1
0
Fork 0

First attempt at merging Aux template with config

This commit is contained in:
Aires 2024-06-24 11:38:28 -04:00
parent d02e21ce15
commit 4a0d358baa
62 changed files with 964 additions and 524 deletions

View file

@ -33,9 +33,9 @@ sudo nixos-rebuild switch --flake .#Shura
### Running updates ### Running updates
All hosts are configured to run automatic daily updates (see `modules/base/system.nix`). You can disable this by adding `host.services.autoUpgrade = false;` to a hosts config. All hosts are configured to run automatic daily updates (see `modules/base/system.nix`). You can disable this by adding `aux.system.services.autoUpgrade = false;` to a hosts config.
Automatic updates work by `git pull`ing the latest version of the Repo from Forgejo. This repo gets updated nightly by Haven, which updates the `flake.lock` file and pushes it back up to Forgejo. Only one host needs to do this, and you can enable this feature on a host using `host.services.autoUpgrade.pushUpdates = true;`. Automatic updates work by `git pull`ing the latest version of the Repo from Forgejo. This repo gets updated nightly by Haven, which updates the `flake.lock` file and pushes it back up to Forgejo. Only one host needs to do this, and you can enable this feature on a host using `aux.system.services.autoUpgrade.pushUpdates = true;`.
#### Manually updating #### Manually updating
@ -129,7 +129,7 @@ This config uses two systems: Flakes, and Home-manager.
- Flakes are the entrypoint, via `flake.nix`. This is where Flake inputs and Flake-specific options get defined. - Flakes are the entrypoint, via `flake.nix`. This is where Flake inputs and Flake-specific options get defined.
- Home-manager configs live in the `users/` folders. - Home-manager configs live in the `users/` folders.
- Modules are stored in `modules`. All of these files are automatically imported (except home-manager modules); you simply enable the ones you want to use, and disable the ones you don't. For example, to install Flatpak, set `host.ui.flatpak.enable = true;`. - Modules are stored in `modules`. All of these files are automatically imported (except home-manager modules); you simply enable the ones you want to use, and disable the ones you don't. For example, to install Flatpak, set `aux.system.ui.flatpak.enable = true;`.
- After adding a new module, make sure to `git add` it. - After adding a new module, make sure to `git add` it.
### Features ### Features

View file

@ -138,11 +138,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1719037157, "lastModified": 1719180626,
"narHash": "sha256-aOKd8+mhBsLQChCu1mn/W5ww79ta5cXVE59aJFrifM8=", "narHash": "sha256-vZAzm5KQpR6RGple1dzmSJw5kPivES2heCFM+ZWkt0I=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "cd886711998fe5d9ff7979fdd4b4cbd17b1f1511", "rev": "6b1f90a8ff92e81638ae6eb48cd62349c3e387bb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -181,39 +181,35 @@
"locked": { "locked": {
"lastModified": 1718590005, "lastModified": 1718590005,
"narHash": "sha256-fiWc1ZyMlTXXSjcmoEQ+NHhIgtcImPHszbOu5c515cU=", "narHash": "sha256-fiWc1ZyMlTXXSjcmoEQ+NHhIgtcImPHszbOu5c515cU=",
"ref": "release-2.90",
"rev": "98d0249d5c7f5dcc1d2436c4829f073fca668f80", "rev": "98d0249d5c7f5dcc1d2436c4829f073fca668f80",
"revCount": 15785, "type": "tarball",
"type": "git", "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/98d0249d5c7f5dcc1d2436c4829f073fca668f80.tar.gz"
"url": "https://git@git.lix.systems/lix-project/lix"
}, },
"original": { "original": {
"ref": "release-2.90", "type": "tarball",
"type": "git", "url": "https://git.lix.systems/lix-project/lix/archive/release-2.90.tar.gz"
"url": "https://git@git.lix.systems/lix-project/lix"
} }
}, },
"lix-module": { "lix-module": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_2",
"flakey-profile": "flakey-profile", "flakey-profile": "flakey-profile",
"lix": [ "lix": "lix",
"lix"
],
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1718778751, "lastModified": 1718778660,
"narHash": "sha256-DdcMvX9r29uHMlz7P1Shgs5xZw9WkZ4ObMGYzwROAiw=", "narHash": "sha256-1xP1r7tNTSJYYQr+6wwhkJk3P5REuN8WHARa7Re8T/0=",
"ref": "refs/heads/main", "ref": "release-2.90",
"rev": "909e593ae9f5fe338ab19b4ed9d52bb0ea09bad8", "rev": "376ecb80385642329ce274abda2da0bc7b7906c9",
"revCount": 90, "revCount": 89,
"type": "git", "type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module" "url": "https://git.lix.systems/lix-project/nixos-module"
}, },
"original": { "original": {
"ref": "release-2.90",
"type": "git", "type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module" "url": "https://git.lix.systems/lix-project/nixos-module"
} }
@ -237,11 +233,10 @@
"nix-secrets": { "nix-secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"dirtyRev": "2d4a2ed35119a4d17b06cc5e378d72ec7f1926b3-dirty",
"dirtyShortRev": "2d4a2ed-dirty",
"lastModified": 1718889003, "lastModified": 1718889003,
"narHash": "sha256-VROhiB20ZgngCPVcYy1ZRmLZm3DmFbEjVjQPP55AMQc=", "narHash": "sha256-lXuHgFvK+QxBQd4LM8XMeFwp6QUgGVC9ccaY+q+piWY=",
"ref": "refs/heads/main",
"rev": "2d4a2ed35119a4d17b06cc5e378d72ec7f1926b3",
"revCount": 46,
"type": "git", "type": "git",
"url": "file:./nix-secrets" "url": "file:./nix-secrets"
}, },
@ -252,18 +247,18 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1719069430, "lastModified": 1719145664,
"narHash": "sha256-d9KzCJv3UG6nX9Aur5OSEf4Uj+ywuxojhiCiRKYVzXA=", "narHash": "sha256-+0bBlerLxsHUJcKPDWZM1wL3V9bzCFjz+VyRTG8fnUA=",
"ref": "master", "owner": "NixOS",
"rev": "e8232c132a95ddc62df9d404120ad4ff53862910", "repo": "nixos-hardware",
"revCount": 1741, "rev": "c3e48cbd88414f583ff08804eb57b0da4c194f9e",
"type": "git", "type": "github"
"url": "https://github.com/NixOS/nixos-hardware"
}, },
"original": { "original": {
"owner": "NixOS",
"ref": "master", "ref": "master",
"type": "git", "repo": "nixos-hardware",
"url": "https://github.com/NixOS/nixos-hardware" "type": "github"
} }
}, },
"nixpkgs": { "nixpkgs": {
@ -300,15 +295,15 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1718895438, "lastModified": 1719075281,
"narHash": "sha256-k3JqJrkdoYwE3fHE6xGDY676AYmyh4U2Zw+0Bwe5DLU=", "narHash": "sha256-CyyxvOwFf12I91PBWz43iGT1kjsf5oi6ax7CrvaMyAo=",
"owner": "NixOS", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d603719ec6e294f034936c0d0dc06f689d91b6c3", "rev": "a71e967ef3694799d0c418c98332f7ff4cc5f6af",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "nixos",
"ref": "nixos-unstable", "ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
@ -345,7 +340,6 @@
"inputs": { "inputs": {
"home-manager": "home-manager", "home-manager": "home-manager",
"lanzaboote": "lanzaboote", "lanzaboote": "lanzaboote",
"lix": "lix",
"lix-module": "lix-module", "lix-module": "lix-module",
"nix-flatpak": "nix-flatpak", "nix-flatpak": "nix-flatpak",
"nix-secrets": "nix-secrets", "nix-secrets": "nix-secrets",

View file

@ -4,35 +4,32 @@
description = "Aires' system Flake"; description = "Aires' system Flake";
inputs = { inputs = {
# Track base packagese # Import the desired Nix channel. Defaults to unstable, which uses a fully tested rolling release model.
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; # You can find a list of channels at https://nixos.wiki/wiki/Nix_channels
# To follow a different channel, replace `nixos-unstable` with the channel name, e.g. `nixos-24.05`.
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
# Replace Nix with Lix: https://lix.systems/ # Use Lix in place of Nix.
lix = { # If you'd rather use regular Nix, remove `lix-module.nixosModules.default` from the `modules` section below.
#url = "git+https://git@git.lix.systems/lix-project/lix?ref=refs/tags/2.90-beta.1"; # To learn more about Lix, see https://lix.systems/
url = "git+https://git@git.lix.systems/lix-project/lix?ref=release-2.90";
flake = false;
};
lix-module = { lix-module = {
url = "git+https://git.lix.systems/lix-project/nixos-module"; url = "git+https://git.lix.systems/lix-project/nixos-module?ref=release-2.90";
inputs.lix.follows = "lix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# SecureBoot support
lanzaboote.url = "github:nix-community/lanzaboote/v0.4.0";
# Flatpak support # Flatpak support
nix-flatpak.url = "github:gmodena/nix-flatpak/v0.4.1"; nix-flatpak.url = "github:gmodena/nix-flatpak/v0.4.1";
# Hardware configurations # SecureBoot support
#nixos-hardware.url = "git+https://code.8bitbuddhism.com/aires/nixos-hardware?ref=master"; lanzaboote.url = "github:nix-community/lanzaboote/v0.4.0";
nixos-hardware.url = "git+https://github.com/NixOS/nixos-hardware?ref=master";
# Home-manager # NixOS hardware quirks
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
# Home-manager support
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list where available inputs.nixpkgs.follows = "nixpkgs";
}; };
# "Secrets management" # "Secrets management"
@ -47,12 +44,12 @@
outputs = outputs =
inputs@{ inputs@{
self, self,
nixpkgs,
lanzaboote,
nix-flatpak,
home-manager, home-manager,
nixos-hardware, lanzaboote,
lix-module, lix-module,
nix-flatpak,
nixos-hardware,
nixpkgs,
nix-secrets, nix-secrets,
... ...
}: }:
@ -63,15 +60,9 @@
"x86_64-linux" "x86_64-linux"
"aarch64-linux" "aarch64-linux"
] (system: function nixpkgs.legacyPackages.${system}); ] (system: function nixpkgs.legacyPackages.${system});
config.allowUnfree = true;
# Define shared modules and imports # Define shared modules and imports
defaultModules = [ defaultModules = [
{
_module.args = {
inherit inputs;
};
}
./modules/autoimport.nix ./modules/autoimport.nix
(import nix-secrets) (import nix-secrets)
lix-module.nixosModules.default lix-module.nixosModules.default
@ -79,6 +70,9 @@
nix-flatpak.nixosModules.nix-flatpak nix-flatpak.nixosModules.nix-flatpak
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
_module.args = {
inherit inputs;
};
home-manager = { home-manager = {
/* /*
When running, Home Manager will use the global package cache. When running, Home Manager will use the global package cache.

View file

@ -4,7 +4,7 @@
system.stateVersion = "24.05"; system.stateVersion = "24.05";
host = { aux.system = {
role = "workstation"; role = "workstation";
apps = { apps = {
development.enable = true; development.enable = true;

View file

@ -22,8 +22,8 @@ in
system.stateVersion = "24.05"; system.stateVersion = "24.05";
host = { aux.system = {
role = "server"; apps.tmux.enable = true;
services = { services = {
acme = { acme = {
enable = true; enable = true;

View file

@ -1,27 +1,63 @@
{ pkgs, lib, ... }: {
config,
lib,
pkgs,
...
}:
let
# Do not change this value! This tracks when NixOS was installed on your system.
stateVersion = "24.05";
in
{ {
imports = [ ./hardware-configuration.nix ]; imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05"; system.stateVersion = stateVersion;
system.autoUpgrade.enable = lib.mkForce false;
host = { ###*** Configure your system below this line. ***###
role = "workstation"; # Set your time zone.
apps = { # To see all available timezones, run `timedatectl list-timezones`.
development.enable = true; time.timeZone = "America/New_York";
media.enable = true;
office.enable = true; # Configure the system.
recording.enable = true; aux.system = {
social.enable = true; # Enable to allow unfree (e.g. closed source) packages.
writing = { # Some settings may override this (e.g. enabling Nvidia GPU support).
enable = true; # https://nixos.org/manual/nixpkgs/stable/#sec-allow-unfree
languagetool.enable = false; allowUnfree = false;
};
}; # Enable Secure Boot support.
ui = { # IMPORTANT: Read the README before enabling this option!
flatpak.enable = true; bootloader.secureboot.enable = false;
gnome.enable = true;
# Change the default text editor. Options are "emacs", "nano", or "vim".
editor = "nano";
ui.flatpak = {
# Enable Flatpak support.
enable = true;
# Define Flatpak packages to install.
packages = [
"com.github.tchx84.Flatseal"
"com.github.wwmm.easyeffects"
"md.obsidian.Obsidian"
"net.waterfox.waterfox"
"org.keepassxc.KeePassXC"
];
}; };
# Additional system packages to install.
packages = [ ];
# Change how long old generations are kept for.
retentionPeriod = "30d";
# Enable GPU support.
gpu.intel.enable = true;
ui.desktops.gnome.enable = true;
users.aires = { users.aires = {
enable = true; enable = true;
services = { services = {
@ -37,9 +73,6 @@
# Build remotely # Build remotely
nix.distributedBuilds = true; nix.distributedBuilds = true;
# Enable thermal control
services.thermald.enable = true;
# Limit the number of cores Nix can use # Limit the number of cores Nix can use
nix.settings.cores = 10; nix.settings.cores = 10;

View file

@ -0,0 +1,51 @@
{ pkgs, lib, ... }:
{
imports = [ ./hardware-configuration.nix ];
system.stateVersion = "24.05";
system.autoUpgrade.enable = lib.mkForce false;
aux.system = {
role = "workstation";
apps = {
development.enable = true;
media.enable = true;
office.enable = true;
recording.enable = true;
social.enable = true;
writing = {
enable = true;
languagetool.enable = false;
};
};
ui = {
flatpak.enable = true;
gnome.enable = true;
};
users.aires = {
enable = true;
services = {
syncthing = {
enable = true;
autostart = true;
enableTray = false;
};
};
};
};
# Build remotely
nix.distributedBuilds = true;
# Enable thermal control
services.thermald.enable = true;
# Limit the number of cores Nix can use
nix.settings.cores = 10;
# Configure the virtual machine created by nixos-rebuild build-vm
virtualisation.vmVariant.virtualisation = {
memorySize = 2048;
cores = 2;
};
}

View file

@ -111,10 +111,6 @@
# Install/configure additional drivers, particularly for touch # Install/configure additional drivers, particularly for touch
environment.systemPackages = with pkgs; [ libwacom-surface ]; environment.systemPackages = with pkgs; [ libwacom-surface ];
microsoft-surface = {
ipts.enable = true;
surface-control.enable = true;
};
# NOTE: Use a default kernel to skip full kernel rebuilds # NOTE: Use a default kernel to skip full kernel rebuilds
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; # boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;

View file

@ -10,8 +10,8 @@
system.stateVersion = "24.05"; system.stateVersion = "24.05";
host = { aux.system = {
role = "server"; apps.tmux.enable = true;
users.aires.enable = true; users.aires.enable = true;
boot.enable = false; boot.enable = false;
services.ssh = { services.ssh = {

View file

@ -28,7 +28,7 @@ in
system.stateVersion = "24.05"; system.stateVersion = "24.05";
host = { aux.system = {
role = "workstation"; role = "workstation";
apps = { apps = {
development.enable = true; development.enable = true;

View file

@ -13,7 +13,7 @@
system.stateVersion = "24.05"; system.stateVersion = "24.05";
host = { aux.system = {
role = "workstation"; role = "workstation";
apps = { apps = {
# Define applications here # Define applications here

View file

@ -6,12 +6,12 @@
}: }:
let let
cfg = config.host.apps.development; cfg = config.aux.system.apps.development;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.development = { aux.system.apps.development = {
enable = mkEnableOption (mdDoc "Enables development tools"); enable = mkEnableOption (mdDoc "Enables development tools");
kubernetes.enable = mkEnableOption (mdDoc "Enables kubectl, virtctl, and similar tools."); kubernetes.enable = mkEnableOption (mdDoc "Enables kubectl, virtctl, and similar tools.");
}; };
@ -19,7 +19,7 @@ with lib;
config = mkMerge [ config = mkMerge [
(mkIf cfg.enable { (mkIf cfg.enable {
host.ui.flatpak.enable = true; aux.system.ui.flatpak.enable = true;
services.flatpak.packages = [ "com.vscodium.codium" ]; services.flatpak.packages = [ "com.vscodium.codium" ];
}) })

View file

@ -1,16 +1,16 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.apps.dj; cfg = config.aux.system.apps.dj;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.dj.enable = mkEnableOption (mdDoc "Enables DJing tools (i.e. Mixxx)"); aux.system.apps.dj.enable = mkEnableOption (mdDoc "Enables DJing tools (i.e. Mixxx)");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; aux.system.ui.flatpak.enable = true;
services.flatpak.packages = [ "org.mixxx.Mixxx" ]; services.flatpak.packages = [ "org.mixxx.Mixxx" ];
}; };

View file

@ -7,7 +7,7 @@
# Gaming-related settings # Gaming-related settings
let let
cfg = config.host.apps.gaming; cfg = config.aux.system.apps.gaming;
reset-controllers-script = pkgs.writeShellScriptBin "reset-controllers" '' reset-controllers-script = pkgs.writeShellScriptBin "reset-controllers" ''
#!/usr/bin/env bash #!/usr/bin/env bash
sudo rmmod hid_xpadneo && sudo modprobe hid_xpadneo sudo rmmod hid_xpadneo && sudo modprobe hid_xpadneo
@ -17,11 +17,11 @@ in
with lib; with lib;
{ {
options = { options = {
host.apps.gaming.enable = mkEnableOption (mdDoc "Enables gaming features"); aux.system.apps.gaming.enable = mkEnableOption (mdDoc "Enables gaming features");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; aux.system.ui.flatpak.enable = true;
services.flatpak.packages = [ services.flatpak.packages = [
"gg.minion.Minion" "gg.minion.Minion"
"com.valvesoftware.Steam" "com.valvesoftware.Steam"

View file

@ -6,12 +6,12 @@
}: }:
let let
cfg = config.host.apps.kdeconnect; cfg = config.aux.system.apps.kdeconnect;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.kdeconnect.enable = mkEnableOption (mdDoc "Enables KDE Connect"); aux.system.apps.kdeconnect.enable = mkEnableOption (mdDoc "Enables KDE Connect");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

View file

@ -1,16 +1,16 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.apps.media; cfg = config.aux.system.apps.media;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.media.enable = mkEnableOption (mdDoc "Enables media playback and editing apps"); aux.system.apps.media.enable = mkEnableOption (mdDoc "Enables media playback and editing apps");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; aux.system.ui.flatpak.enable = true;
services.flatpak = { services.flatpak = {
packages = [ packages = [

View file

@ -1,16 +1,16 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.apps.office; cfg = config.aux.system.apps.office;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.office.enable = mkEnableOption (mdDoc "Enables office and workstation apps"); aux.system.apps.office.enable = mkEnableOption (mdDoc "Enables office and workstation apps");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; aux.system.ui.flatpak.enable = true;
services.flatpak.packages = [ services.flatpak.packages = [
"org.onlyoffice.desktopeditors" "org.onlyoffice.desktopeditors"

View file

@ -1,16 +1,16 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.apps.recording; cfg = config.aux.system.apps.recording;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.recording.enable = mkEnableOption (mdDoc "Enables video editing tools"); aux.system.apps.recording.enable = mkEnableOption (mdDoc "Enables video editing tools");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
host.ui.flatpak.enable = true; aux.system.ui.flatpak.enable = true;
services.flatpak.packages = [ services.flatpak.packages = [
"com.obsproject.Studio" "com.obsproject.Studio"

View file

@ -6,12 +6,12 @@
}: }:
let let
cfg = config.host.apps.social; cfg = config.aux.system.apps.social;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.social.enable = mkEnableOption (mdDoc "Enables chat apps"); aux.system.apps.social.enable = mkEnableOption (mdDoc "Enables chat apps");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -21,7 +21,7 @@ with lib;
beeper beeper
]; ];
host.ui.flatpak.enable = true; aux.system.ui.flatpak.enable = true;
services.flatpak.packages = [ "com.discordapp.Discord" ]; services.flatpak.packages = [ "com.discordapp.Discord" ];
}; };
} }

View file

@ -6,12 +6,12 @@
}: }:
let let
cfg = config.host.apps.tmux; cfg = config.aux.system.apps.tmux;
in in
with lib; with lib;
{ {
options = { options = {
host.apps.tmux.enable = mkEnableOption (mdDoc "Enables tmux - terminal multiplexer"); aux.system.apps.tmux.enable = mkEnableOption (mdDoc "Enables tmux - terminal multiplexer");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

View file

@ -6,11 +6,11 @@
}: }:
let let
cfg = config.host.apps.writing; cfg = config.aux.system.apps.writing;
in in
{ {
options = { options = {
host.apps.writing = { aux.system.apps.writing = {
enable = lib.mkEnableOption (lib.mdDoc "Enables writing and editing tools"); enable = lib.mkEnableOption (lib.mdDoc "Enables writing and editing tools");
languagetool = { languagetool = {
enable = lib.mkEnableOption (lib.mdDoc "Enables local Language Tool server."); enable = lib.mkEnableOption (lib.mdDoc "Enables local Language Tool server.");

View file

@ -1,67 +0,0 @@
{
config,
lib,
pkgs,
...
}:
# Bootloader
let
cfg = config.host.boot;
in
with lib;
{
options = {
host.boot = {
enable = mkOption {
description = "Automatically configures the bootloader. Set to false to configure manually.";
type = types.bool;
default = true;
};
secureboot.enable = mkOption {
description = "Enables Secureboot";
type = types.bool;
default = true;
};
};
};
config = mkIf cfg.enable (mkMerge [
(mkIf cfg.secureboot.enable {
boot = {
# Enable Secure Boot
bootspec.enable = true;
# Disable systemd-boot. We lanzaboote now.
loader.systemd-boot.enable = false;
loader.efi.canTouchEfiVariables = true;
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
# Increase bootloader font size
lanzaboote.settings.console-mode = "auto";
};
# Set up TPM. See https://nixos.wiki/wiki/TPM
# After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module
environment.systemPackages = with pkgs; [ tpm2-tss ];
security.tpm2 = {
enable = true;
pkcs11.enable = true;
tctiEnvironment.enable = true;
};
})
# Plain boot
(mkIf (!cfg.secureboot.enable) {
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
};
})
]);
}

View file

@ -1,65 +0,0 @@
# Nix configuration
{
pkgs,
config,
lib,
inputs,
...
}:
{
nix = {
settings = {
# Enable Flakes
experimental-features = [
"nix-command"
"flakes"
];
# Use Lix instead of Nix
substituters = [ "https://cache.lix.systems" ];
trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ];
# Only allow these users to use Nix
allowed-users = [
"root"
config.users.users.aires.name
];
# Avoid signature verification messages when doing remote builds
trusted-users = [
config.users.users.aires.name
] ++ lib.optionals (config.host.users.gremlin.enable) [ config.users.users.gremlin.name ];
};
# Enable periodic nix store optimization
optimise.automatic = true;
# Configure NixOS to use the same software channel as Flakes
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
# Configure remote build machines (mainly Haven)
# To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config
buildMachines = [
{
hostName = "haven";
systems = [
"x86_64-linux"
"aarch64-linux"
];
protocol = "ssh-ng";
supportedFeatures = [
"nixos-test"
"kvm"
"benchmark"
"big-parallel"
];
}
];
# When using a builder, use its package store
extraOptions = ''
builders-use-substitutes = true
'';
};
}

View file

@ -1,57 +0,0 @@
{
lib,
config,
pkgs,
...
}:
let
cfg = config.host.role;
in
{
options = {
host.role = lib.mkOption {
type = lib.types.enum [
"server"
"workstation"
];
};
};
config = lib.mkMerge [
# Servers
(lib.mkIf (cfg == "server") {
host.apps.tmux.enable = true;
environment.systemPackages = with pkgs; [
htop
mdadm
];
})
# Workstations
(lib.mkIf (cfg == "workstation") {
host.ui = {
audio.enable = true;
bluetooth.enable = true;
gnome.enable = true;
flatpak.enable = true;
};
boot = {
# Enable Plymouth
plymouth.enable = true;
plymouth.theme = "bgrt";
# Increase minimum log level. This removes ACPI errors from the boot screen.
consoleLogLevel = 1;
# Add kernel parameters
kernelParams = [
"quiet"
"splash"
];
initrd.verbose = false;
};
})
];
}

View file

@ -1,86 +0,0 @@
# System options
{
pkgs,
config,
lib,
...
}:
{
# Set up the environment
environment = {
# Install base packages
systemPackages = with pkgs; [
bash
dconf # Needed to fix an issue with Home-manager. See https://github.com/nix-community/home-manager/issues/3113
direnv
git
home-manager
nano
p7zip
fastfetch
nh # Nix Helper: https://github.com/viperML/nh
];
variables = {
EDITOR = "nano"; # Set default editor to nano
};
};
# Configure automatic updates for all hosts
host.services.autoUpgrade = {
enable = true;
configDir = config.secrets.nixConfigFolder;
onCalendar = "daily";
user = config.users.users.aires.name;
};
services = {
# Enable fwupd (firmware updater)
fwupd.enable = true;
# Enable trim on supported drives
fstrim.enable = true;
# Autoscrub BTRFS partitions
btrfs.autoScrub = lib.mkIf (config.fileSystems."/".fsType == "btrfs") {
enable = true;
interval = "weekly";
fileSystems = [ "/" ];
};
# Allow systemd user services to keep running after the user has logged out
logind.killUserProcesses = false;
# Enable disk monitoring
smartd = {
enable = true;
autodetect = true;
notifications.wall.enable = true;
};
};
# Reduce logout stop timer duration
systemd.extraConfig = ''
DefaultTimeoutStopSec=30s
'';
# Set your time zone.
time.timeZone = "America/New_York";
# Select internationalisation properties.
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
};
}

View file

@ -2,11 +2,11 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.services.myModule; cfg = config.aux.system.services.myModule;
in in
{ {
options = { options = {
host.services.myModule = { aux.system.services.myModule = {
enable = lib.mkEnableOption (lib.mdDoc "Enables this example module."); enable = lib.mkEnableOption (lib.mdDoc "Enables this example module.");
attributes = lib.mkOption { attributes = lib.mkOption {
default = { }; default = { };

View file

@ -1,11 +1,11 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.services.acme; cfg = config.aux.system.services.acme;
in in
{ {
options = { options = {
host.services.acme = { aux.system.services.acme = {
enable = lib.mkEnableOption ( enable = lib.mkEnableOption (
lib.mdDoc "Enable the ACME client (for Let's Encrypt TLS certificates)." lib.mdDoc "Enable the ACME client (for Let's Encrypt TLS certificates)."
); );
@ -34,6 +34,6 @@ in
# /var/lib/acme/.challenges must be writable by the ACME user # /var/lib/acme/.challenges must be writable by the ACME user
# and readable by the Nginx user. The easiest way to achieve # and readable by the Nginx user. The easiest way to achieve
# this is to add the Nginx user to the ACME group. # this is to add the Nginx user to the ACME group.
users.users.nginx.extraGroups = lib.mkIf config.host.services.nginx.enable [ "acme" ]; users.users.nginx.extraGroups = lib.mkIf config.aux.system.services.nginx.enable [ "acme" ];
}; };
} }

View file

@ -5,11 +5,11 @@
... ...
}: }:
let let
cfg = config.host.services.airsonic; cfg = config.aux.system.services.airsonic;
in in
{ {
options = { options = {
host.services.airsonic = { aux.system.services.airsonic = {
autostart = lib.mkEnableOption (lib.mdDoc "Automatically starts Airsonic at boot."); autostart = lib.mkEnableOption (lib.mdDoc "Automatically starts Airsonic at boot.");
enable = lib.mkEnableOption (lib.mdDoc "Enables Airsonic Advanced media streaming service."); enable = lib.mkEnableOption (lib.mdDoc "Enables Airsonic Advanced media streaming service.");
home = lib.mkOption { home = lib.mkOption {
@ -21,7 +21,7 @@ in
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
host.users.media.enable = true; aux.system.users.media.enable = true;
users.users.airsonic.extraGroups = [ "media" ]; users.users.airsonic.extraGroups = [ "media" ];
services = { services = {

View file

@ -5,12 +5,12 @@
... ...
}: }:
let let
cfg = config.host.services.apcupsd; cfg = config.aux.system.services.apcupsd;
in in
with lib; with lib;
{ {
options = { options = {
host.services.apcupsd = { aux.system.services.apcupsd = {
enable = mkEnableOption (mdDoc "Enables apcupsd"); enable = mkEnableOption (mdDoc "Enables apcupsd");
configText = lib.mkOption { configText = lib.mkOption {
type = lib.types.str; type = lib.types.str;

View file

@ -7,7 +7,7 @@
}: }:
let let
cfg = config.host.services.autoUpgrade; cfg = config.aux.system.services.autoUpgrade;
# List of packages to include in each service's $PATH # List of packages to include in each service's $PATH
pathPkgs = with pkgs; [ pathPkgs = with pkgs; [
@ -25,7 +25,7 @@ let
in in
{ {
options = { options = {
host.services.autoUpgrade = { aux.system.services.autoUpgrade = {
enable = lib.mkOption { enable = lib.mkOption {
default = true; default = true;
type = lib.types.bool; type = lib.types.bool;

View file

@ -6,11 +6,11 @@
}: }:
let let
cfg = config.host.services.boinc; cfg = config.aux.system.services.boinc;
in in
{ {
options = { options = {
host.services.boinc.enable = lib.mkEnableOption ( aux.system.services.boinc.enable = lib.mkEnableOption (
lib.mdDoc "Enables BOINC distributed computing service." lib.mdDoc "Enables BOINC distributed computing service."
); );
}; };

View file

@ -7,11 +7,11 @@
}: }:
let let
cfg = config.host.services.cache; cfg = config.aux.system.services.cache;
in in
{ {
options = { options = {
host.services.cache = { aux.system.services.cache = {
enable = lib.mkEnableOption (lib.mdDoc "Enables binary cache hosting."); enable = lib.mkEnableOption (lib.mdDoc "Enables binary cache hosting.");
secretKeyFile = lib.mkOption { secretKeyFile = lib.mkOption {
default = "/var/cache-priv-key.pem"; default = "/var/cache-priv-key.pem";

View file

@ -6,13 +6,13 @@
}: }:
let let
cfg = config.host.services.duplicacy-web; cfg = config.aux.system.services.duplicacy-web;
duplicacy-web = pkgs.callPackage ../../packages/duplicacy-web.nix { inherit pkgs lib; }; duplicacy-web = pkgs.callPackage ../../packages/duplicacy-web.nix { inherit pkgs lib; };
in in
with lib; with lib;
rec { rec {
options = { options = {
host.services.duplicacy-web = { aux.system.services.duplicacy-web = {
enable = mkEnableOption (mdDoc "Enables duplicacy-web"); enable = mkEnableOption (mdDoc "Enables duplicacy-web");
autostart = mkOption { autostart = mkOption {
default = true; default = true;

View file

@ -5,7 +5,7 @@
... ...
}: }:
let let
cfg = config.host.services.forgejo; cfg = config.aux.system.services.forgejo;
cli-cfg = config.services.forgejo; cli-cfg = config.services.forgejo;
forgejo-cli = pkgs.writeScriptBin "forgejo-cli" '' forgejo-cli = pkgs.writeScriptBin "forgejo-cli" ''
@ -23,7 +23,7 @@ let
in in
{ {
options = { options = {
host.services.forgejo = { aux.system.services.forgejo = {
autostart = lib.mkEnableOption (lib.mdDoc "Automatically starts Forgejo at boot."); autostart = lib.mkEnableOption (lib.mdDoc "Automatically starts Forgejo at boot.");
enable = lib.mkEnableOption (lib.mdDoc "Enables Forgejo Git hosting service."); enable = lib.mkEnableOption (lib.mdDoc "Enables Forgejo Git hosting service.");
domain = lib.mkOption { domain = lib.mkOption {

View file

@ -5,12 +5,12 @@
... ...
}: }:
let let
cfg = config.host.services.k3s; cfg = config.aux.system.services.k3s;
in in
with lib; with lib;
{ {
options = { options = {
host.services.k3s = { aux.system.services.k3s = {
enable = mkEnableOption (mdDoc "Enables K3s"); enable = mkEnableOption (mdDoc "Enables K3s");
role = mkOption { role = mkOption {
default = "server"; default = "server";

View file

@ -2,19 +2,19 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.services.msmtp; cfg = config.aux.system.services.msmtp;
in in
with lib; with lib;
{ {
options = { options = {
host.services.msmtp.enable = mkEnableOption (mdDoc "Enables mail server"); aux.system.services.msmtp.enable = mkEnableOption (mdDoc "Enables mail server");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.msmtp = { programs.msmtp = {
enable = true; enable = true;
accounts.default = { accounts.default = {
host = config.secrets.services.msmtp.host; aux.system = config.secrets.services.msmtp.host;
user = config.secrets.services.msmtp.user; user = config.secrets.services.msmtp.user;
password = config.secrets.services.msmtp.password; password = config.secrets.services.msmtp.password;
auth = true; auth = true;

View file

@ -1,11 +1,11 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.services.nginx; cfg = config.aux.system.services.nginx;
in in
{ {
options = { options = {
host.services.nginx = { aux.system.services.nginx = {
autostart = lib.mkEnableOption (lib.mdDoc "Whether to autostart Nginx at boot."); autostart = lib.mkEnableOption (lib.mdDoc "Whether to autostart Nginx at boot.");
enable = lib.mkEnableOption (lib.mdDoc "Enable the Nginx web server."); enable = lib.mkEnableOption (lib.mdDoc "Enable the Nginx web server.");

View file

@ -1,11 +1,11 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.host.services.ssh; cfg = config.aux.system.services.ssh;
in in
{ {
options = { options = {
host.services.ssh = { aux.system.services.ssh = {
enable = lib.mkEnableOption (lib.mdDoc "Enables SSH server."); enable = lib.mkEnableOption (lib.mdDoc "Enables SSH server.");
ports = lib.mkOption { ports = lib.mkOption {
default = [ 22 ]; default = [ 22 ];

View file

@ -7,12 +7,12 @@
}: }:
let let
cfg = config.host.services.virtualization; cfg = config.aux.system.services.virtualization;
in in
{ {
options = { options = {
host.services.virtualization = { aux.system.services.virtualization = {
enable = lib.mkEnableOption (lib.mdDoc "Enables virtualization hosting tools on this host."); enable = lib.mkEnableOption (lib.mdDoc "Enables virtualization hosting tools on this aux.system.");
user = lib.mkOption { user = lib.mkOption {
default = ""; default = "";
type = lib.types.str; type = lib.types.str;

View file

@ -1,3 +1,4 @@
# Configures bluetooth.
{ {
lib, lib,
config, config,
@ -6,18 +7,17 @@
}: }:
let let
cfg = config.host.ui.bluetooth; cfg = config.aux.system.bluetooth;
in in
with lib;
{ {
options = { options = {
host.ui.bluetooth = { aux.system.bluetooth = {
enable = mkEnableOption (mdDoc "Enables bluetooth"); enable = lib.mkEnableOption (lib.mdDoc "Enables bluetooth");
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
# Set up Bluetooth # Set up Bluetooth
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;

View file

@ -0,0 +1,66 @@
# Configuration options specific to bootloader management.
# SecureBoot is handled via Lanzaboote. See https://github.com/nix-community/lanzaboote
{
config,
lib,
pkgs,
...
}:
# Bootloader
let
cfg = config.aux.system.bootloader;
in
{
options = {
aux.system.bootloader = {
enable = lib.mkOption {
description = "Automatically configures the bootloader. Set to false to configure manually.";
type = lib.types.bool;
default = true;
};
secureboot.enable = lib.mkEnableOption (lib.mdDoc "Enables Secureboot support.");
tpm2.enable = lib.mkEnableOption (lib.mdDoc "Enables TPM2 support.");
};
};
config = lib.mkIf cfg.enable (
lib.mkMerge [
(lib.mkIf cfg.secureboot.enable {
boot = {
# Enable Secure Boot
bootspec.enable = true;
# Use Lanzaboote in place of systemd-boot.
loader.systemd-boot.enable = false;
loader.efi.canTouchEfiVariables = true;
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
};
})
# Set up TPM if enabled. See https://nixos.wiki/wiki/TPM
(lib.mkIf (cfg.tpm2.enable) {
# After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module
environment.systemPackages = with pkgs; [ tpm2-tss ];
security.tpm2 = {
enable = true;
pkcs11.enable = true;
tctiEnvironment.enable = true;
};
})
# Use the default systemd-boot bootloader.
(lib.mkIf (!cfg.secureboot.enable) {
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
})
]
);
}

42
modules/system/editor.nix Normal file
View file

@ -0,0 +1,42 @@
# Basic system-wide text editor configuration.
{
pkgs,
config,
lib,
inputs,
...
}:
let
cfg = config.aux.system.editor;
in
{
options = {
aux.system.editor = lib.mkOption {
description = "Selects the default text editor.";
default = "nano";
type = lib.types.enum [
"vim"
"nano"
"emacs"
];
};
};
config = lib.mkMerge [
(lib.mkIf (cfg == "emacs") {
services.emacs = {
enable = true;
defaultEditor = true;
};
})
(lib.mkIf (cfg == "nano") {
programs.nano = {
enable = true;
syntaxHighlight = true;
};
environment.variables."EDITOR" = "nano";
})
(lib.mkIf (cfg == "vim") { programs.vim.defaultEditor = true; })
];
}

View file

@ -0,0 +1,30 @@
# Enables AMD GPU support.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.gpu.amd;
in
{
options = {
aux.system.gpu.amd.enable = lib.mkEnableOption (lib.mdDoc "Enables AMD GPU support.");
};
config = lib.mkIf cfg.enable {
boot.initrd.kernelModules = [ "amdgpu" ];
services.xserver = {
enable = true;
videoDrivers = [ "amdgpu" ];
};
hardware.opengl = {
extraPackages = [ pkgs.amdvlk ];
# 32-bit application compatibility
driSupport32Bit = true;
extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ];
};
};
}

View file

@ -0,0 +1,44 @@
# Enables Intel GPU support.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.gpu.intel;
in
{
options = {
aux.system.gpu.intel.enable = lib.mkEnableOption (lib.mdDoc "Enables Intel GPU support.");
};
config = lib.mkIf cfg.enable {
# Configuration options from NixOS-Hardware: https://github.com/NixOS/nixos-hardware/blob/master/common/gpu/intel/default.nix
boot.initrd.kernelModules = [ "i915" ];
environment.variables.VDPAU_DRIVER = "va_gl";
hardware.opengl.extraPackages = with pkgs; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
else
intel-vaapi-driver
)
libvdpau-va-gl
intel-media-driver
];
hardware.opengl.extraPackages32 = with pkgs.driversi686Linux; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
else
intel-vaapi-driver
)
libvdpau-va-gl
intel-media-driver
];
};
}

View file

@ -0,0 +1,81 @@
# Enables Nvidia GPU support.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.gpu.nvidia;
in
{
options = {
aux.system.gpu.nvidia = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Nvidia GPU support.");
hybrid = {
enable = lib.mkEnableOption (lib.mdDoc "Enables hybrid GPU support.");
sync = lib.mkEnableOption (
lib.mdDoc "Enables sync mode for faster performance at the cost of higher battery usage."
);
busIDs = {
nvidia = lib.mkOption {
description = "The bus ID for your Nvidia GPU.";
type = lib.types.str;
example = "PCI:0:2:0";
default = "";
};
intel = lib.mkOption {
description = "The bus ID for your integrated Intel GPU. If you don't have an Intel GPU, you can leave this blank.";
type = lib.types.str;
example = "PCI:14:0:0";
default = "";
};
amd = lib.mkOption {
description = "The bus ID for your integrated AMD GPU. If you don't have an AMD GPU, you can leave this blank.";
type = lib.types.str;
example = "PCI:54:0:0";
default = "";
};
};
};
};
};
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = (cfg.busIDs.nvidia == "");
message = "You need to define a bus ID for your Nvidia GPU. To learn how to find the bus ID, see https://nixos.wiki/wiki/Nvidia#Configuring_Optimus_PRIME:_Bus_ID_Values_.28Mandatory.29.";
}
{
assertion = (cfg.busIDs.intel == "" && cfg.busIDs.amd == "");
message = "You need to define a bus ID for your non-Nvidia GPU. To learn how to find your bus ID, see https://nixos.wiki/wiki/Nvidia#Configuring_Optimus_PRIME:_Bus_ID_Values_.28Mandatory.29.";
}
];
aux.system.allowUnfree = true;
services.xserver.videoDrivers = lib.mkDefault [ "nvidia" ];
hardware.opengl.extraPackages = with pkgs; [ vaapiVdpau ];
hardware.nvidia = {
modesetting.enable = true;
nvidiaSettings = lib.mkIf (config.aux.system.ui.desktops.enable) true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = lib.mkIf cfg.hybrid.enable {
offload = lib.mkIf (!cfg.hybrid.sync) {
enable = true;
enableOffloadCmd = true; # Provides `nvidia-offload` command.
};
sync.enable = lib.mkIf cfg.hybrid.sync true;
nvidiaBusId = cfg.hybrid.busIDs.nvidia;
intelBusId = lib.mkIf (cfg.hybrid.busIDs.intel != "") cfg.hybrid.busIDs.intel;
amdgpuBusId = lib.mkIf (cfg.hybrid.busIDs.amd != "") cfg.hybrid.busIDs.amd;
};
};
};
}

View file

@ -1,3 +1,4 @@
# Configure basic networking options.
_: { _: {
networking = { networking = {
# Enable networking via NetworkManager # Enable networking via NetworkManager

83
modules/system/nix.nix Normal file
View file

@ -0,0 +1,83 @@
# Core Nix configuration
{
pkgs,
config,
lib,
inputs,
...
}:
let
cfg = config.aux.system;
in
{
options = {
aux.system.allowUnfree = lib.mkEnableOption (lib.mdDoc "Allow unfree packages to install.");
aux.system.retentionPeriod = lib.mkOption {
description = "How long to retain NixOS generations. Defaults to 30 days (30d).";
type = lib.types.str;
default = "30d";
};
};
config = {
nixpkgs.config.allowUnfree = cfg.allowUnfree;
nix = {
settings = {
# Enable Flakes
experimental-features = [
"nix-command"
"flakes"
];
# Use Lix instead of Nix
substituters = [ "https://cache.lix.systems" ];
trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ];
# Only allow these users to use Nix
allowed-users = [
"root"
config.users.users.aires.name
];
# Avoid signature verification messages when doing remote builds
trusted-users = [
config.users.users.aires.name
] ++ lib.optionals (config.aux.system.users.gremlin.enable) [ config.users.users.gremlin.name ];
};
# Enable periodic nix store optimization
optimise.automatic = true;
# Configure NixOS to use the same software channel as Flakes
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
# Configure remote build machines (mainly Haven)
# To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config
buildMachines = [
{
hostName = "haven";
systems = [
"x86_64-linux"
"aarch64-linux"
];
protocol = "ssh-ng";
supportedFeatures = [
"nixos-test"
"kvm"
"benchmark"
"big-parallel"
];
}
];
# When using a builder, use its package store
extraOptions = ''
builders-use-substitutes = true
'';
};
# Support for standard, dynamically-linked executables
programs.nix-ld.enable = true;
};
}

95
modules/system/system.nix Normal file
View file

@ -0,0 +1,95 @@
# System options
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system;
in
{
options = {
aux.system.packages = lib.mkOption {
description = "Additional system packages to install. This is just a wrapper for environment.systemPackages.";
type = lib.types.listOf lib.types.package;
default = [ ];
example = lib.literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
};
};
config = {
# Set up the environment
environment = {
# Install base packages
systemPackages = with pkgs; [
bash
dconf # Needed to fix an issue with Home-manager. See https://github.com/nix-community/home-manager/issues/3113
direnv
git
home-manager
nano
p7zip
fastfetch
nh # Nix Helper: https://github.com/viperML/nh
];
};
# Configure automatic updates for all hosts
aux.system.services.autoUpgrade = {
enable = true;
configDir = config.secrets.nixConfigFolder;
onCalendar = "daily";
user = config.users.users.aires.name;
};
services = {
# Enable fwupd (firmware updater)
fwupd.enable = true;
# Enable trim on supported drives
fstrim.enable = true;
# Autoscrub BTRFS partitions
btrfs.autoScrub = lib.mkIf (config.fileSystems."/".fsType == "btrfs") {
enable = true;
interval = "weekly";
fileSystems = [ "/" ];
};
# Allow systemd user services to keep running after the user has logged out
logind.killUserProcesses = false;
# Enable disk monitoring
smartd = {
enable = true;
autodetect = true;
notifications.wall.enable = true;
};
};
# Reduce logout stop timer duration
systemd.extraConfig = ''
DefaultTimeoutStopSec=30s
'';
# Set your time zone.
time.timeZone = "America/New_York";
# Select internationalisation properties.
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
};
};
}

View file

@ -1,3 +1,4 @@
# Enables audio support.
{ {
pkgs, pkgs,
lib, lib,
@ -6,20 +7,19 @@
}: }:
let let
cfg = config.host.ui.audio; cfg = config.aux.system.ui.audio;
in in
with lib;
{ {
options = { options = {
host.ui.audio = { aux.system.ui.audio = {
enable = mkEnableOption (mdDoc "Enables audio"); enable = lib.mkEnableOption (lib.mdDoc "Enables audio.");
enableLowLatency = mkEnableOption ( enableLowLatency = lib.mkEnableOption (
mdDoc "Enables low-latency audio (may cause crackling) per https://nixos.wiki/wiki/PipeWire#Low-latency_setup " lib.mdDoc "Enables low-latency audio (may cause crackling) per https://nixos.wiki/wiki/PipeWire#Low-latency_setup."
); );
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
# Enable sound with pipewire. # Enable sound with pipewire.
sound.enable = true; sound.enable = true;
security.rtkit.enable = true; security.rtkit.enable = true;
@ -36,7 +36,7 @@ with lib;
jack.enable = true; jack.enable = true;
# Reduce audio latency per https://nixos.wiki/wiki/PipeWire#Low-latency_setup # Reduce audio latency per https://nixos.wiki/wiki/PipeWire#Low-latency_setup
extraConfig.pipewire = mkIf cfg.enableLowLatency { extraConfig.pipewire = lib.mkIf cfg.enableLowLatency {
"92-low-latency.conf" = { "92-low-latency.conf" = {
"context.properties" = { "context.properties" = {
"default.clock.rate" = 48000; "default.clock.rate" = 48000;
@ -47,7 +47,5 @@ with lib;
}; };
}; };
}; };
services.flatpak.packages = mkIf config.host.ui.flatpak.enable [ "com.github.wwmm.easyeffects" ];
}; };
} }

View file

@ -0,0 +1,32 @@
# Enables the Budgie desktop environment.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.ui.desktops.budgie;
in
{
options = {
aux.system.ui.desktops.budgie.enable = lib.mkEnableOption (
lib.mdDoc "Enables the Budgie desktop environment."
);
};
config = lib.mkIf cfg.enable {
aux.system.ui.desktops.enable = true;
services.xserver = {
enable = true;
desktopManager.budgie.enable = true;
displayManager.lightdm.enable = lib.mkIf (
!(
config.services.xserver.displayManager.gdm.enable
|| config.services.xserver.displayManager.sddm.enable
)
) true;
};
};
}

View file

@ -0,0 +1,104 @@
# Common desktop environment modules
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.ui.desktops;
in
{
options = {
aux.system.ui.desktops = {
enable = lib.mkEnableOption (lib.mdDoc "Enables base desktop environment support.");
xkb = lib.mkOption {
description = "The keyboard layout to use by default. Defaults to us.";
type = lib.types.attrs;
default = {
layout = "us";
variant = "";
};
};
};
};
config = lib.mkIf cfg.enable {
aux.system = {
bluetooth.enable = true;
ui.audio.enable = true;
};
boot = {
# Enable Plymouth for graphical bootsplash.
plymouth = {
enable = true;
theme = "bgrt";
};
# Add kernel parameters
kernelParams = [
"quiet"
"splash"
];
};
# Manage fonts
fonts = {
# Install extra fonts
packages = with pkgs; [
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
liberation_ttf
fira-code
fira-code-symbols
fira
roboto-slab
];
# Enable font dir for use with Flatpak. See https://nixos.wiki/wiki/Fonts#Flatpak_applications_can.27t_find_system_fonts
fontDir.enable = true;
};
services = {
# Configure the xserver
xserver = {
# Enable the X11 windowing system.
enable = true;
# Enable touchpad support (enabled by default in most desktop managers, buuuut just in case).
libinput.enable = true;
# Configure keymap in X11
xkb = config.aux.system.ui.desktops.xkb;
};
};
# Support for AppImage files
programs.appimage = {
enable = true;
binfmt = true;
};
# Install full GStreamer capabilities.
# References:
# https://wiki.nixos.org/wiki/GStreamer
# https://github.com/NixOS/nixpkgs/issues/195936
environment = {
sessionVariables.GST_PLUGIN_SYSTEM_PATH_1_0 = lib.makeSearchPathOutput "lib" "lib/gstreamer-1.0" (
with pkgs.gst_all_1;
[
gstreamer
gst-plugins-base
gst-plugins-good
gst-plugins-bad
gst-plugins-ugly
gst-libav
gst-vaapi
]
);
};
};
}

View file

@ -1,3 +1,4 @@
# Enables the Gnome desktop environment.
{ {
pkgs, pkgs,
config, config,
@ -5,41 +6,29 @@
... ...
}: }:
# UI and desktop-related options
let let
cfg = config.host.ui.gnome; cfg = config.aux.system.ui.desktops.gnome;
in in
with lib;
{ {
options = { options = {
host.ui.gnome.enable = mkEnableOption (mdDoc "Enables Gnome"); aux.system.ui.desktops.gnome.enable = lib.mkEnableOption (
lib.mdDoc "Enables the Gnome Desktop Environment."
);
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
host.ui = { aux.system.ui.desktops.enable = true;
audio.enable = true;
flatpak.enable = true;
};
# Enable Gnome
services = { services = {
# Configure the xserver
xserver = { xserver = {
# Enable the X11 windowing system. # Remove default packages that came with the install
enable = true; excludePackages = [ pkgs.xterm ];
# Configure keymap in X11
xkb = {
layout = "us";
variant = "";
};
# Enable Gnome # Enable Gnome
desktopManager.gnome.enable = true; desktopManager.gnome.enable = true;
displayManager.gdm.enable = true; displayManager.gdm.enable = true;
# Remove default packages that came with the install
excludePackages = [ pkgs.xterm ];
}; };
# Install Flatpaks # Install Flatpaks
@ -107,41 +96,6 @@ with lib;
papirus-icon-theme papirus-icon-theme
qogir-icon-theme qogir-icon-theme
]; ];
# Install GStreamer plugins
# References:
# https://wiki.nixos.org/wiki/GStreamer
# https://github.com/NixOS/nixpkgs/issues/195936
sessionVariables.GST_PLUGIN_SYSTEM_PATH_1_0 = lib.makeSearchPathOutput "lib" "lib/gstreamer-1.0" (
with pkgs.gst_all_1;
[
gstreamer
gst-plugins-base
gst-plugins-good
gst-plugins-bad
gst-plugins-ugly
gst-libav
gst-vaapi
]
);
};
# Manage fonts
fonts = {
# Install extra fonts
packages = with pkgs; [
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
liberation_ttf
fira-code
fira-code-symbols
fira
roboto-slab
];
# Enable font dir for use with Flatpak. See https://nixos.wiki/wiki/Fonts#Flatpak_applications_can.27t_find_system_fonts
fontDir.enable = true;
}; };
# Gnome UI integration for KDE apps # Gnome UI integration for KDE apps

View file

@ -0,0 +1,28 @@
# Enables the Hyprland desktop environment.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.ui.desktops.hyprland;
in
{
options = {
aux.system.ui.desktops.hyprland.enable = lib.mkEnableOption (
lib.mdDoc "Enables the Hyprland desktop environment."
);
};
config = lib.mkIf cfg.enable {
aux.system.ui.desktops.enable = true;
programs.hyprland = {
enable = true;
xwayland.enable = true;
};
# Optional: hint Electron apps to use Wayland:
environment.sessionVariables.NIXOS_OZONE_WL = "1";
};
}

View file

@ -0,0 +1,54 @@
# Enables the KDE desktop environment.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.ui.desktops.kde;
in
{
options = {
aux.system.ui.desktops.kde = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the KDE Desktop Environment.");
useX11 = lib.mkEnableOption (lib.mdDoc "Uses X11 instead of Wayland.");
};
};
config = lib.mkIf cfg.enable {
aux.system.ui.desktops.enable = true;
programs.dconf.enable = true;
# Fix blank messages in KMail. See https://nixos.wiki/wiki/KDE#KMail_Renders_Blank_Messages
environment.sessionVariables = {
NIX_PROFILES = "${pkgs.lib.concatStringsSep " " (
pkgs.lib.reverseList config.environment.profiles
)}";
};
services = {
displayManager.sddm.enable = true;
desktopManager.plasma6.enable = true;
xserver.displayManager = lib.mkIf cfg.useX11 {
defaultSession = "plasmaX11";
sddm.wayland.enable = lib.mkIf (
!(
config.services.xserver.displayManager.gdm.enable
|| config.services.xserver.displayManager.lightdm.enable
)
) true;
};
};
# Enable Gnome integration
qt = {
enable = true;
platformTheme = "gnome";
style = "adwaita-dark";
};
};
}

View file

@ -0,0 +1,30 @@
# Enables the XFCE desktop environment.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.ui.desktops.xfce;
in
{
options = {
aux.system.ui.desktops.xfce.enable = lib.mkEnableOption (
lib.mdDoc "Enables the XFCE desktop environment."
);
};
config = lib.mkIf cfg.enable {
aux.system.ui.desktops.enable = true;
services.xserver = {
enable = true;
desktopManager = {
xterm.enable = false;
xfce.enable = true;
};
displayManager.defaultSession = "xfce";
};
};
}

View file

@ -8,12 +8,20 @@
# Flatpak support and options # Flatpak support and options
let let
cfg = config.host.ui.flatpak; cfg = config.aux.system.ui.flatpak;
in in
with lib; with lib;
{ {
options = { options = {
host.ui.flatpak.enable = mkEnableOption (mdDoc "Enables Flatpak"); aux.system.ui.flatpak = {
enable = mkEnableOption (mdDoc "Enables Flatpak support.");
packages = lib.mkOption {
description = "Flatpak packages to install.";
type = lib.types.listOf lib.types.str;
default = [ ];
example = lib.literalExpression "[ \"com.valvesoftware.Steam\" ]";
};
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -36,12 +44,7 @@ with lib;
]; ];
# Install base Flatpaks. For details, see https://github.com/gmodena/nix-flatpak # Install base Flatpaks. For details, see https://github.com/gmodena/nix-flatpak
packages = [ packages = cfg.packages;
"com.github.tchx84.Flatseal"
"md.obsidian.Obsidian"
"net.waterfox.waterfox"
"org.keepassxc.KeePassXC"
];
}; };
# Workaround for getting Flatpak apps to use system fonts, icons, and cursors # Workaround for getting Flatpak apps to use system fonts, icons, and cursors
@ -63,8 +66,8 @@ with lib;
aggregatedIcons = pkgs.buildEnv { aggregatedIcons = pkgs.buildEnv {
name = "system-icons"; name = "system-icons";
paths = with pkgs; [ paths = with pkgs; [
#libsForQt5.breeze-qt5 # for plasma (lib.mkIf config.aux.system.ui.desktops.gnome.enable gnome.gnome-themes-extra)
gnome.gnome-themes-extra (lib.mkIf config.aux.system.ui.desktops.kde.enable kdePackages.breeze-icons)
papirus-icon-theme papirus-icon-theme
qogir-icon-theme qogir-icon-theme
]; ];

View file

@ -7,12 +7,12 @@
# Define 'aires' # Define 'aires'
let let
cfg = config.host.users.aires; cfg = config.aux.system.users.aires;
in in
with lib; with lib;
{ {
options = { options = {
host.users.aires = { aux.system.users.aires = {
enable = mkEnableOption (mdDoc "Enables aires user account"); enable = mkEnableOption (mdDoc "Enables aires user account");
autologin = mkEnableOption (mdDoc "Automatically logs aires in on boot"); autologin = mkEnableOption (mdDoc "Automatically logs aires in on boot");
@ -63,7 +63,9 @@ with lib;
homeDirectory = "/home/aires"; homeDirectory = "/home/aires";
# Install extra packages, specifically gnome extensions # Install extra packages, specifically gnome extensions
packages = lib.mkIf config.host.ui.gnome.enable [ pkgs.gnomeExtensions.wallpaper-slideshow ]; packages = lib.mkIf config.aux.system.ui.desktops.gnome.enable [
pkgs.gnomeExtensions.wallpaper-slideshow
];
# Set environment variables # Set environment variables
sessionVariables = { sessionVariables = {

View file

@ -6,7 +6,7 @@
}: }:
{ {
# Additional Gnome configurations via home-manager. # Additional Gnome configurations via home-manager.
dconf.settings = lib.mkIf osConfig.host.ui.gnome.enable { dconf.settings = lib.mkIf osConfig.aux.system.ui.desktops.gnome.enable {
"org/gnome/mutter" = { "org/gnome/mutter" = {
edge-tiling = true; edge-tiling = true;
workspaces-only-on-primary = false; workspaces-only-on-primary = false;

View file

@ -7,12 +7,12 @@
# Define 'gremlin' user # Define 'gremlin' user
let let
cfg = config.host.users.gremlin; cfg = config.aux.system.users.gremlin;
in in
with lib; with lib;
{ {
options = { options = {
host.users.gremlin = { aux.system.users.gremlin = {
enable = mkEnableOption (mdDoc "Enables gremlin user account"); enable = mkEnableOption (mdDoc "Enables gremlin user account");
services.syncthing = { services.syncthing = {

View file

@ -7,13 +7,13 @@
# Define user for managing media on Haven # Define user for managing media on Haven
let let
cfg = config.host.users.media; cfg = config.aux.system.users.media;
in in
with lib; with lib;
{ {
options = { options = {
host.users.media = { aux.system.users.media = {
enable = mkEnableOption (mdDoc "Enables media user account"); enable = mkEnableOption (mdDoc "Enables media user account");
}; };
}; };