1
0
Fork 0

Chore: formatting & cleanup

This commit is contained in:
Aires 2024-09-08 11:58:56 -04:00
parent 6ab9a35136
commit 86f7864f8f
38 changed files with 163 additions and 206 deletions

View file

@ -36,10 +36,6 @@ in
networking.hostName = hostName;
###*** Configure your system below this line. ***###
# Set your time zone.
# To see all available timezones, run `timedatectl list-timezones`.
time.timeZone = "America/New_York";
# Build Nix packages for other hosts.
# Runs every day at 4 AM
systemd = {

View file

@ -37,10 +37,6 @@ in
networking.hostName = hostName;
###*** Configure your system below this line. ***###
# Set your time zone.
# To see all available timezones, run `timedatectl list-timezones`.
time.timeZone = "America/New_York";
# Build Nix packages for other hosts.
# Runs every day at 4 AM
systemd = {
@ -87,6 +83,7 @@ in
# Enable GPU support.
gpu.amd.enable = true;
# Install script to get the system up and running after boot.
packages = [ start-services ];
# Enable support for primary RAID array

View file

@ -41,23 +41,4 @@ in
size = 16384;
};
};
# Automatically scrub the RAID array monthly
systemd.services."raid-scrub" = {
description = "Periodically scrub RAID volumes for errors.";
serviceConfig = {
Type = "oneshot";
User = "root";
};
script = "echo check > /sys/block/md127/md/sync_action";
};
systemd.timers."raid-scrub" = {
description = "Periodically scrub RAID volumes for errors.";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "monthly";
Persistent = true;
Unit = "raid-scrub.service";
};
};
}

View file

@ -12,10 +12,6 @@ in
networking.hostName = hostName;
###*** Configure your system below this line. ***###
# Set your time zone.
# To see all available timezones, run `timedatectl list-timezones`.
time.timeZone = "America/New_York";
# Configure the system.
aux.system = {
# Enable to allow unfree (e.g. closed source) packages.

View file

@ -12,7 +12,17 @@ in
imports = [ ./hardware-configuration.nix ];
system.stateVersion = stateVersion;
networking.hostName = hostName;
networking = {
hostName = hostName;
# Connect to the network automagically
networkmanager.enable = lib.mkForce false;
wireless.networks = {
"${config.secrets.networking.networks.home.SSID}" = {
psk = "${config.secrets.networking.networks.home.password}";
};
};
};
aux.system = {
bootloader.enable = false; # Bootloader configured in hardware-configuration.nix
@ -30,16 +40,4 @@ in
};
nix.distributedBuilds = true;
time.timeZone = "America/New_York";
# Connect to the network automagically
networking = {
networkmanager.enable = lib.mkForce false;
wireless.networks = {
"${config.secrets.networking.networks.home.SSID}" = {
psk = "${config.secrets.networking.networks.home.password}";
};
};
};
}

View file

@ -10,7 +10,7 @@ let
in
{
options = {
aux.system.apps.writing.enable = lib.mkEnableOption (lib.mdDoc "Enables writing and editing tools");
aux.system.apps.writing.enable = lib.mkEnableOption "Enables writing and editing tools";
};
config = lib.mkIf cfg.enable {

View file

@ -8,19 +8,12 @@
{
config = {
# Install ZSH for all users
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;
aux.system = {
packages = with pkgs; [
# Install base packages
aux.system.packages = with pkgs; [
fastfetch # Show a neat system statistics screen when opening a terminal
htop
mdadm # RAID management
nh # Nix Helper: https://github.com/viperML/nh
htop # System monitor
zellij # Terminal multiplexer
];
};
# Allow packages from the unstable repo by using 'pkgs.unstable'
nixpkgs.overlays = [
@ -33,14 +26,17 @@
];
programs = {
# Install ZSH for all users
zsh.enable = true;
# Enable NH, an alternative nixos-rebuild frontend.
# https://github.com/viperML/nh
nh = {
enable = true;
flake = "${config.secrets.nixConfigFolder}";
};
# Do some additional Nano configuration
# Configure nano
nano.nanorc = ''
set linenumbers
set tabsize 4
set softwrap
set autoindent
@ -48,6 +44,7 @@
'';
};
services.fail2ban.enable = true;
# Set ZSH as the default shell
users.defaultUserShell = pkgs.zsh;
};
}

View file

@ -7,7 +7,7 @@ in
{
options = {
aux.system.services.myModule = {
enable = lib.mkEnableOption (lib.mdDoc "Enables this example module.");
enable = lib.mkEnableOption "Enables this example module.";
attributes = lib.mkOption {
default = { };
type = lib.types.attrs;

View file

@ -6,9 +6,7 @@ in
{
options = {
aux.system.services.acme = {
enable = lib.mkEnableOption (
lib.mdDoc "Enable the ACME client (for Let's Encrypt TLS certificates)."
);
enable = lib.mkEnableOption "Enable the ACME client (for Let's Encrypt TLS certificates).";
certs = lib.mkOption {
default = { };
type = lib.types.attrs;

View file

@ -10,7 +10,7 @@ in
{
options = {
aux.system.services.airsonic = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Airsonic Advanced media streaming service.");
enable = lib.mkEnableOption "Enables Airsonic Advanced media streaming service.";
home = lib.mkOption {
default = "/var/lib/airsonic";
type = lib.types.str;

View file

@ -7,7 +7,7 @@ in
{
options = {
aux.system.services.autoUpgrade = {
enable = lib.mkEnableOption (lib.mdDoc "Enables automatic system updates.");
enable = lib.mkEnableOption "Enables automatic system updates.";
branches = lib.mkOption {
type = lib.types.attrs;
description = "Which local and remote branches to compare.";
@ -31,9 +31,7 @@ in
type = lib.types.bool;
description = "If true, the time when the service unit was last triggered is stored on disk. When the timer is activated, the service unit is triggered immediately if it would have been triggered at least once during the time when the timer was inactive. This is useful to catch up on missed runs of the service when the system was powered down.";
};
pushUpdates = lib.mkEnableOption (
lib.mdDoc "Updates the flake.lock file and pushes it back to the repo."
);
pushUpdates = lib.mkEnableOption "Updates the flake.lock file and pushes it back to the repo.";
user = lib.mkOption {
type = lib.types.str;
description = "The user who owns the configDir.";

View file

@ -10,9 +10,7 @@ let
in
{
options = {
aux.system.services.boinc.enable = lib.mkEnableOption (
lib.mdDoc "Enables BOINC distributed computing service."
);
aux.system.services.boinc.enable = lib.mkEnableOption "Enables BOINC distributed computing service.";
};
config = lib.mkIf cfg.enable {

View file

@ -24,7 +24,7 @@ in
{
options = {
aux.system.services.forgejo = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Forgejo Git hosting service.");
enable = lib.mkEnableOption "Enables Forgejo Git hosting service.";
domain = lib.mkOption {
default = "/var/lib/forgejo";
type = lib.types.str;
@ -44,7 +44,7 @@ in
example = "https://forgejo.example.com";
};
actions = {
enable = lib.mkEnableOption (lib.mdDoc "Enables a local Forgejo Actions runner.");
enable = lib.mkEnableOption "Enables a local Forgejo Actions runner.";
token = lib.mkOption {
default = "";
type = lib.types.str;

View file

@ -11,7 +11,7 @@ in
{
options = {
aux.system.services.home-assistant = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Home Assistant.");
enable = lib.mkEnableOption "Enables Home Assistant.";
domain = lib.mkOption {
default = "";
type = lib.types.str;

View file

@ -14,7 +14,7 @@ in
{
options = {
aux.system.services.jellyfin = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the Jellyfin media streaming service.");
enable = lib.mkEnableOption "Enables the Jellyfin media streaming service.";
home = lib.mkOption {
default = "/var/lib/jellyfin";
type = lib.types.str;

View file

@ -6,8 +6,8 @@ in
{
options = {
aux.system.services.nginx = {
autostart = lib.mkEnableOption (lib.mdDoc "Whether to autostart Nginx at boot.");
enable = lib.mkEnableOption (lib.mdDoc "Enable the Nginx web server.");
autostart = lib.mkEnableOption "Whether to autostart Nginx at boot.";
enable = lib.mkEnableOption "Enable the Nginx web server.";
virtualHosts = lib.mkOption {
default = { };

View file

@ -6,7 +6,7 @@ in
{
options = {
aux.system.services.ssh = {
enable = lib.mkEnableOption (lib.mdDoc "Enables SSH server.");
enable = lib.mkEnableOption "Enables SSH server.";
ports = lib.mkOption {
default = [ 22 ];
type = lib.types.listOf lib.types.int;

View file

@ -12,16 +12,16 @@ in
{
options = {
aux.system.services.virtualization = {
enable = lib.mkEnableOption (lib.mdDoc "Enables virtualization tools on this host.");
enable = lib.mkEnableOption "Enables virtualization tools on this host.";
host = {
enable = lib.mkEnableOption (lib.mdDoc "Enables virtual machine hosting.");
enable = lib.mkEnableOption "Enables virtual machine hosting.";
user = lib.mkOption {
default = "";
type = lib.types.str;
description = "The default user to add as a KVM admin.";
};
vmBuilds = {
enable = lib.mkEnableOption (lib.mdDoc "Enables builds via `nixos-rebuild build-vm` on this host.");
enable = lib.mkEnableOption "Enables builds via `nixos-rebuild build-vm` on this host.";
cores = lib.mkOption {
type = lib.types.int;
description = "How many cores to assign to `nixos-rebuild build-vm` builds. Defaults to 2.";

View file

@ -13,7 +13,7 @@ in
options = {
aux.system.bluetooth = {
enable = lib.mkEnableOption (lib.mdDoc "Enables bluetooth");
enable = lib.mkEnableOption "Enables bluetooth.";
};
};

View file

@ -21,8 +21,8 @@ in
default = true;
};
secureboot.enable = lib.mkEnableOption (lib.mdDoc "Enables Secureboot support.");
tpm2.enable = lib.mkEnableOption (lib.mdDoc "Enables TPM2 support.");
secureboot.enable = lib.mkEnableOption "Enables Secureboot support (please read the README before enabling!).";
tpm2.enable = lib.mkEnableOption "Enables TPM2 support.";
};
};
@ -34,8 +34,10 @@ in
bootspec.enable = true;
# Use Lanzaboote in place of systemd-boot.
loader.systemd-boot.enable = false;
loader.efi.canTouchEfiVariables = true;
loader = {
systemd-boot.enable = false;
efi.canTouchEfiVariables = true;
};
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
@ -46,9 +48,8 @@ in
# Set up TPM if enabled. See https://wiki.nixos.org/wiki/TPM
(lib.mkIf (cfg.tpm2.enable) {
boot.initrd = {
# Enable systemd for TPM auto-unlocking
# Enable modules and support for TPM auto-unlocking
systemd.enable = true;
availableKernelModules = [ "tpm_crb" ];
kernelModules = [ "tpm_crb" ];
};

View file

@ -9,7 +9,7 @@ in
{
options = {
aux.system.filesystem = {
enable = lib.mkEnableOption (lib.mdDoc "Enables standard BTRFS subvolumes and parameters.");
enable = lib.mkEnableOption "Enables standard BTRFS subvolumes and parameters.";
partitions = {
boot = lib.mkOption {
type = lib.types.str;
@ -28,7 +28,7 @@ in
default = true;
};
swapFile = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the creation of a swap file.");
enable = lib.mkEnableOption "Enables the creation of a swap file.";
size = lib.mkOption {
type = lib.types.int;
description = "The size of the swap file to create in MB (defaults to 8192, or ~8 gigabytes).";

View file

@ -10,7 +10,7 @@ let
in
{
options = {
aux.system.gpu.amd.enable = lib.mkEnableOption (lib.mdDoc "Enables AMD GPU support.");
aux.system.gpu.amd.enable = lib.mkEnableOption "Enables AMD GPU support.";
};
config = lib.mkIf cfg.enable {

View file

@ -10,7 +10,7 @@ let
in
{
options = {
aux.system.gpu.intel.enable = lib.mkEnableOption (lib.mdDoc "Enables Intel GPU support.");
aux.system.gpu.intel.enable = lib.mkEnableOption "Enables Intel GPU support.";
};
config = lib.mkIf cfg.enable {
@ -19,7 +19,8 @@ in
environment.variables.VDPAU_DRIVER = "va_gl";
hardware.opengl.extraPackages = with pkgs; [
hardware.opengl = {
extraPackages = with pkgs; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
@ -30,7 +31,7 @@ in
intel-media-driver
];
hardware.opengl.extraPackages32 = with pkgs.driversi686Linux; [
extraPackages32 = with pkgs.driversi686Linux; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
@ -41,4 +42,5 @@ in
intel-media-driver
];
};
};
}

View file

@ -11,12 +11,10 @@ in
{
options = {
aux.system.gpu.nvidia = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Nvidia GPU support.");
enable = lib.mkEnableOption "Enables Nvidia GPU support.";
hybrid = {
enable = lib.mkEnableOption (lib.mdDoc "Enables hybrid GPU support.");
sync = lib.mkEnableOption (
lib.mdDoc "Enables sync mode for faster performance at the cost of higher battery usage."
);
enable = lib.mkEnableOption "Enables hybrid GPU support.";
sync = lib.mkEnableOption "Enables sync mode for faster performance at the cost of higher battery usage.";
busIDs = {
nvidia = lib.mkOption {
description = "The bus ID for your Nvidia GPU.";
@ -57,9 +55,9 @@ in
aux.system.allowUnfree = true;
services.xserver.videoDrivers = lib.mkDefault [ "nvidia" ];
hardware.opengl.extraPackages = with pkgs; [ vaapiVdpau ];
hardware.nvidia = {
hardware = {
opengl.extraPackages = with pkgs; [ vaapiVdpau ];
nvidia = {
modesetting.enable = true;
nvidiaSettings = config.aux.system.ui.desktops.enable;
package = config.boot.kernelPackages.nvidiaPackages.stable;
@ -78,4 +76,5 @@ in
};
};
};
};
}

View file

@ -12,4 +12,8 @@
nftables.enable = true;
firewall.enable = true;
};
# Enable fail2ban by default
# https://github.com/fail2ban/fail2ban
services.fail2ban.enable = true;
}

View file

@ -11,13 +11,15 @@ let
in
{
options = {
aux.system.allowUnfree = lib.mkEnableOption (lib.mdDoc "Allow unfree packages to install.");
aux.system.retentionPeriod = lib.mkOption {
aux.system = {
allowUnfree = lib.mkEnableOption "Allow unfree packages to install.";
retentionPeriod = lib.mkOption {
description = "How long to retain NixOS generations. Defaults to one month.";
type = lib.types.str;
default = "monthly";
};
};
};
config = {
nixpkgs.config.allowUnfree = cfg.allowUnfree;
nix = {
@ -33,15 +35,15 @@ in
trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ];
# Only allow these users to use Nix
allowed-users = [
"root"
config.users.users.aires.name
allowed-users = with config.users.users; [
root.name
aires.name
];
# Avoid signature verification messages when doing remote builds
trusted-users = [
config.users.users.aires.name
] ++ lib.optionals (config.aux.system.users.gremlin.enable) [ config.users.users.gremlin.name ];
trusted-users =
with config.users.users;
[ aires.name ] ++ lib.optionals (config.aux.system.users.gremlin.enable) [ gremlin.name ];
};
# Enable periodic nix store optimization
@ -63,10 +65,10 @@ in
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
# Configure remote build machines
# To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config
# To enable a system to use remote build machines, add `nix.distributedBuilds = true;` to its config
buildMachines = [
{
hostName = "dimaga";
hostName = "hevana";
systems = [
"x86_64-linux"
"aarch64-linux"

View file

@ -19,6 +19,27 @@ in
ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb
MAILADDR ${config.secrets.users.aires.email}
'';
# Automatically scrub the array monthly
systemd = {
services."raid-scrub" = {
description = "Periodically scrub RAID volumes for errors.";
serviceConfig = {
Type = "oneshot";
User = "root";
};
script = "echo check > /sys/block/md127/md/sync_action";
};
timers."raid-scrub" = {
description = "Periodically scrub RAID volumes for errors.";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "monthly";
Persistent = true;
Unit = "raid-scrub.service";
};
};
};
})
];
}

View file

@ -46,7 +46,7 @@ in
environment.systemPackages = cfg.corePackages ++ cfg.packages;
services = {
# Automatically set the timezone
# Automatically set the timezone based on location
automatic-timezoned.enable = true;
geoclue2.enableDemoAgent = lib.mkForce true;

View file

@ -12,10 +12,8 @@ in
{
options = {
aux.system.ui.audio = {
enable = lib.mkEnableOption (lib.mdDoc "Enables audio.");
enableLowLatency = lib.mkEnableOption (
lib.mdDoc "Enables low-latency audio (may cause crackling) per https://wiki.nixos.org/wiki/PipeWire#Low-latency_setup."
);
enable = lib.mkEnableOption "Enables audio.";
enableLowLatency = lib.mkEnableOption "Enables low-latency audio (may cause crackling) per https://wiki.nixos.org/wiki/PipeWire#Low-latency_setup.";
};
};
@ -29,10 +27,12 @@ in
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
alsa = {
enable = true;
support32Bit = true;
};
# Reduce audio latency per https://wiki.nixos.org/wiki/PipeWire#Low-latency_setup
extraConfig.pipewire = lib.mkIf cfg.enableLowLatency {

View file

@ -5,9 +5,7 @@ let
in
{
options = {
aux.system.ui.desktops.budgie.enable = lib.mkEnableOption (
lib.mdDoc "Enables the Budgie desktop environment."
);
aux.system.ui.desktops.budgie.enable = lib.mkEnableOption "Enables the Budgie desktop environment.";
};
config = lib.mkIf cfg.enable {

View file

@ -12,7 +12,7 @@ in
{
options = {
aux.system.ui.desktops = {
enable = lib.mkEnableOption (lib.mdDoc "Enables base desktop environment support.");
enable = lib.mkEnableOption "Enables base desktop environment support.";
xkb = lib.mkOption {
description = "The keyboard layout to use by default. Defaults to us.";
type = lib.types.attrs;

View file

@ -13,10 +13,8 @@ in
options = {
aux.system.ui.desktops.gnome = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the Gnome Desktop Environment.");
tripleBuffering.enable = lib.mkEnableOption (
lib.mdDoc "(Experimental) Enables dynamic triple buffering"
);
enable = lib.mkEnableOption "Enables the Gnome Desktop Environment.";
tripleBuffering.enable = lib.mkEnableOption "(Experimental) Enables dynamic triple buffering";
};
};
@ -89,7 +87,7 @@ in
gnomeExtensions.alphabetical-app-grid
gnomeExtensions.appindicator
gnomeExtensions.dash-to-panel
gnomeExtensions.forge
gnomeExtensions.random-wallpaper
# Themeing
gnome.gnome-themes-extra
papirus-icon-theme

View file

@ -5,9 +5,7 @@ let
in
{
options = {
aux.system.ui.desktops.hyprland.enable = lib.mkEnableOption (
lib.mdDoc "Enables the Hyprland desktop environment."
);
aux.system.ui.desktops.hyprland.enable = lib.mkEnableOption "Enables the Hyprland desktop environment.";
};
config = lib.mkIf cfg.enable {

View file

@ -12,8 +12,8 @@ in
{
options = {
aux.system.ui.desktops.kde = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the KDE Desktop Environment.");
useX11 = lib.mkEnableOption (lib.mdDoc "Uses X11 instead of Wayland.");
enable = lib.mkEnableOption "Enables the KDE Desktop Environment.";
useX11 = lib.mkEnableOption "Uses X11 instead of Wayland.";
};
};

View file

@ -5,9 +5,7 @@ let
in
{
options = {
aux.system.ui.desktops.xfce.enable = lib.mkEnableOption (
lib.mdDoc "Enables the XFCE desktop environment."
);
aux.system.ui.desktops.xfce.enable = lib.mkEnableOption "Enables the XFCE desktop environment.";
};
config = lib.mkIf cfg.enable {

View file

@ -29,9 +29,7 @@ in
}
];
};
useBindFS = lib.mkEnableOption {
description = "Whether to use a BindFS mount to support custom themes and cursors. May cause performance issues.";
};
useBindFS = lib.mkEnableOption "Whether to use a BindFS mount to support custom themes and cursors. May cause performance issues.";
};
};

View file

@ -62,16 +62,6 @@ in
username = "aires";
homeDirectory = "/home/aires";
# Install extra packages, specifically gnome extensions
packages = lib.mkIf config.aux.system.ui.desktops.gnome.enable [
pkgs.gnomeExtensions.wallpaper-slideshow
];
# Set environment variables
sessionVariables = {
KUBECONFIG = "/home/aires/.kube/config";
};
# Create .face file
file.".face".source = ./face.png;
};
@ -114,19 +104,6 @@ in
loginExtra = "fastfetch";
};
};
# Gnome settings specific to aires on Shura
/*
dconf.settings = lib.mkIf (config.networking.hostName == "Shura") {
"org/gnome/desktop/interface" = {
# Increase font scaling;
text-scaling-factor = 1.3;
# Dark mode
color-scheme = "prefer-dark";
};
};
*/
};
}

View file

@ -13,16 +13,18 @@ in
};
config = lib.mkIf cfg.enable {
users.groups."media" = {
gid = 1001;
};
users.users.media = {
users = {
users.media = {
isNormalUser = false;
isSystemUser = true;
description = "Media manager";
uid = 1001;
group = "media";
};
groups."media" = {
gid = 1001;
};
};
};
}