8a3TQs4yIaFCz6yv169TsF/fYjmre0OF3PoTI88xov6mI7 SjAOh1FMcg79p3ZWIFvfqupsStnKPHkDWawlM/var1xBSKcJ47YfgnPycxCdIm3x
QBLNnpRZvSrpuUxRbNbNsgsGmS0i6IbAB2TdK9tT5L9pZ80/HWOtxEYa4GsLIXcL eSDP4BziKhAIBo0bX/9TGfrcectQedMSxFV+4+EhwKVKR+01rA7SfT9pNcBG+yS8
qBlm45ZQUhDjYKIQC/s9kuaaugl0WeFxqRXiOlgTtGIEl2T7CTbgXqSyppzyacKy Z6kJ+cNQzGtAveD9TwvajpGAIWQQz3QXtoXJvOYrpxKSl89VWcAhVAZD5f/J0xr3
Cgw7jxyINeAksClWzg6jNzfrPR7WOhZU/Tlis0TqkCNx61w8V2NcAWziaPp+krRm nHdJmIiefGCC9uV6ztLolxgjgRw76SydgewgRnuAXS6RF1nR4cgN1/2nVA7okm16
SC7G/ii2dPKGY+zJJqKeL8AcNWGhRw1MzHvT4SqZ6ww8G52sflEgjUOA2Zw27onu JFvE+G7xxqbGgaNJNAzWIGn0JknSbrW+ymI08ig5FN49heOPW3+CNyPhhM/8Z1wM
hEzJYTuPURv3zw+c0A7Hv3/nCrFTjjzME3+wfpzdQsqFa9uWhWsbGxXk+xKZAOkm 4/vhfUSMFQxx+XZYAImCk3d9u1RW38I6MHMu4S9jwH1tBk4z66l8UfFixxf222n8
wzBDjjWtFSLoKqozeRpNymQrvujUHo79sRe2X7XikY52GJnOkukbxnIXKyYeDWpd tMIoXMWVZJPEEFJhRW4uGoebDdmjtkgAASy70T414QKPdWy24sNr8E7bxpIemS5u
6RwkuZoU/X4sRYL7YdVAC/HJjPXGBmO60tPzVVOhRYhN3qMMNczdTnHZSfxkWncI 4K8aO7UpKiiroXDdXBJJH3nYXBNeHNq/UASV5Ye2e2tNKGyepaIpFw4xr0qLXvAf
p1poeDI9ux1JIIOZDNqTI2ZKfVozK5kse3oxTMz0WSc8eMHe/DwgMfXiGBQAStta QHL19XzKhpmeAhbxgvkF/R9N6lnRTAUdk9bmx+02ZVrDHqB0J/TWi6rwPoh7B92F
JVpuBEODQ1bL6DoBaZsSDLHxEqrnUSbzoVVjGxPxOA7R1oBwYLjdBCOxdPpktnHs 0tbk3J8BOvdlJg74/96HBy4HQby7BxPKIFMkBVXNY4sACcWOGc+RbJf2KQRDUJ+y
Id4rhlYyQRrAIYG5djQINkiHLW+2rVG1KyBQh85lDgnQ4G2vlJ9hC6c6q5OTP7eC 2S3UDcc3pIowA8SgRPQiW8HPgwxKNSONQOqN7+EitKT0OBxgD2UiVSL8WPEXyn3O
+MzHzI+JKxPEIEXk9rQeYcgW3r7KL3EnDaaiKoRFGlZTpQBzxlp/+ETLNVsVPx8c IARI5N99Go9h29NkDxl0RH1rZpZMTtpJfW/0VKb2KIT1ctO57mYMBDrZsTYD8OLZ
R5ZcdgoL/SOlKzOfwxhRjUnxqFstwSf7zVhTTRZjVLuho7Q/QrD3pdn26vkhyGki KQY57J5E6n+j60aowVxRpIXDQBaiMb0gOSVg1VASLkIforfJ7Du+8mS7vtatyO/G
LUunBO567gRZ5IY/qEjIV2VXu3cO02z9N5YzS96sNuy9lA5ELMKxdA/q+MCfeazj W02ddqdjqOBtYWsbN7Qo/pjSwWRbzKyhML7QRimG076p4jM0Md/oQMrzvGzZ5TXR
XoJ9PKYrnKOVTNeDOeXp/0lmxw4qfJMvTrM4p6AfCRHzID4qOktBDUI0fAbF2M7j MkqeK5la0425VwOeoLETmoaohzEwQ3Pdj4wum2bmHJnUUwDWSUI/HWVTSEiIyiih
pHo6w2Gy9JqAog7wq+XwOoMqz60B5GQeWrU9AzOciy4fUC02Ntva8oMH30hJ5/6L 7XgHYHxfJZO774FaFBuXDNP1fSXdQMVF/eJomqKAPXdkMsj2Z8fo8dDDEGiVP6s0
4hsdCtb53wUX9BTV7oTSNx0mCJGFZPYEEYoNxPGk8diShHOjttAU1xiuIgyEdf4s DY5Imp5foGQIXxo0OqwX60dlgAWNjs27sd6j2qD+IRHDooOvseqMP1t+Ap7Cie19
BUau9HvnZhVVDNFUGFShmiWs6bgTUqWu3bZLbLdDT3CgP+CzQdvm7PcnYgJT7nL6 duFEkBk7mthWwqjQb+i2GN+Cp3d+kRaN3fL4xFkEeE0ozn32dr07U0ZaZPLUoO5N
0iuY7RWRRi3JpPQ2tGAZK0iL0e5ESjlBDTeJv+8mB+oUcPNKgMihYgIvUcnl1FFw JtpqpQ/m+F2OEGHmIQblyXzcgvBVVfewhABzdLdWFv5aG9MGL7hVDM73kbB6119G
J19Z4jhe7L9bsIHnslJENkX5mKJ+O/QwgNQxZdb69Rcy/ZOOMqpD4d34+uY7He6I 7YcvS1nRxsVZXGpS24814tmgJfTAhMJxD5e6lK1892NgFqfYMF8srtywZ6DJHL7N
neTd1nGXXJbiC2XWB/h242qnMO3ytWinhWoDOKa5jPvYhFE2pxvLCrDEyTdBaVcE X4FvjLZFQAhTCLUzHutYT2xmvqwVvwfdsIAd58F7LWJuhQuJkQS4i7yISvBqG0t2
DhZyiLpcBV+WRf9ihr5MIOxSIaEPtY4oqVHcxP10zWzC2sWwArpeD06P4gl0bHbn tSEjJQ44hPhxGqvWgVaG9AHOQuZSYfRCQWBcfmBfq9T+I0qINkrnwLUgAGgKMsZG
9XI2Ke5pknmrmze5KpxBt9WHi6R6HDTOkhrfmueeG39R2P9xjMG8mnlKoYFa8Om8 9qf1pEpyBjdV86nBK8JTmsIZGxPh+D3Y07E3g6bV99eZDjSuPMMN+Dv2ABB6ZZLN
hBHmKjdE+svo5p/KGv+Zs/W186NmQgfFfGvQ1U4MJkJZmTqrSvNYWCU4aC8+ySSs gglFVktPINZ27TY7k20sGBHfv9C70+tkYBkp2YwmxRMOsLVv+3fxUKQwf7SH9zYr
dlNZCRPGC2lzWQLrRc/gWwWi6wAnF4c1eNEgZxCFudkxdD6ZGFaxIULAoaxjCZ2p Y9Aojrn6xtddP9PbxQUukc7H/jxDmgYeq6fQJ67T1SaFARO+qmf2dKESUCaf+JhV
QFAzLTW4TercQOkx9trlEcspW0ALK5cUbQuy1oEUCCiTWuq2fXim/wySO1K5bA60 S7Bjbqut+FxqS4S1ru6UqOXCZc6pwTpZsopqgwrBczGKQ8g7f5xLZN0+g9N+Dy3R
Vhre/IK8/voGrN+jGhgjqyfGw49scZwVn2kdVH4zWl29sy/A5RVaonpktmSuApKg sLdOVofOeEhvFE6NGY5K50aXsMRaR2bJAVg6+ppqAE1BJWvsuqQ6TqYjefrhb3Az
1vJmbqCYLvUMvz465i2Nq6py2wOU1v+R7n1TT74afZri5iO39UrFak76Cg8JAA5l wGI/Cr51x8ncVapKw2Fsu/XjPuefaaT+7rWOBGLr1NKxWGT9Jyj9f2PhphPMLbT9
NMycqojMMGf8Kbqf8BXiRtAwubkeRg4fZSGLEfscz9F9Wtw9uc7a+He9JGEezwKM f9B0Gn63tY6tyPJIJjelCTkkE13euGDnTfkJ6FcNs7C4QWj6PwD1QL4rbgmmSAuk
CK6xCx8OPs+dWB5MQbjapbFKKpHD0f5DnppmxwwtFRG/OzJWDFAxtHSwLktf5PjN 6ThnwDhvPICgVnfLwl8B5YqQsC/TqOOwECitJgltehjKPA2BqWQ4mXqt6AT0VMNd
9Yv+rIOFvkdrzqil8J7d+uIZgVh696j0n7+b09RaC8kDsV2wQtgJrTf/ujJfaohk cC/lxYq6YRPtsFlHE5py/4pBXaAXtYFq7Ow15Dp4BF5C1ahQc5JoIw2eedzl3gy3
yE+1686S0yMfrjft8Thcw2/WY1xSY1m3nEHyh8TQWz6bRCDRGOb0+UeDqX8Uk4T0 sViHBA4O1tk3VJSNX7OPf8+N9wA4XTlYt3he58mdh0X6+3ppIVOwdcTKiBLXm5WR
8TMI520sRQ4eqesZYcr46Tq0NlEA3IMnOiglC+gDkMPXGkteHxtqxvf/ZpjuUIYF UEdMfQUgwYLGBoYbK2sLxSH2Wff+fWVJadMSHM1HaNv1vbkJBF5qi4BzxuRb3fw2
Os33urJmEoPUCa3u/qYIOZdm16InYCgMYvGKTclaPJBk8u0gcW5I+TbGiOHvBO6K T7Uo3fdy7atYq0Fp2hbWhbdN7/JVa+ZxM/HscORlPv2GiB6IVnfjrhuFXKZJ7uxw
B0/AL8HD8L5/SG8FvrVfQkPQpM1IOsJZYKG/HA3dI9YzF4m4jFkcknTN20zND3zT ZVSGkEVDZWTWZkLlO+rGS6QwR8MHIBqhsnVWG830XkdWt+BtRN9XO2wpV8Wig1H8
nfj0Ext2sjdYovcUrSSTLQGOUhH9iNgLIAiMZ5awDCvFoqDUaacRbbCyTepb4OpZ vLiFcoeftauk7alz3GU7C+/6j0tnjWTEG21tuuq7N2nflgCHcFxQWl4S/+s07/cS
gp5T3kmedHI4g69xRxaVleUuOR9qy51kuk1r9dOF71j6xm3g7GAdrq1hzecQ0Zbj INpyi3eDvuadd2JB1jFRXssI8kss1OEVdJHUXwx64nKsKAX01AA/Li2scjzqq7h6
h3RvxBb7mXM6lqfDyX04xaGYpAIhWVi+LvWx/ZHeVJfKFlEbW2Fhp7vMA/NAgeDx zntoISGSD1XuDuxu9rZmF57w9kO+EAxJnXLZRbHDMwWllaTzWK+/KJt7iBE59cuj
RloTIKX2lBKGrvrP6Fxyvf58O1WDZhLyl3ZxYQzE79Bd5udmEMql63Rv8mTvJh9M 9Tr/DF6uji/ggGvrjUfXQ+MT1JMeEGYI9RPE2p1qQNYR7MBfrdkiu3ZnPEqPD7cy
Jm2PL6czl0mtwzfzUtcXV+pnvocm6NFe9JcxPTbFjDG2XJitL9tWTDJ0At+O/dfo YLPeBLwPuAG73Td5fBROJmNFiC/KGa11/35xKL44XE9tNiGfVrWOyn5qXkSmEHSA
IK6cAQHkJdzhdXUS67SI0fg3tHFnh2gTcneK9WvOHdgzt+usBRZ/8sObd/TZHjNR 2dpbRrKfaOWTufFfd5Ssfq+3bM47Nvmg0NmoY91iLwuuhc1NHHHevibPwniprjx1
BkRzypPV+7IUyFG2KnWL4p+JytvS9NFCj9NqQreL27OHGAyXrGMBhCE2zSo4uQy6 DrAHiJ2iYifl0P8MLRZixYEoexmJ/Wr8wzw74k2F3YY0UeD5tCGX4HsF/ojoqS2q
mUHPOTGyMxtWFAKo7kUVV0gcx2gvO9RHnUgbdOgKHW18tSJmJr9V539eqtM5DOxo 9JZhh4o/OaO9JioZA6FUDWDzUOHw8xi4OpELlr5+k+4jBXZDwKycz30/xemfObx/
aYvSpQFtAbT3BLnexkIA62cQfjf3w9Q/elMu+kFHZSE8Z5jVLBk7fAtj/kzp+XPn wngRA7yJY3rJ7l1ED6sjVNPGgv8u0yzRE8m6/jCQwXKJVQi659q/iVDoU3IkEdc1
5oAHyjsea2X4ru02Le5k0HMrOuKD1DCuApCj1QT9AwL6g2nrJYGbxK+wPtvxVHxy 5PsGHTMpCBQyZxFfCzehfvfVPAkPI8Xl+GSNB4Y0kAXnM6Xb6Axd/utjE3Hcrvvu
s4vrHk+xZn+vGWiOcQsAW3YCszJabs1gILTYmHr+XaF3tmYU66732c6psL+jjvz7 D/yG+F+8q58OMxU5QBpr/HEyKLPBSXHCv37cJzG1M9qPbfwpANZ4zKWisbvEAO5z
AZr4zOxKT1RsflmSV4G/lpTfBwhwigGW5GGqOLK3TdrBstBiCnPKzy/RwVuLhx0K pz6Ddk7rhxZ+xTWiB/iXwya3JSp+Vr/HT8n27GAGuKuRqwkhWI8Qh7n1rA1s8y/N
WztB5iPv7wgvinw+baZQcB4zf13NmJaxhVGSPXUObg6pa+Ba9fRJn9hNqvY7VsWQ ozgA3FAAUS5ztb8UR8yLLRRNPpzR/j6hoYR2l4nrrFjv+hEpBXomBLXOkO03b9v/
9xy2mggE6Bae9XpSMwQlcXa24gciUAQFXqQ5iq9U8V5aCI0jiNV9prqXdOVn92O9 3QQMFTj2AXWiykafqzCXQ0Kj64g8U3D6AtCiABDCSPjUdSxzUK+H7YXoyAZai6cX
nytobRqZpKewycNKjr7DpC/BsYf31e9WTaUtHx6BaDOzHAfrEw9LLDr4Qm3+i6F4 fTKbQl4oX2JCw0yic2J1umFnTdlnLaHVc/PzeZP8w8MLXlvlGEvQx7m7mOLCkcQB
p3vQNkPci2rQ3bj0ho4+t3k5fxx6KdU72317GHlSDQvb6IRmm+kvpbpoasDpY0Ar nIDn9tMOkiZ5hyzMS5PvWWsPQM1kx0vE4fym1JJZNbZ2YMirus8t/PgC7IV1bu8b
w14HENAiWAO1Wo9NvfguhF6EgNcC9fBQlOY/M4vLuqdjXSSMOTgcazhymE4cw21K 3XIO3GorcQk4VuaeWsNYMvm9zHawpBwnR1zECeAppp5/52ivQqfsGiC/HQ3baYSI
BBHrnjX0ij52skI1AO7eoQChKDlnUrFI6D+GYqjduBN8V0F2Hf3EFgAPHXJ+OfL7 PqEOxAprd1sYNEjVlg1T/fD89Uhi2QZdzR0wuvikchOnSXtqwOXYxdOOwwkANnaO
oaRZ2NflgdR1SFuOuqJKy2+Y2ZuY6t1nxscbFEokIArBxugYQqw0RX6Ai8hpkvaC wLhqB+VLBLpiM0juL4FYTrk1wKThhy87wG1kRgWClfVRYNp7kpT4MF6J9VDMh0B8
1T0wXrynGAtjaVStPMIW+skU6PymTEvWiuBSQ8tdhB8XF7Sll0XB8T7Zr/zQ7++o pxRE5ODMq8hjIEF+7h0W2RkWUdAfrupFRnvpTJP7uelNVr73ue83BfYCpV/uPxu5
jRC6BcN+jZNOG5RKyM/QvNZ01OjEwpSX5hx5ehJ7YA6wA57KfvXVAJ0xXT/qukyS pxSIPDP+nEGqwGCp9pjhxuRGr/Dc5g+lgSOj+8PehEqdGEKfmn+xFXuaVFq2fucG
omI7gWf84F1KO+akK1K+cytSAQSm3wKP84KlrW4IxEIxHQ/zJDY1nStvA25fSyXI Myx2Fu05LVSAfDsbprzUz5vM1GJ2PEo9XcMvAo7CaLrxgukA63hg3i7Mwjd6lmQl
fTVCCih38JGb+6303Z3zbRqkyNGoZvGbwVP5DOs5yT2q2ftjtCrrcg6vIxl+9Eh5 EvkvTMkcZvojxqHJh/rfGon2nmXMep6YgKGKdKZpzRgZ6twj22NrchzDxw3RQk4X
e70ERdNXu61E6VzWVHC5npAHvMT8FUmgpZuVYLIVekQhrID/BcGaxJ6R931tZBo+ pM0SjT49ZyhJmtoREN669Htyy40mvNck0CrqVY8OUka/qsJ/f7r7HaNt53eed1rj
lVqBQlQKGepfRamIXrBfE2MbT7f1gdqODqtASZ9bIWKSeHGQZ3cCHv1E7mDxJk60 osGjUtUPOlqmi7e1TV3v+H6WPGq+uW6hNWbZwifiNkTH6AJCjDw5kutfQr8oBU/P
4nQKrnVT2Uv+kE0ErQ0l5y8fausaQbJ7ex7NeY3PZBsRME8Om0NpkjVFcVyhNFx2 5BGNWMvy+f1YCikZNW6chOI+08E24O/Ny1PscUirDR6adVNBjO3Xjqq0y2tfPvN5
kArBXpFIafPVZ405qWE8uEQIBBm+MiwYLAP8aTItvNMF8WVzhx/9Jym+UKOvVlCE 8d1PSyoh5f6qlRH4ky6SjL4BbLCzzHwQ6ke/IAHmm/s8Ge4XEroznOQXW3qKDqYy
qc+CPMhNLQaTlr7FLUFuY+dvnVIhP327mQFjKfxrmAi7+AsCWoY7tn+uAkAXY8np mTok86TkezZb9NfCB/4X0Tndfxk/x1T+00r2eLortyAO5YOwEo/HvANbdsRM9JJ0
xDv8pedqIhDMH3O2As/Y9WlPQsQ4qaMpclm1ChJ26qur9upjq4BRLSsWwpBxhtuB 0p0JCZWFEcArwthaUGDkLHVtBbT+wPYmWtyhMgSiTJrx9EpeqB6FWIZJlUts1W4G
iAez9t1KQPYkVxSAqQ+8ZDt3qmtk2jOPd+0ixstGNMWc4orbbFomGqT/xR7SAelc r/srbRe2h5OTPN43//NS/7p6OYDuJcVbAVGGxy4PES8WrhujFfSmBw8BL188sjx/
YEjxYkiq1QQwVyc1GWSIPuaMvwUPOj3FXJuaVZy0OGDCAdoH1nWVf/eHkI6LlsZ/ Kh43guhzTC8moAp+a9IM0kGXtAajHppZ7BUyncTAXsRUdOhlS7Q2fdLPOV48MyWT
VDO7JUb4FBuFYuJiR6rYA91plQcO6pZ+Z6yLKQKnvzt0pR1Va5DeY+9Z+4tKsiMb 11UhvH2fuXKJhaXequ1PE2CePSXI2x5S4anJFNoUWEw5TgRF3rkQ3p/cZm1VAy2y
fWNWcXVbAqDquIY/bRJQVBfbv6Ybgo07qnhX5rYUlB1PD29u1NGF7Mq+0jOmTOap Z+VxQud0iVE15J9jGkGGa89D4m8ng16oGrSMKZAr1Gt4ZFJ5L1dP+WyPzecvzJMY
ljRsMeF2IHNUIkEkROg8EpKuaK7VzBpj6JSfr38rrUeRaC6mOTeHR7HcGqyMrdhw xq75CrFXuWXdpGrYRGhjGa7B2fhzylSpVfLUyWA+HZq64ZNJOqzeioyamG1OkF6e
U101tf2lq9JBQ7/UA8Bmytn+u6hkkpblX9m3qIAwlGYeUuVsvxDO+iHvS/VYmYxc 6dHgjPmQUZeYckFEimIkXP9zHQPJfB8gX6gSyC+GSFIsitu9A3HEX5zS1uFDasdI
w3lhL3s8MxIl0NF60V86A/y9cHG/1sP01zQg0C8/fm+S17XRK4yBZnh3aHEfYL7B CZ5Upc20BZiybfGcwd8+allHYScidzpWei78LfcpuPfnMOf6hVdhlsfuvwV9F/ua
VjzLdq+CyYh10D4BGSTbgpmm5FdOOHkrH/dVgKK4gVd7oiqfpGG4HSJAHuozlsPb Gv0kw0+zxoDNxWhN4SqKHgYX0A1CyW/Olwb5l3s69PyUlLHTBKwf2Kth8ZCxoKpY
uaGXWC4OyIJegzXrEuRjyTtmkyVHMZy/zMegVm3/bsd8LNifJln5tQpearcRQQYR kiiEKQQLHEa7mRX8d0U2bDmkx9EKJc7Cfz3JoDHB5aRZ4sbbJO447Fhn9fnuzaTi
ZyW6o5uPfo9fgtFUVE11TrxhBTg5HTTgxHK/Ln8flMNthjiZtt/cxZNJrvi0n35U j7bDticnZymvjG13foBAJi16Pf431NsFdDYAfnmYYBFEJj/oIa5DtvidrRb+fRZv
mHJJTPe8njTcZpX/hMim6AfcIRbWAZpqNQG7J1eKh54aaLmpwu59ZcXwwm7xoy0c rkQuJ59tvEGD5hymQPEe3zqiUktPl1G6Q2jYctBjmFSM9m1eIJrfD8qNCrDlKd4Y
mwcmdI816R/OjJd+od23/2AKe0lM6WzRiSq0xpzL/JSEuGUok6VJGva2Uy6lgUFt uZJwt7XRWXirURBRk+aw0P0ZCLaWmWAKmfr+rZ8Dm8V9dO2PgjLxHRI0aEDSh/Jm
Sn7imaBwRiztK/lG8SFhhkKe+GAKxIG/OI3tSQVoDtSYKs9+uTUyjLZ1I1AMHBPd Noc2ba8YhjNwQbLTMWe3WjacbyUC9m9YqhMx5ZV6EUK+jPR7FEw158wCaV2+qFNY
Cr467p2R0twYhAfoNyrXvvqpj+hrNkqMzM9wmwyztcHaafjZ8xKLZUo7zpHzAa6Y ZKvILBoZywEqZkkeGp6zy7UJFzlVNzh7U0YyE6l0GxNFJ2fp2ViQ930TZt28wuTT
69yD5QOBai3EQbjjw1a1YfkuaIbva5AR7x95A180jbCBRXMgwYgYncJdZbeOC3BH If34N/+h1TGc4MqWcI9/4HeXZ5UV5v+gLa/sb6i0RuTrhNM50JinC1Bkqy5GrQLK
mWh0vnYZ11GIm1QAXpt8BogKlyA2JzDnUwKNPAwVPJ/BJ9PpAhR2QCnlm/DxFHvX wUOFb9PNNTNz3M6pl1HEmwbiAUAhrbUhcVQPcmneLQYpzW5/sv+s+vfx8xRujZtv
CvWLUlUTDQe6MTtYQA8eVsjWaaccQmsmMtG4TwHQ1DoV3kqElocATFI+In+nk0Xc kknt2ftLE7YedA1KvfjRis0d9J/EbzhLdIBg3mA0OBA1cIy7GKq9EIyg2FFiok3y
crJwIAJ4v8pWquibYAx2kVCWGaFz8fO2oHtlK9szgiDtP/qhlQ4cPwQ/UYff1rYi T7taZPr0BuaZqFq4UaL1Se5okrBO/gwHcNj6isnQBlIDV/m858dMMYedajIHLnWb
0nXLfCXyaNRRBS1yw9C8Xx8lnitMqqeSQ73Bp6gc5DjCMf8a3ACd8tCVinahAyLU bgsNOXjj+FxdmappOqUJKjLseFx91NBuix5d92oUM8LvWQ9iHXVk9y7KVgFxFpc/
09E4iBIb0OlK76OfDW7C1IHoehtZ/uP6xjnsHBj4EdEfsyIR22BvLBuMc2dyVHT1 lCw+UTzzBPnC0GcmJzOT8AaWkMYrnikoL4lYn9mr8wwLpJFkUOmyF/EUSiCj72Gb
H2aWmaXwKULoavwdRpFCzORYiizQ/UJUT3Lly8+oz+EgtZZlC4+cerQDgqC9T2Yy v1GmsjbgAECIjEgIMXRAC5Vx1L9zjzHhxyHOk2f6/kfbsjSl0kKUIWTlNz9JWi4/
ic6iH5swKxZCkqmHmk+QauMEaqI09xrm988zPLDv1mn/Pj49fCkrxiS4nbuM7m0s MuzXdleauhHYjE5zjaJ9Mp3KNhYNH2y8xUliSPLeX0TXyAJVKSYTtxq1JVyKTHBL
OWOmcZHgbY5osBgnlnGpknwawF1EKMnrXOa88snWRq3flXuuTiv/UTLD8B5Wv24t yVEBUFcOtAkF5Mo7nTyjUGMcHVq7+3udXz8PSmxwDUSsWbwcOAvhqyW4d/tnCHk7
aNeyBbDEbJaioOaQhDKuSdDrTHNtbuneW2+6bZGE+aRlAktzyIqUK3TncDFpvhIC wc3pMAIJUrsG/mAjy9Jc4jUsHOlzNu09w6YpDk7PyJBdm6pibyKdFbWhHxspZCwx
X4RaTGrqMmTupaSUCbTRlVYm8W5ZnmsgNdCp/b9ECQFNHMVAnX0Nfhnc1drkhwXX Ikg5iH751ka7WzT7Bnthy2Ekj7d/0R8ZeOozFZFeGscy86SiPBxT+UyhvCgwGyNQ
ajaFbhyiX/rfGsWxD+Od4f+UbdSkTvwTcakzOQGEupJM0t0nk+h1Ug0wA5/bjEDN 9YQnrKuIzxKV76nrbD/29yBzBTQAeeYJ9IgosIdqlWXqaJJNWvVeglSYdcEFpLNV
17cHZIfdw5zp0Y6A8Cfh141zfECgcNp4Zzl+b6HLiNac2aY1dIOwlOJyK1CLeiSF hKbHj0pS6OtGopX4RAl2Gybi7ZXBPR2af1HywMp4FkRi4AVYcP0CWtp6TcnkBoPy
cuXRIG4ZhidP2hQ1ac9KDPlCewh2NP2bNXMaUD1BN0wqaGRfjz+cj272rkJqN3qo 603JF3Jfoyhg1vGhCipoGx6pCa+RD2gw5VSefhZtOeukDf3BhooMQB+ya1DUCp/T
Wg/ptizrlMmp7F3A3SrSBNIS+8wRcf7Ds30z8WwN3R5slV8s2X8ZCM9x1HlsIoU7
Ntk2JjG+hW64Yy9pCUR9c5bMHMXJMST1v535hS+WWv0=

View file

@ -1,11 +1,16 @@
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.services.acme; cfg = config.${namespace}.services.acme;
in in
{ {
options = { options = {
aux.system.services.acme = { ${namespace}.services.acme = {
enable = lib.mkEnableOption "Enable the ACME client (for Let's Encrypt TLS certificates)."; enable = lib.mkEnableOption "Enable the ACME client (for Let's Encrypt TLS certificates).";
certs = lib.mkOption { certs = lib.mkOption {
default = { }; default = { };
@ -30,6 +35,6 @@ in
# /var/lib/acme/.challenges must be writable by the ACME user # /var/lib/acme/.challenges must be writable by the ACME user
# and readable by the Nginx user. The easiest way to achieve # and readable by the Nginx user. The easiest way to achieve
# this is to add the Nginx user to the ACME group. # this is to add the Nginx user to the ACME group.
users.users.nginx.extraGroups = lib.mkIf config.aux.system.services.nginx.enable [ "acme" ]; users.users.nginx.extraGroups = lib.mkIf config.${namespace}.services.nginx.enable [ "acme" ];
}; };
} }

View file

@ -1,10 +1,15 @@
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.services.apcupsd; cfg = config.${namespace}.services.apcupsd;
in in
{ {
options = { options = {
aux.system.services.apcupsd = { ${namespace}.services.apcupsd = {
enable = lib.mkEnableOption "Enables apcupsd"; enable = lib.mkEnableOption "Enables apcupsd";
configText = lib.mkOption { configText = lib.mkOption {
type = lib.types.str; type = lib.types.str;

View file

@ -1,12 +1,17 @@
# Run automatic updates. Replaces system.autoUpgrade. # Run automatic updates. Replaces system.autoUpgrade.
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.services.autoUpgrade; cfg = config.${namespace}.services.autoUpgrade;
in in
{ {
options = { options = {
aux.system.services.autoUpgrade = { ${namespace}.services.autoUpgrade = {
enable = lib.mkEnableOption "Enables automatic system updates."; enable = lib.mkEnableOption "Enables automatic system updates.";
configDir = lib.mkOption { configDir = lib.mkOption {
type = lib.types.str; type = lib.types.str;
@ -54,7 +59,7 @@ in
]; ];
# Deploy update script # Deploy update script
aux.system.nixos-operations-script.enable = true; ${namespace}.nixos-operations-script.enable = true;
# Pull and apply updates. # Pull and apply updates.
systemd = { systemd = {
@ -63,7 +68,7 @@ in
Type = "oneshot"; Type = "oneshot";
User = "root"; User = "root";
}; };
path = config.aux.system.corePackages; path = config.${namespace}.corePackages;
unitConfig.RequiresMountsFor = cfg.configDir; unitConfig.RequiresMountsFor = cfg.configDir;
script = script =
"/run/current-system/sw/bin/nixos-operations-script --operation ${cfg.operation} " "/run/current-system/sw/bin/nixos-operations-script --operation ${cfg.operation} "

View file

@ -1,16 +1,16 @@
{ {
config, config,
lib, lib,
pkgs, namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.binary-cache; cfg = config.${namespace}.services.binary-cache;
in in
{ {
options = { options = {
aux.system.services.binary-cache = { ${namespace}.services.binary-cache = {
enable = lib.mkEnableOption "Enable a binary cache hosting service."; enable = lib.mkEnableOption "Enable a binary cache hosting service.";
secretKeyFile = lib.mkOption { secretKeyFile = lib.mkOption {
default = "/var/lib/nix-binary-cache/privkey.pem"; default = "/var/lib/nix-binary-cache/privkey.pem";

View file

@ -2,15 +2,16 @@
config, config,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.boinc; cfg = config.${namespace}.services.boinc;
in in
{ {
options = { options = {
aux.system.services.boinc = { ${namespace}.services.boinc = {
enable = lib.mkEnableOption "Enables BOINC distributed computing service."; enable = lib.mkEnableOption "Enables BOINC distributed computing service.";
home = lib.mkOption { home = lib.mkOption {
default = "/var/lib/boinc"; default = "/var/lib/boinc";
@ -27,7 +28,7 @@ in
dataDir = cfg.home; dataDir = cfg.home;
extraEnvPackages = [ extraEnvPackages = [
pkgs.ocl-icd pkgs.ocl-icd
] ++ lib.optionals config.aux.system.gpu.nvidia.enable [ pkgs.linuxPackages.nvidia_x11 ]; ] ++ lib.optionals config.${namespace}.gpu.nvidia.enable [ pkgs.linuxPackages.nvidia_x11 ];
allowRemoteGuiRpc = true; allowRemoteGuiRpc = true;
}; };

View file

@ -2,15 +2,16 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.duplicacy-web; cfg = config.${namespace}.services.duplicacy-web;
in in
{ {
options = { options = {
aux.system.services.duplicacy-web = { ${namespace}.services.duplicacy-web = {
enable = lib.mkEnableOption "Enables duplicacy-web"; enable = lib.mkEnableOption "Enables duplicacy-web";
home = lib.mkOption { home = lib.mkOption {
default = "/var/lib/duplicacy-web"; default = "/var/lib/duplicacy-web";

View file

@ -1,14 +1,15 @@
{ {
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.forgejo; cfg = config.${namespace}.services.forgejo;
in in
{ {
options = { options = {
aux.system.services.forgejo = { ${namespace}.services.forgejo = {
enable = lib.mkEnableOption "Enables Forgejo Git hosting service."; enable = lib.mkEnableOption "Enables Forgejo Git hosting service.";
home = lib.mkOption { home = lib.mkOption {
default = ""; default = "";

View file

@ -2,10 +2,11 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.jellyfin; cfg = config.${namespace}.services.jellyfin;
jellyfin-audio-save = pkgs.unstable.jellyfin.overrideAttrs ( jellyfin-audio-save = pkgs.unstable.jellyfin.overrideAttrs (
finalAttrs: prevAttrs: { patches = [ ./jellyfin-audio-save-position.patch ]; } finalAttrs: prevAttrs: { patches = [ ./jellyfin-audio-save-position.patch ]; }
@ -13,7 +14,7 @@ let
in in
{ {
options = { options = {
aux.system.services.jellyfin = { ${namespace}.services.jellyfin = {
enable = lib.mkEnableOption "Enables the Jellyfin media streaming service."; enable = lib.mkEnableOption "Enables the Jellyfin media streaming service.";
home = lib.mkOption { home = lib.mkOption {
default = "/var/lib/jellyfin"; default = "/var/lib/jellyfin";
@ -30,7 +31,7 @@ in
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.users.media.enable = true; ${namespace}.users.media.enable = true;
services = { services = {
nginx.virtualHosts."${cfg.url}" = { nginx.virtualHosts."${cfg.url}" = {

View file

@ -2,14 +2,15 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.languagetool; cfg = config.${namespace}.services.languagetool;
in in
{ {
options = { options = {
aux.system.services.languagetool = { ${namespace}.services.languagetool = {
enable = lib.mkEnableOption (lib.mdDoc "Enables LanguageTool server."); enable = lib.mkEnableOption (lib.mdDoc "Enables LanguageTool server.");
auth = { auth = {
password = lib.mkOption { password = lib.mkOption {

View file

@ -1,12 +1,17 @@
# See https://wiki.nixos.org/wiki/Msmtp # See https://wiki.nixos.org/wiki/Msmtp
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.services.msmtp; cfg = config.${namespace}.services.msmtp;
in in
{ {
options = { options = {
aux.system.services.msmtp = { ${namespace}.services.msmtp = {
enable = lib.mkEnableOption "Enables mail server"; enable = lib.mkEnableOption "Enables mail server";
accounts = lib.mkOption { accounts = lib.mkOption {
type = lib.types.attrs; type = lib.types.attrs;

View file

@ -2,14 +2,15 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.netdata; cfg = config.${namespace}.services.netdata;
in in
{ {
options = { options = {
aux.system.services.netdata = { ${namespace}.services.netdata = {
enable = lib.mkEnableOption "Enables Netdata monitoring."; enable = lib.mkEnableOption "Enables Netdata monitoring.";
auth = { auth = {
user = lib.mkOption { user = lib.mkOption {

View file

@ -1,11 +1,16 @@
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.services.nginx; cfg = config.${namespace}.services.nginx;
in in
{ {
options = { options = {
aux.system.services.nginx = { ${namespace}.services.nginx = {
enable = lib.mkEnableOption "Enable the Nginx web server."; enable = lib.mkEnableOption "Enable the Nginx web server.";
virtualHosts = lib.mkOption { virtualHosts = lib.mkOption {

View file

@ -2,17 +2,18 @@
config, config,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.qbittorrent; cfg = config.${namespace}.services.qbittorrent;
UID = 850; UID = 850;
GID = 850; GID = 850;
in in
{ {
options = { options = {
aux.system.services.qbittorrent = { ${namespace}.services.qbittorrent = {
enable = lib.mkEnableOption "Enables qBittorrent."; enable = lib.mkEnableOption "Enables qBittorrent.";
home = lib.mkOption { home = lib.mkOption {
default = "/var/lib/qbittorrent"; default = "/var/lib/qbittorrent";

View file

@ -2,14 +2,15 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.rss; cfg = config.${namespace}.services.rss;
in in
{ {
options = { options = {
aux.system.services.rss = { ${namespace}.services.rss = {
enable = lib.mkEnableOption "Enables RSS hosting service via FreshRSS."; enable = lib.mkEnableOption "Enables RSS hosting service via FreshRSS.";
auth = { auth = {
password = lib.mkOption { password = lib.mkOption {

View file

@ -1,11 +1,16 @@
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.services.ssh; cfg = config.${namespace}.services.ssh;
in in
{ {
options = { options = {
aux.system.services.ssh = { ${namespace}.services.ssh = {
enable = lib.mkEnableOption "Enables SSH server."; enable = lib.mkEnableOption "Enables SSH server.";
ports = lib.mkOption { ports = lib.mkOption {
default = [ 22 ]; default = [ 22 ];

View file

@ -1,12 +1,17 @@
# See https://wiki.nixos.org/wiki/Syncthing # See https://wiki.nixos.org/wiki/Syncthing
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.services.syncthing; cfg = config.${namespace}.services.syncthing;
in in
{ {
options = { options = {
aux.system.services.syncthing = { ${namespace}.services.syncthing = {
enable = lib.mkEnableOption "Enables Syncthing."; enable = lib.mkEnableOption "Enables Syncthing.";
enableTray = lib.mkEnableOption "Enables the Syncthing Tray applet."; enableTray = lib.mkEnableOption "Enables the Syncthing Tray applet.";
home = lib.mkOption { home = lib.mkOption {
@ -36,7 +41,7 @@ in
networking.firewall.allowedTCPPorts = with cfg.web; lib.mkIf (enable && public) [ port ]; networking.firewall.allowedTCPPorts = with cfg.web; lib.mkIf (enable && public) [ port ];
services = { services = {
flatpak.packages = lib.mkIf (config.aux.system.ui.flatpak.enable && cfg.enableTray) [ flatpak.packages = lib.mkIf (config.${namespace}.ui.flatpak.enable && cfg.enableTray) [
"io.github.martchus.syncthingtray" "io.github.martchus.syncthingtray"
]; ];

View file

@ -3,15 +3,16 @@
config, config,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.services.virtualization; cfg = config.${namespace}.services.virtualization;
in in
{ {
options = { options = {
aux.system.services.virtualization = { ${namespace}.services.virtualization = {
enable = lib.mkEnableOption "Enables virtualization tools on this host."; enable = lib.mkEnableOption "Enables virtualization tools on this host.";
host = { host = {
enable = lib.mkEnableOption "Enables virtual machine hosting."; enable = lib.mkEnableOption "Enables virtual machine hosting.";

View file

@ -3,16 +3,17 @@
lib, lib,
config, config,
pkgs, pkgs,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.bluetooth; cfg = config.${namespace}.bluetooth;
in in
{ {
options = { options = {
aux.system.bluetooth = { ${namespace}.bluetooth = {
enable = lib.mkEnableOption "Enables bluetooth."; enable = lib.mkEnableOption "Enables bluetooth.";
experimental.enable = lib.mkEnableOption "Enables experimental features, like device power reporting."; experimental.enable = lib.mkEnableOption "Enables experimental features, like device power reporting.";
}; };

View file

@ -4,17 +4,18 @@
config, config,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
# Bootloader # Bootloader
let let
cfg = config.aux.system.bootloader; cfg = config.${namespace}.bootloader;
in in
{ {
options = { options = {
aux.system.bootloader = { ${namespace}.bootloader = {
enable = lib.mkOption { enable = lib.mkOption {
description = "Automatically configures the bootloader. Set to false to configure manually."; description = "Automatically configures the bootloader. Set to false to configure manually.";
type = lib.types.bool; type = lib.types.bool;

View file

@ -3,16 +3,17 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system; cfg = config.${namespace};
gitWithLibsecret = pkgs.git.override { withLibsecret = true; }; gitWithLibsecret = pkgs.git.override { withLibsecret = true; };
in in
{ {
options = { options = {
aux.system = { ${namespace} = {
packages = lib.mkOption { packages = lib.mkOption {
description = "Additional system packages to install. This is just a wrapper for environment.systemPackages."; description = "Additional system packages to install. This is just a wrapper for environment.systemPackages.";
type = lib.types.listOf lib.types.package; type = lib.types.listOf lib.types.package;
@ -71,7 +72,7 @@ in
autodetect = true; autodetect = true;
notifications = { notifications = {
wall.enable = true; wall.enable = true;
mail = lib.mkIf config.aux.system.services.msmtp.enable { mail = lib.mkIf config.${namespace}.services.msmtp.enable {
enable = true; enable = true;
mailer = "/run/wrappers/bin/sendmail"; mailer = "/run/wrappers/bin/sendmail";
sender = "${config.networking.hostName}@${config.secrets.networking.domains.primary}"; sender = "${config.networking.hostName}@${config.secrets.networking.domains.primary}";

View file

@ -1,12 +1,17 @@
# Basic system-wide text editor configuration. # Basic system-wide text editor configuration.
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.editor; cfg = config.${namespace}.editor;
in in
{ {
options = { options = {
aux.system.editor = lib.mkOption { ${namespace}.editor = lib.mkOption {
description = "Selects the default text editor."; description = "Selects the default text editor.";
default = "nano"; default = "nano";
type = lib.types.enum [ type = lib.types.enum [

View file

@ -1,6 +1,11 @@
{ lib, config, ... }: {
lib,
config,
namespace,
...
}:
let let
cfg = config.aux.system.filesystem; cfg = config.${namespace}.filesystem;
# LUKS partition will decrypt to /dev/mapper/nixos-root # LUKS partition will decrypt to /dev/mapper/nixos-root
decryptPart = "nixos-root"; decryptPart = "nixos-root";
@ -14,7 +19,7 @@ let
in in
{ {
options = { options = {
aux.system.filesystem = { ${namespace}.filesystem = {
enable = lib.mkEnableOption "Enables standard BTRFS subvolumes and parameters."; enable = lib.mkEnableOption "Enables standard BTRFS subvolumes and parameters.";
partitions = { partitions = {
boot = lib.mkOption { boot = lib.mkOption {
@ -60,7 +65,7 @@ in
boot.initrd.luks.devices.${decryptPart} = { boot.initrd.luks.devices.${decryptPart} = {
device = cfg.partitions.luks; device = cfg.partitions.luks;
# Enable TPM auto-unlocking if configured # Enable TPM auto-unlocking if configured
crypttabExtraOpts = lib.mkIf config.aux.system.bootloader.tpm2.enable [ "tpm2-device=auto" ]; crypttabExtraOpts = lib.mkIf config.${namespace}.bootloader.tpm2.enable [ "tpm2-device=auto" ];
}; };
fileSystems = { fileSystems = {
"/" = { "/" = {

View file

@ -3,14 +3,15 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.gpu; cfg = config.${namespace}.gpu;
in in
{ {
options = { options = {
aux.system.gpu = { ${namespace}.gpu = {
amd.enable = lib.mkEnableOption "Enables AMD GPU support."; amd.enable = lib.mkEnableOption "Enables AMD GPU support.";
intel.enable = lib.mkEnableOption "Enables Intel GPU support."; intel.enable = lib.mkEnableOption "Enables Intel GPU support.";
nvidia = { nvidia = {
@ -87,7 +88,7 @@ in
opengl.extraPackages = with pkgs; [ vaapiVdpau ]; opengl.extraPackages = with pkgs; [ vaapiVdpau ];
nvidia = { nvidia = {
modesetting.enable = true; modesetting.enable = true;
nvidiaSettings = config.aux.system.ui.desktops.enable; nvidiaSettings = config.${namespace}.ui.desktops.enable;
package = config.boot.kernelPackages.nvidiaPackages.stable; package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = lib.mkIf cfg.nvidia.hybrid.enable { prime = lib.mkIf cfg.nvidia.hybrid.enable {

View file

@ -1,5 +1,5 @@
# Configure basic networking options. # Configure basic networking options.
{ lib, ... }: { lib, namespace, ... }:
{ {
networking = { networking = {
# Default to DHCP. Set to false to use static IPs. # Default to DHCP. Set to false to use static IPs.

View file

@ -4,11 +4,12 @@
inputs, inputs,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
let let
cfg = config.aux.system; cfg = config.${namespace};
nixos-operations-script = pkgs.writeShellScriptBin "nixos-operations-script" ( nixos-operations-script = pkgs.writeShellScriptBin "nixos-operations-script" (
builtins.readFile ../../../../bin/nixos-operations-script.sh builtins.readFile ../../../../bin/nixos-operations-script.sh
@ -16,7 +17,7 @@ let
in in
{ {
options = { options = {
aux.system = { ${namespace} = {
retentionPeriod = lib.mkOption { retentionPeriod = lib.mkOption {
description = "How long to retain NixOS generations. Defaults to one month."; description = "How long to retain NixOS generations. Defaults to one month.";
type = lib.types.str; type = lib.types.str;
@ -28,8 +29,11 @@ in
config = lib.mkMerge [ config = lib.mkMerge [
{ {
nix = { nix = {
# Use Lix in place of Nix
package = pkgs.lix;
# Ensure we can still build when secondary caches are unavailable
extraOptions = '' extraOptions = ''
# Ensure we can still build when secondary caches are unavailable
fallback = true fallback = true
''; '';
@ -60,14 +64,14 @@ in
# Only allow these users to use Nix # Only allow these users to use Nix
allowed-users = with config.users.users; [ allowed-users = with config.users.users; [
root.name root.name
(lib.mkIf config.aux.system.users.aires.enable aires.name) (lib.mkIf config.${namespace}.users.aires.enable aires.name)
(lib.mkIf config.aux.system.users.gremlin.enable gremlin.name) (lib.mkIf config.${namespace}.users.gremlin.enable gremlin.name)
]; ];
# Avoid signature verification messages when doing remote builds # Avoid signature verification messages when doing remote builds
trusted-users = with config.users.users; [ trusted-users = with config.users.users; [
root.name root.name
(lib.mkIf config.aux.system.users.aires.enable aires.name) (lib.mkIf config.${namespace}.users.aires.enable aires.name)
]; ];
}; };
@ -92,7 +96,7 @@ in
} }
(lib.mkIf cfg.nixos-operations-script.enable { (lib.mkIf cfg.nixos-operations-script.enable {
# Enable and configure NOS # Enable and configure NOS
aux.system.packages = [ nixos-operations-script ]; ${namespace}.packages = [ nixos-operations-script ];
environment.variables."FLAKE_DIR" = config.secrets.nixConfigFolder; environment.variables."FLAKE_DIR" = config.secrets.nixConfigFolder;
}) })
]; ];

View file

@ -1,11 +1,16 @@
{ lib, config, ... }: {
lib,
config,
namespace,
...
}:
let let
cfg = config.aux.system.raid; cfg = config.${namespace}.raid;
in in
{ {
options = { options = {
aux.system.raid = { ${namespace}.raid = {
enable = lib.mkEnableOption "Enables RAID support."; enable = lib.mkEnableOption "Enables RAID support.";
storage = { storage = {
enable = lib.mkEnableOption "Enables support for the storage array."; enable = lib.mkEnableOption "Enables support for the storage array.";
@ -28,7 +33,7 @@ in
config = lib.mkMerge [ config = lib.mkMerge [
(lib.mkIf cfg.enable { boot.swraid.enable = true; }) (lib.mkIf cfg.enable { boot.swraid.enable = true; })
(lib.mkIf cfg.storage.enable { (lib.mkIf cfg.storage.enable {
aux.system.raid.enable = true; ${namespace}.raid.enable = true;
boot.swraid.mdadmConf = '' boot.swraid.mdadmConf = ''
ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb
MAILADDR ${cfg.storage.mailAddr} MAILADDR ${cfg.storage.mailAddr}

View file

@ -3,15 +3,16 @@
pkgs, pkgs,
lib, lib,
config, config,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.ui.audio; cfg = config.${namespace}.ui.audio;
in in
{ {
options = { options = {
aux.system.ui.audio = { ${namespace}.ui.audio = {
enable = lib.mkEnableOption "Enables audio."; enable = lib.mkEnableOption "Enables audio.";
enableLowLatency = lib.mkEnableOption "Enables low-latency audio (may cause crackling) per https://wiki.nixos.org/wiki/PipeWire#Low-latency_setup."; enableLowLatency = lib.mkEnableOption "Enables low-latency audio (may cause crackling) per https://wiki.nixos.org/wiki/PipeWire#Low-latency_setup.";
}; };

View file

@ -1,15 +1,20 @@
# Enables the Budgie desktop environment. # Enables the Budgie desktop environment.
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.ui.desktops.budgie; cfg = config.${namespace}.ui.desktops.budgie;
in in
{ {
options = { options = {
aux.system.ui.desktops.budgie.enable = lib.mkEnableOption "Enables the Budgie desktop environment."; ${namespace}.ui.desktops.budgie.enable = lib.mkEnableOption "Enables the Budgie desktop environment.";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.desktops.enable = true; ${namespace}.ui.desktops.enable = true;
services.xserver = { services.xserver = {
enable = true; enable = true;

View file

@ -3,15 +3,16 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.ui.desktops; cfg = config.${namespace}.ui.desktops;
in in
{ {
options = { options = {
aux.system.ui.desktops = { ${namespace}.ui.desktops = {
enable = lib.mkEnableOption "Enables base desktop environment support."; enable = lib.mkEnableOption "Enables base desktop environment support.";
xkb = lib.mkOption { xkb = lib.mkOption {
description = "The keyboard layout to use by default. Defaults to us."; description = "The keyboard layout to use by default. Defaults to us.";
@ -25,7 +26,7 @@ in
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system = { ${namespace} = {
bluetooth = { bluetooth = {
enable = true; enable = true;
experimental.enable = true; experimental.enable = true;
@ -79,7 +80,7 @@ in
enable = true; enable = true;
# Configure keymap in X11 # Configure keymap in X11
xkb = config.aux.system.ui.desktops.xkb; xkb = config.${namespace}.ui.desktops.xkb;
}; };
# Enable touchpad support (enabled by default in most desktop managers, buuuut just in case). # Enable touchpad support (enabled by default in most desktop managers, buuuut just in case).

View file

@ -4,22 +4,23 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.ui.desktops.gnome; cfg = config.${namespace}.ui.desktops.gnome;
in in
{ {
options = { options = {
aux.system.ui.desktops.gnome = { ${namespace}.ui.desktops.gnome = {
enable = lib.mkEnableOption "Enables the Gnome Desktop Environment."; enable = lib.mkEnableOption "Enables the Gnome Desktop Environment.";
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.desktops.enable = true; ${namespace}.ui.desktops.enable = true;
# Enable Gnome # Enable Gnome
services = { services = {

View file

@ -1,15 +1,20 @@
# Enables the Hyprland desktop environment. # Enables the Hyprland desktop environment.
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.ui.desktops.hyprland; cfg = config.${namespace}.ui.desktops.hyprland;
in in
{ {
options = { options = {
aux.system.ui.desktops.hyprland.enable = lib.mkEnableOption "Enables the Hyprland desktop environment."; ${namespace}.ui.desktops.hyprland.enable = lib.mkEnableOption "Enables the Hyprland desktop environment.";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.desktops.enable = true; ${namespace}.ui.desktops.enable = true;
programs.hyprland = { programs.hyprland = {
enable = true; enable = true;

View file

@ -3,22 +3,23 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
let let
cfg = config.aux.system.ui.desktops.kde; cfg = config.${namespace}.ui.desktops.kde;
in in
{ {
options = { options = {
aux.system.ui.desktops.kde = { ${namespace}.ui.desktops.kde = {
enable = lib.mkEnableOption "Enables the KDE Desktop Environment."; enable = lib.mkEnableOption "Enables the KDE Desktop Environment.";
useX11 = lib.mkEnableOption "Uses X11 instead of Wayland."; useX11 = lib.mkEnableOption "Uses X11 instead of Wayland.";
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.desktops.enable = true; ${namespace}.ui.desktops.enable = true;
programs.dconf.enable = true; programs.dconf.enable = true;

View file

@ -1,15 +1,20 @@
# Enables the XFCE desktop environment. # Enables the XFCE desktop environment.
{ config, lib, ... }: {
config,
lib,
namespace,
...
}:
let let
cfg = config.aux.system.ui.desktops.xfce; cfg = config.${namespace}.ui.desktops.xfce;
in in
{ {
options = { options = {
aux.system.ui.desktops.xfce.enable = lib.mkEnableOption "Enables the XFCE desktop environment."; ${namespace}.ui.desktops.xfce.enable = lib.mkEnableOption "Enables the XFCE desktop environment.";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.desktops.enable = true; ${namespace}.ui.desktops.enable = true;
services.xserver = { services.xserver = {
enable = true; enable = true;

View file

@ -2,16 +2,17 @@
pkgs, pkgs,
config, config,
lib, lib,
namespace,
... ...
}: }:
# Flatpak support and options # Flatpak support and options
let let
cfg = config.aux.system.ui.flatpak; cfg = config.${namespace}.ui.flatpak;
in in
{ {
options = { options = {
aux.system.ui.flatpak = { ${namespace}.ui.flatpak = {
enable = lib.mkEnableOption { description = "Enables Flatpak support."; }; enable = lib.mkEnableOption { description = "Enables Flatpak support."; };
packages = lib.mkOption { packages = lib.mkOption {
description = "Flatpak packages to install."; description = "Flatpak packages to install.";
@ -72,8 +73,8 @@ in
aggregatedIcons = pkgs.buildEnv { aggregatedIcons = pkgs.buildEnv {
name = "system-icons"; name = "system-icons";
paths = with pkgs; [ paths = with pkgs; [
(lib.mkIf config.aux.system.ui.desktops.gnome.enable gnome-themes-extra) (lib.mkIf config.${namespace}.ui.desktops.gnome.enable gnome-themes-extra)
(lib.mkIf config.aux.system.ui.desktops.kde.enable kdePackages.breeze-icons) (lib.mkIf config.${namespace}.ui.desktops.kde.enable kdePackages.breeze-icons)
papirus-icon-theme papirus-icon-theme
qogir-icon-theme qogir-icon-theme
]; ];

View file

@ -1,16 +1,17 @@
{ {
lib, lib,
config, config,
namespace,
... ...
}: }:
# Define 'aires' # Define 'aires'
let let
cfg = config.aux.system.users.aires; cfg = config.${namespace}.users.aires;
in in
{ {
options = { options = {
aux.system.users.aires = { ${namespace}.users.aires = {
enable = lib.mkEnableOption "Enables aires user account"; enable = lib.mkEnableOption "Enables aires user account";
autologin = lib.mkEnableOption "Automatically logs aires in on boot"; autologin = lib.mkEnableOption "Automatically logs aires in on boot";
}; };
@ -66,7 +67,7 @@ in
userName = config.secrets.users.aires.firstName; userName = config.secrets.users.aires.firstName;
userEmail = config.secrets.users.aires.email; userEmail = config.secrets.users.aires.email;
extraConfig = { extraConfig = {
core.editor = config.aux.system.editor; core.editor = config.${namespace}.editor;
merge.conflictStyle = "zdiff3"; merge.conflictStyle = "zdiff3";
pull.ff = "only"; pull.ff = "only";
push.autoSetupRemote = "true"; push.autoSetupRemote = "true";

View file

@ -1,5 +1,4 @@
{ lib, osConfig, ... }: _: {
{
# NOTE: Allegedly prevents random Gnome crashes. But really, it just prevents me from logging in. # NOTE: Allegedly prevents random Gnome crashes. But really, it just prevents me from logging in.
# See https://www.reddit.com/r/archlinux/comments/1erbika/fyi_if_you_experience_crashes_on_gnome_on_amd/ # See https://www.reddit.com/r/archlinux/comments/1erbika/fyi_if_you_experience_crashes_on_gnome_on_amd/
/* /*
@ -9,7 +8,7 @@
*/ */
# Additional Gnome configurations via home-manager. # Additional Gnome configurations via home-manager.
dconf.settings = lib.mkIf osConfig.aux.system.ui.desktops.gnome.enable { dconf.settings = {
"org/gnome/mutter" = { "org/gnome/mutter" = {
edge-tiling = true; edge-tiling = true;
workspaces-only-on-primary = false; workspaces-only-on-primary = false;

View file

@ -2,16 +2,17 @@
pkgs, pkgs,
lib, lib,
config, config,
namespace,
... ...
}: }:
# Define 'gremlin' user # Define 'gremlin' user
let let
cfg = config.aux.system.users.gremlin; cfg = config.${namespace}.users.gremlin;
in in
{ {
options = { options = {
aux.system.users.gremlin = { ${namespace}.users.gremlin = {
enable = lib.mkEnableOption "Enables gremlin user account"; enable = lib.mkEnableOption "Enables gremlin user account";
}; };
}; };
@ -35,7 +36,7 @@ in
}; };
# Install gremlin-specific flatpaks # Install gremlin-specific flatpaks
aux.system.ui.flatpak.packages = [ ${namespace}.ui.flatpak.packages = [
"com.google.Chrome" "com.google.Chrome"
"com.slack.Slack" "com.slack.Slack"
]; ];

View file

@ -1,13 +1,18 @@
{ lib, config, ... }: {
lib,
config,
namespace,
...
}:
# Define user for managing media files # Define user for managing media files
let let
cfg = config.aux.system.users.media; cfg = config.${namespace}.users.media;
in in
{ {
options = { options = {
aux.system.users.media = { ${namespace}.users.media = {
enable = lib.mkEnableOption "Enables media user account"; enable = lib.mkEnableOption "Enables media user account";
}; };
}; };

View file

@ -1,4 +1,4 @@
{ ... }: { namespace, ... }:
{ {
home-manager.users.root = { home-manager.users.root = {
imports = [ ../common/home-manager/zsh.nix ]; imports = [ ../common/home-manager/zsh.nix ];

View file

@ -2,6 +2,7 @@
config, config,
pkgs, pkgs,
lib, lib,
namespace,
... ...
}: }:
let let
@ -24,7 +25,7 @@ in
}; };
}; };
aux.system = { ${namespace} = {
bootloader.enable = false; # Bootloader configured in hardware-configuration.nix bootloader.enable = false; # Bootloader configured in hardware-configuration.nix
packages = with pkgs; [ packages = with pkgs; [
libraspberrypi libraspberrypi

View file

@ -1,6 +1,11 @@
# Raspberry Pi 4B # Raspberry Pi 4B
# See https://wiki.nixos.org/wiki/NixOS_on_ARM/Raspberry_Pi_4 # See https://wiki.nixos.org/wiki/NixOS_on_ARM/Raspberry_Pi_4
{ lib, modulesPath, ... }: {
lib,
modulesPath,
namespace,
...
}:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

View file

@ -4,6 +4,7 @@
home-manager, home-manager,
lib, lib,
config, config,
namespace,
... ...
}: }:
let let
@ -22,8 +23,7 @@ in
networking.hostName = hostName; networking.hostName = hostName;
# Configure the system here. # Configure the system here.
aux.system = { config.${namespace} = {
role = "workstation";
apps = { apps = {
# Define applications here # Define applications here
}; };

View file

@ -29,7 +29,7 @@ in
}; };
# Configure the main filesystem. # Configure the main filesystem.
aux.system.filesystem = { ${namespace}.filesystem = {
enable = true; enable = true;
partitions = { partitions = {
boot = "/dev/disk/by-uuid/${bootUUID}"; boot = "/dev/disk/by-uuid/${bootUUID}";

View file

@ -2,6 +2,7 @@
config, config,
lib, lib,
pkgs, pkgs,
namespace,
... ...
}: }:
@ -32,7 +33,7 @@ let
*/ */
serviceList = lib.attrsets.collect ( serviceList = lib.attrsets.collect (
x: x != "acme" && (lib.attrsets.matchAttrs { enable = true; } x) x: x != "acme" && (lib.attrsets.matchAttrs { enable = true; } x)
) config.aux.system.services; ) config.${namespace}.services;
subdomains = builtins.catAttrs "url" serviceList; subdomains = builtins.catAttrs "url" serviceList;
in in
@ -75,7 +76,7 @@ in
Type = "oneshot"; Type = "oneshot";
User = "aires"; User = "aires";
}; };
path = config.aux.system.corePackages; path = config.${namespace}.corePackages;
script = '' script = ''
/run/current-system/sw/bin/nixos-operations-script --operation build --hostname Khanda --flake ${config.secrets.nixConfigFolder} /run/current-system/sw/bin/nixos-operations-script --operation build --hostname Khanda --flake ${config.secrets.nixConfigFolder}
''; '';
@ -92,7 +93,7 @@ in
}; };
# Configure the system. # Configure the system.
aux.system = { ${namespace} = {
# Enable Secure Boot support. # Enable Secure Boot support.
bootloader = { bootloader = {
enable = true; enable = true;

View file

@ -1,5 +1,5 @@
# Minisforum UM340 # Minisforum UM340
{ modulesPath, ... }: { modulesPath, namespace, ... }:
let let
bootUUID = "D2E7-FE8F"; # The UUID of the boot partition. bootUUID = "D2E7-FE8F"; # The UUID of the boot partition.
luksUUID = "7b9c756c-ba9d-43fc-b935-7c77a70f5f1b"; # The UUID of the locked LUKS partition. luksUUID = "7b9c756c-ba9d-43fc-b935-7c77a70f5f1b"; # The UUID of the locked LUKS partition.
@ -30,7 +30,7 @@ in
}; };
# Configure the main filesystem. # Configure the main filesystem.
aux.system.filesystem = { ${namespace}.filesystem = {
enable = true; enable = true;
partitions = { partitions = {
boot = "/dev/disk/by-uuid/${bootUUID}"; boot = "/dev/disk/by-uuid/${bootUUID}";

View file

@ -1,4 +1,4 @@
{ config, ... }: { config, namespace, ... }:
let let
# Do not change this value! This tracks when NixOS was installed on your system. # Do not change this value! This tracks when NixOS was installed on your system.
@ -13,7 +13,7 @@ in
###*** Configure your system below this line. ***### ###*** Configure your system below this line. ***###
# Configure the system. # Configure the system.
aux.system = { ${namespace} = {
apps = { apps = {
development.enable = true; development.enable = true;
media.enable = true; media.enable = true;

View file

@ -4,6 +4,7 @@
lib, lib,
pkgs, pkgs,
modulesPath, modulesPath,
namespace,
... ...
}: }:
let let
@ -56,7 +57,7 @@ in
}; };
# Configure the main filesystem. # Configure the main filesystem.
aux.system.filesystem = { ${namespace}.filesystem = {
enable = true; enable = true;
partitions = { partitions = {
boot = "/dev/disk/by-uuid/${bootUUID}"; boot = "/dev/disk/by-uuid/${bootUUID}";

View file

@ -1,4 +1,9 @@
{ config, pkgs, ... }: {
config,
pkgs,
namespace,
...
}:
let let
# Do not change this value! This tracks when NixOS was installed on your system. # Do not change this value! This tracks when NixOS was installed on your system.
stateVersion = "24.05"; stateVersion = "24.05";
@ -14,9 +19,9 @@ in
system.stateVersion = stateVersion; system.stateVersion = stateVersion;
networking.hostName = hostName; networking.hostName = hostName;
custom-fonts.Freight-Pro.enable = config.aux.system.users.gremlin.enable; custom-fonts.Freight-Pro.enable = config.${namespace}.users.gremlin.enable;
aux.system = { ${namespace} = {
apps = { apps = {
development.enable = true; development.enable = true;
gaming.enable = true; gaming.enable = true;

View file

@ -1,5 +1,10 @@
# Lenovo Legion Slim 7 Gen 7 AMD (16ARHA7) # Lenovo Legion Slim 7 Gen 7 AMD (16ARHA7)
{ pkgs, modulesPath, ... }: {
pkgs,
modulesPath,
namespace,
...
}:
let let
bootUUID = "AFCB-D880"; # The UUID of the boot partition. bootUUID = "AFCB-D880"; # The UUID of the boot partition.
luksUUID = "bcf67e34-339e-40b9-8ffd-bec8f7f55248"; # The UUID of the locked LUKS partition. luksUUID = "bcf67e34-339e-40b9-8ffd-bec8f7f55248"; # The UUID of the locked LUKS partition.
@ -28,7 +33,7 @@ in
}; };
# Configure the main filesystem. # Configure the main filesystem.
aux.system.filesystem = { ${namespace}.filesystem = {
enable = true; enable = true;
partitions = { partitions = {
boot = "/dev/disk/by-uuid/${bootUUID}"; boot = "/dev/disk/by-uuid/${bootUUID}";