1
0
Fork 0

Compare commits

...

2 commits

Author SHA1 Message Date
Aires 38c0c493f2 Services: use 'requiresMountFor' with Syncthing 2024-09-08 17:17:40 +00:00
Aires 86f7864f8f Chore: formatting & cleanup 2024-09-08 11:58:56 -04:00
43 changed files with 198 additions and 276 deletions

View file

@ -297,11 +297,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1725407940,
"narHash": "sha256-tiN5Rlg/jiY0tyky+soJZoRzLKbPyIdlQ77xVgREDNM=",
"lastModified": 1725693463,
"narHash": "sha256-ZPzhebbWBOr0zRWW10FfqfbJlan3G96/h3uqhiFqmwg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6f6c45b5134a8ee2e465164811e451dcb5ad86e3",
"rev": "68e7dce0a6532e876980764167ad158174402c6f",
"type": "github"
},
"original": {
@ -378,11 +378,11 @@
"secrets": {
"flake": false,
"locked": {
"lastModified": 1725641701,
"narHash": "sha256-bTnYSs06iwnS6a1jYLpwjwVpFcP/iDs/6q5gnFcO+sQ=",
"lastModified": 1725813930,
"narHash": "sha256-UxqJm3MlHVrPofm/4Z1dR9Xpo49Xc0HGQ/Mg/bQ5oqI=",
"ref": "refs/heads/main",
"rev": "25576ffa753b96e2289380feb81d3ed82e00cbc7",
"revCount": 68,
"rev": "2e559fbe36dc49c3ea63cc9856b899eb9269950f",
"revCount": 69,
"type": "git",
"url": "file:./secrets"
},

View file

@ -36,10 +36,6 @@ in
networking.hostName = hostName;
###*** Configure your system below this line. ***###
# Set your time zone.
# To see all available timezones, run `timedatectl list-timezones`.
time.timeZone = "America/New_York";
# Build Nix packages for other hosts.
# Runs every day at 4 AM
systemd = {
@ -174,7 +170,6 @@ in
};
nginx = {
enable = true;
autostart = false;
virtualHosts = {
"${config.secrets.networking.domains.primary}" = {
default = true;
@ -223,7 +218,7 @@ in
services = {
syncthing = {
enable = true;
autostart = false;
home = "${services-root}/syncthing/aires";
};
};
};

View file

@ -7,8 +7,6 @@ let
# Where to store service files
services-root = "/storage/services";
# Script to start services
start-services = pkgs.writeShellScriptBin "start-services" (builtins.readFile ./start-services.sh);
# Credentials for interacting with the Namecheap API
namecheapCredentials = {
@ -37,10 +35,6 @@ in
networking.hostName = hostName;
###*** Configure your system below this line. ***###
# Set your time zone.
# To see all available timezones, run `timedatectl list-timezones`.
time.timeZone = "America/New_York";
# Build Nix packages for other hosts.
# Runs every day at 4 AM
systemd = {
@ -87,8 +81,6 @@ in
# Enable GPU support.
gpu.amd.enable = true;
packages = [ start-services ];
# Enable support for primary RAID array
raid.storage.enable = true;
@ -171,7 +163,6 @@ in
};
nginx = {
enable = true;
autostart = false;
virtualHosts = {
"${config.secrets.networking.domains.primary}" = {
default = true;
@ -217,7 +208,7 @@ in
services = {
syncthing = {
enable = true;
autostart = false;
home = "${services-root}/syncthing/aires";
};
};
};

View file

@ -41,23 +41,4 @@ in
size = 16384;
};
};
# Automatically scrub the RAID array monthly
systemd.services."raid-scrub" = {
description = "Periodically scrub RAID volumes for errors.";
serviceConfig = {
Type = "oneshot";
User = "root";
};
script = "echo check > /sys/block/md127/md/sync_action";
};
systemd.timers."raid-scrub" = {
description = "Periodically scrub RAID volumes for errors.";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "monthly";
Persistent = true;
Unit = "raid-scrub.service";
};
};
}

View file

@ -1,26 +0,0 @@
#!/bin/sh
# Script to unlock the /storage partition and start up services that depend on it.
# check if the current user is root
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi
# Unlock and mount storage directory if we haven't already
if [ -e "/dev/mapper/storage" ]; then
echo "Storage partition already mounted."
else
echo "Unlocking storage partition..."
cryptsetup luksOpen /dev/md/Sapana storage
mount /dev/mapper/storage /storage
echo "Storage partition mounted."
fi
echo "Starting services..."
systemctl restart deluged.service delugeweb.service duplicacy-web.service forgejo.service jellyfin.service
systemctl --machine aires@.host --user start syncthing.service
systemctl restart nginx.service
echo "Services started. $(hostname) is ready to go!"
exit 0

View file

@ -12,10 +12,6 @@ in
networking.hostName = hostName;
###*** Configure your system below this line. ***###
# Set your time zone.
# To see all available timezones, run `timedatectl list-timezones`.
time.timeZone = "America/New_York";
# Configure the system.
aux.system = {
# Enable to allow unfree (e.g. closed source) packages.
@ -80,12 +76,7 @@ in
users.aires = {
enable = true;
services = {
syncthing = {
enable = true;
autostart = true;
};
};
services.syncthing.enable = true;
};
};

View file

@ -12,7 +12,17 @@ in
imports = [ ./hardware-configuration.nix ];
system.stateVersion = stateVersion;
networking.hostName = hostName;
networking = {
hostName = hostName;
# Connect to the network automagically
networkmanager.enable = lib.mkForce false;
wireless.networks = {
"${config.secrets.networking.networks.home.SSID}" = {
psk = "${config.secrets.networking.networks.home.password}";
};
};
};
aux.system = {
bootloader.enable = false; # Bootloader configured in hardware-configuration.nix
@ -30,16 +40,4 @@ in
};
nix.distributedBuilds = true;
time.timeZone = "America/New_York";
# Connect to the network automagically
networking = {
networkmanager.enable = lib.mkForce false;
wireless.networks = {
"${config.secrets.networking.networks.home.SSID}" = {
psk = "${config.secrets.networking.networks.home.password}";
};
};
};
}

View file

@ -34,7 +34,7 @@ in
enable = true;
services.syncthing = {
enable = true;
autostart = true;
home = "/home/aires/.config/syncthing";
};
};
};

View file

@ -10,7 +10,7 @@ let
in
{
options = {
aux.system.apps.writing.enable = lib.mkEnableOption (lib.mdDoc "Enables writing and editing tools");
aux.system.apps.writing.enable = lib.mkEnableOption "Enables writing and editing tools";
};
config = lib.mkIf cfg.enable {

View file

@ -8,19 +8,12 @@
{
config = {
# Install ZSH for all users
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;
aux.system = {
packages = with pkgs; [
fastfetch # Show a neat system statistics screen when opening a terminal
htop
mdadm # RAID management
nh # Nix Helper: https://github.com/viperML/nh
zellij # Terminal multiplexer
];
};
# Install base packages
aux.system.packages = with pkgs; [
fastfetch # Show a neat system statistics screen when opening a terminal
htop # System monitor
zellij # Terminal multiplexer
];
# Allow packages from the unstable repo by using 'pkgs.unstable'
nixpkgs.overlays = [
@ -33,14 +26,17 @@
];
programs = {
# Install ZSH for all users
zsh.enable = true;
# Enable NH, an alternative nixos-rebuild frontend.
# https://github.com/viperML/nh
nh = {
enable = true;
flake = "${config.secrets.nixConfigFolder}";
};
# Do some additional Nano configuration
# Configure nano
nano.nanorc = ''
set linenumbers
set tabsize 4
set softwrap
set autoindent
@ -48,6 +44,7 @@
'';
};
services.fail2ban.enable = true;
# Set ZSH as the default shell
users.defaultUserShell = pkgs.zsh;
};
}

View file

@ -7,7 +7,7 @@ in
{
options = {
aux.system.services.myModule = {
enable = lib.mkEnableOption (lib.mdDoc "Enables this example module.");
enable = lib.mkEnableOption "Enables this example module.";
attributes = lib.mkOption {
default = { };
type = lib.types.attrs;

View file

@ -6,9 +6,7 @@ in
{
options = {
aux.system.services.acme = {
enable = lib.mkEnableOption (
lib.mdDoc "Enable the ACME client (for Let's Encrypt TLS certificates)."
);
enable = lib.mkEnableOption "Enable the ACME client (for Let's Encrypt TLS certificates).";
certs = lib.mkOption {
default = { };
type = lib.types.attrs;

View file

@ -10,7 +10,7 @@ in
{
options = {
aux.system.services.airsonic = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Airsonic Advanced media streaming service.");
enable = lib.mkEnableOption "Enables Airsonic Advanced media streaming service.";
home = lib.mkOption {
default = "/var/lib/airsonic";
type = lib.types.str;

View file

@ -7,7 +7,7 @@ in
{
options = {
aux.system.services.autoUpgrade = {
enable = lib.mkEnableOption (lib.mdDoc "Enables automatic system updates.");
enable = lib.mkEnableOption "Enables automatic system updates.";
branches = lib.mkOption {
type = lib.types.attrs;
description = "Which local and remote branches to compare.";
@ -31,9 +31,7 @@ in
type = lib.types.bool;
description = "If true, the time when the service unit was last triggered is stored on disk. When the timer is activated, the service unit is triggered immediately if it would have been triggered at least once during the time when the timer was inactive. This is useful to catch up on missed runs of the service when the system was powered down.";
};
pushUpdates = lib.mkEnableOption (
lib.mdDoc "Updates the flake.lock file and pushes it back to the repo."
);
pushUpdates = lib.mkEnableOption "Updates the flake.lock file and pushes it back to the repo.";
user = lib.mkOption {
type = lib.types.str;
description = "The user who owns the configDir.";

View file

@ -10,9 +10,7 @@ let
in
{
options = {
aux.system.services.boinc.enable = lib.mkEnableOption (
lib.mdDoc "Enables BOINC distributed computing service."
);
aux.system.services.boinc.enable = lib.mkEnableOption "Enables BOINC distributed computing service.";
};
config = lib.mkIf cfg.enable {

View file

@ -24,7 +24,7 @@ in
{
options = {
aux.system.services.forgejo = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Forgejo Git hosting service.");
enable = lib.mkEnableOption "Enables Forgejo Git hosting service.";
domain = lib.mkOption {
default = "/var/lib/forgejo";
type = lib.types.str;
@ -44,7 +44,7 @@ in
example = "https://forgejo.example.com";
};
actions = {
enable = lib.mkEnableOption (lib.mdDoc "Enables a local Forgejo Actions runner.");
enable = lib.mkEnableOption "Enables a local Forgejo Actions runner.";
token = lib.mkOption {
default = "";
type = lib.types.str;

View file

@ -11,7 +11,7 @@ in
{
options = {
aux.system.services.home-assistant = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Home Assistant.");
enable = lib.mkEnableOption "Enables Home Assistant.";
domain = lib.mkOption {
default = "";
type = lib.types.str;

View file

@ -14,7 +14,7 @@ in
{
options = {
aux.system.services.jellyfin = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the Jellyfin media streaming service.");
enable = lib.mkEnableOption "Enables the Jellyfin media streaming service.";
home = lib.mkOption {
default = "/var/lib/jellyfin";
type = lib.types.str;

View file

@ -6,8 +6,7 @@ in
{
options = {
aux.system.services.nginx = {
autostart = lib.mkEnableOption (lib.mdDoc "Whether to autostart Nginx at boot.");
enable = lib.mkEnableOption (lib.mdDoc "Enable the Nginx web server.");
enable = lib.mkEnableOption "Enable the Nginx web server.";
virtualHosts = lib.mkOption {
default = { };
@ -37,8 +36,5 @@ in
443
];
};
# Disable autostart if configured
systemd.services.nginx = lib.mkIf (!cfg.autostart) { wantedBy = lib.mkForce [ ]; };
};
}

View file

@ -6,7 +6,7 @@ in
{
options = {
aux.system.services.ssh = {
enable = lib.mkEnableOption (lib.mdDoc "Enables SSH server.");
enable = lib.mkEnableOption "Enables SSH server.";
ports = lib.mkOption {
default = [ 22 ];
type = lib.types.listOf lib.types.int;

View file

@ -12,16 +12,16 @@ in
{
options = {
aux.system.services.virtualization = {
enable = lib.mkEnableOption (lib.mdDoc "Enables virtualization tools on this host.");
enable = lib.mkEnableOption "Enables virtualization tools on this host.";
host = {
enable = lib.mkEnableOption (lib.mdDoc "Enables virtual machine hosting.");
enable = lib.mkEnableOption "Enables virtual machine hosting.";
user = lib.mkOption {
default = "";
type = lib.types.str;
description = "The default user to add as a KVM admin.";
};
vmBuilds = {
enable = lib.mkEnableOption (lib.mdDoc "Enables builds via `nixos-rebuild build-vm` on this host.");
enable = lib.mkEnableOption "Enables builds via `nixos-rebuild build-vm` on this host.";
cores = lib.mkOption {
type = lib.types.int;
description = "How many cores to assign to `nixos-rebuild build-vm` builds. Defaults to 2.";

View file

@ -13,7 +13,7 @@ in
options = {
aux.system.bluetooth = {
enable = lib.mkEnableOption (lib.mdDoc "Enables bluetooth");
enable = lib.mkEnableOption "Enables bluetooth.";
};
};

View file

@ -21,8 +21,8 @@ in
default = true;
};
secureboot.enable = lib.mkEnableOption (lib.mdDoc "Enables Secureboot support.");
tpm2.enable = lib.mkEnableOption (lib.mdDoc "Enables TPM2 support.");
secureboot.enable = lib.mkEnableOption "Enables Secureboot support (please read the README before enabling!).";
tpm2.enable = lib.mkEnableOption "Enables TPM2 support.";
};
};
@ -34,8 +34,10 @@ in
bootspec.enable = true;
# Use Lanzaboote in place of systemd-boot.
loader.systemd-boot.enable = false;
loader.efi.canTouchEfiVariables = true;
loader = {
systemd-boot.enable = false;
efi.canTouchEfiVariables = true;
};
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
@ -46,9 +48,8 @@ in
# Set up TPM if enabled. See https://wiki.nixos.org/wiki/TPM
(lib.mkIf (cfg.tpm2.enable) {
boot.initrd = {
# Enable systemd for TPM auto-unlocking
# Enable modules and support for TPM auto-unlocking
systemd.enable = true;
availableKernelModules = [ "tpm_crb" ];
kernelModules = [ "tpm_crb" ];
};

View file

@ -9,7 +9,7 @@ in
{
options = {
aux.system.filesystem = {
enable = lib.mkEnableOption (lib.mdDoc "Enables standard BTRFS subvolumes and parameters.");
enable = lib.mkEnableOption "Enables standard BTRFS subvolumes and parameters.";
partitions = {
boot = lib.mkOption {
type = lib.types.str;
@ -28,7 +28,7 @@ in
default = true;
};
swapFile = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the creation of a swap file.");
enable = lib.mkEnableOption "Enables the creation of a swap file.";
size = lib.mkOption {
type = lib.types.int;
description = "The size of the swap file to create in MB (defaults to 8192, or ~8 gigabytes).";

View file

@ -10,7 +10,7 @@ let
in
{
options = {
aux.system.gpu.amd.enable = lib.mkEnableOption (lib.mdDoc "Enables AMD GPU support.");
aux.system.gpu.amd.enable = lib.mkEnableOption "Enables AMD GPU support.";
};
config = lib.mkIf cfg.enable {

View file

@ -10,7 +10,7 @@ let
in
{
options = {
aux.system.gpu.intel.enable = lib.mkEnableOption (lib.mdDoc "Enables Intel GPU support.");
aux.system.gpu.intel.enable = lib.mkEnableOption "Enables Intel GPU support.";
};
config = lib.mkIf cfg.enable {
@ -19,26 +19,28 @@ in
environment.variables.VDPAU_DRIVER = "va_gl";
hardware.opengl.extraPackages = with pkgs; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
else
intel-vaapi-driver
)
libvdpau-va-gl
intel-media-driver
];
hardware.opengl = {
extraPackages = with pkgs; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
else
intel-vaapi-driver
)
libvdpau-va-gl
intel-media-driver
];
hardware.opengl.extraPackages32 = with pkgs.driversi686Linux; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
else
intel-vaapi-driver
)
libvdpau-va-gl
intel-media-driver
];
extraPackages32 = with pkgs.driversi686Linux; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
else
intel-vaapi-driver
)
libvdpau-va-gl
intel-media-driver
];
};
};
}

View file

@ -11,12 +11,10 @@ in
{
options = {
aux.system.gpu.nvidia = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Nvidia GPU support.");
enable = lib.mkEnableOption "Enables Nvidia GPU support.";
hybrid = {
enable = lib.mkEnableOption (lib.mdDoc "Enables hybrid GPU support.");
sync = lib.mkEnableOption (
lib.mdDoc "Enables sync mode for faster performance at the cost of higher battery usage."
);
enable = lib.mkEnableOption "Enables hybrid GPU support.";
sync = lib.mkEnableOption "Enables sync mode for faster performance at the cost of higher battery usage.";
busIDs = {
nvidia = lib.mkOption {
description = "The bus ID for your Nvidia GPU.";
@ -57,24 +55,25 @@ in
aux.system.allowUnfree = true;
services.xserver.videoDrivers = lib.mkDefault [ "nvidia" ];
hardware.opengl.extraPackages = with pkgs; [ vaapiVdpau ];
hardware = {
opengl.extraPackages = with pkgs; [ vaapiVdpau ];
nvidia = {
modesetting.enable = true;
nvidiaSettings = config.aux.system.ui.desktops.enable;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = lib.mkIf cfg.hybrid.enable {
hardware.nvidia = {
modesetting.enable = true;
nvidiaSettings = config.aux.system.ui.desktops.enable;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = lib.mkIf cfg.hybrid.enable {
offload = lib.mkIf (!cfg.hybrid.sync) {
enable = true;
enableOffloadCmd = true; # Provides `nvidia-offload` command.
};
offload = lib.mkIf (!cfg.hybrid.sync) {
enable = true;
enableOffloadCmd = true; # Provides `nvidia-offload` command.
sync.enable = cfg.hybrid.sync;
nvidiaBusId = cfg.hybrid.busIDs.nvidia;
intelBusId = cfg.hybrid.busIDs.intel;
amdgpuBusId = cfg.hybrid.busIDs.amd;
};
sync.enable = cfg.hybrid.sync;
nvidiaBusId = cfg.hybrid.busIDs.nvidia;
intelBusId = cfg.hybrid.busIDs.intel;
amdgpuBusId = cfg.hybrid.busIDs.amd;
};
};
};

View file

@ -12,4 +12,8 @@
nftables.enable = true;
firewall.enable = true;
};
# Enable fail2ban by default
# https://github.com/fail2ban/fail2ban
services.fail2ban.enable = true;
}

View file

@ -11,11 +11,13 @@ let
in
{
options = {
aux.system.allowUnfree = lib.mkEnableOption (lib.mdDoc "Allow unfree packages to install.");
aux.system.retentionPeriod = lib.mkOption {
description = "How long to retain NixOS generations. Defaults to one month.";
type = lib.types.str;
default = "monthly";
aux.system = {
allowUnfree = lib.mkEnableOption "Allow unfree packages to install.";
retentionPeriod = lib.mkOption {
description = "How long to retain NixOS generations. Defaults to one month.";
type = lib.types.str;
default = "monthly";
};
};
};
config = {
@ -33,15 +35,15 @@ in
trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ];
# Only allow these users to use Nix
allowed-users = [
"root"
config.users.users.aires.name
allowed-users = with config.users.users; [
root.name
aires.name
];
# Avoid signature verification messages when doing remote builds
trusted-users = [
config.users.users.aires.name
] ++ lib.optionals (config.aux.system.users.gremlin.enable) [ config.users.users.gremlin.name ];
trusted-users =
with config.users.users;
[ aires.name ] ++ lib.optionals (config.aux.system.users.gremlin.enable) [ gremlin.name ];
};
# Enable periodic nix store optimization
@ -63,10 +65,10 @@ in
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
# Configure remote build machines
# To enable remote builds for a specific host, add `nix.distributedBuilds = true;` to its config
# To enable a system to use remote build machines, add `nix.distributedBuilds = true;` to its config
buildMachines = [
{
hostName = "dimaga";
hostName = "hevana";
systems = [
"x86_64-linux"
"aarch64-linux"

View file

@ -19,6 +19,40 @@ in
ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb
MAILADDR ${config.secrets.users.aires.email}
'';
# Auto-unlock RAID array with a key file
environment.etc."crypttab".text = ''
storage /dev/md/Sapana ${config.secrets.devices.storage.keyFile.path} nofail,keyfile-timeout=5s
'';
fileSystems."/storage" = {
device = "/dev/mapper/storage";
# Keep booting even if the array fails to unlock
options = [
"nofail"
"x-systemd.device-timeout=5s"
];
};
# Automatically scrub the array monthly
systemd = {
services."raid-scrub" = {
description = "Periodically scrub RAID volumes for errors.";
serviceConfig = {
Type = "oneshot";
User = "root";
};
script = "echo check > /sys/block/md127/md/sync_action";
};
timers."raid-scrub" = {
description = "Periodically scrub RAID volumes for errors.";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "monthly";
Persistent = true;
Unit = "raid-scrub.service";
};
};
};
})
];
}

View file

@ -46,7 +46,7 @@ in
environment.systemPackages = cfg.corePackages ++ cfg.packages;
services = {
# Automatically set the timezone
# Automatically set the timezone based on location
automatic-timezoned.enable = true;
geoclue2.enableDemoAgent = lib.mkForce true;

View file

@ -12,10 +12,8 @@ in
{
options = {
aux.system.ui.audio = {
enable = lib.mkEnableOption (lib.mdDoc "Enables audio.");
enableLowLatency = lib.mkEnableOption (
lib.mdDoc "Enables low-latency audio (may cause crackling) per https://wiki.nixos.org/wiki/PipeWire#Low-latency_setup."
);
enable = lib.mkEnableOption "Enables audio.";
enableLowLatency = lib.mkEnableOption "Enables low-latency audio (may cause crackling) per https://wiki.nixos.org/wiki/PipeWire#Low-latency_setup.";
};
};
@ -29,10 +27,12 @@ in
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
alsa = {
enable = true;
support32Bit = true;
};
# Reduce audio latency per https://wiki.nixos.org/wiki/PipeWire#Low-latency_setup
extraConfig.pipewire = lib.mkIf cfg.enableLowLatency {

View file

@ -5,9 +5,7 @@ let
in
{
options = {
aux.system.ui.desktops.budgie.enable = lib.mkEnableOption (
lib.mdDoc "Enables the Budgie desktop environment."
);
aux.system.ui.desktops.budgie.enable = lib.mkEnableOption "Enables the Budgie desktop environment.";
};
config = lib.mkIf cfg.enable {

View file

@ -12,7 +12,7 @@ in
{
options = {
aux.system.ui.desktops = {
enable = lib.mkEnableOption (lib.mdDoc "Enables base desktop environment support.");
enable = lib.mkEnableOption "Enables base desktop environment support.";
xkb = lib.mkOption {
description = "The keyboard layout to use by default. Defaults to us.";
type = lib.types.attrs;

View file

@ -13,10 +13,8 @@ in
options = {
aux.system.ui.desktops.gnome = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the Gnome Desktop Environment.");
tripleBuffering.enable = lib.mkEnableOption (
lib.mdDoc "(Experimental) Enables dynamic triple buffering"
);
enable = lib.mkEnableOption "Enables the Gnome Desktop Environment.";
tripleBuffering.enable = lib.mkEnableOption "(Experimental) Enables dynamic triple buffering";
};
};
@ -89,7 +87,7 @@ in
gnomeExtensions.alphabetical-app-grid
gnomeExtensions.appindicator
gnomeExtensions.dash-to-panel
gnomeExtensions.forge
gnomeExtensions.random-wallpaper
# Themeing
gnome.gnome-themes-extra
papirus-icon-theme

View file

@ -5,9 +5,7 @@ let
in
{
options = {
aux.system.ui.desktops.hyprland.enable = lib.mkEnableOption (
lib.mdDoc "Enables the Hyprland desktop environment."
);
aux.system.ui.desktops.hyprland.enable = lib.mkEnableOption "Enables the Hyprland desktop environment.";
};
config = lib.mkIf cfg.enable {

View file

@ -12,8 +12,8 @@ in
{
options = {
aux.system.ui.desktops.kde = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the KDE Desktop Environment.");
useX11 = lib.mkEnableOption (lib.mdDoc "Uses X11 instead of Wayland.");
enable = lib.mkEnableOption "Enables the KDE Desktop Environment.";
useX11 = lib.mkEnableOption "Uses X11 instead of Wayland.";
};
};

View file

@ -5,9 +5,7 @@ let
in
{
options = {
aux.system.ui.desktops.xfce.enable = lib.mkEnableOption (
lib.mdDoc "Enables the XFCE desktop environment."
);
aux.system.ui.desktops.xfce.enable = lib.mkEnableOption "Enables the XFCE desktop environment.";
};
config = lib.mkIf cfg.enable {

View file

@ -29,9 +29,7 @@ in
}
];
};
useBindFS = lib.mkEnableOption {
description = "Whether to use a BindFS mount to support custom themes and cursors. May cause performance issues.";
};
useBindFS = lib.mkEnableOption "Whether to use a BindFS mount to support custom themes and cursors. May cause performance issues.";
};
};

View file

@ -18,10 +18,10 @@ in
services.syncthing = {
enable = lib.mkEnableOption "Enables Syncthing";
enableTray = lib.mkEnableOption "Enables the Syncthing Tray application";
autostart = lib.mkOption {
default = true;
type = lib.types.bool;
description = "Whether to auto-start Syncthing on boot";
home = lib.mkOption {
default = "${config.users.users.aires.home}/.config/syncthing";
type = lib.types.str;
description = "Where to store Syncthing's configuration files";
};
};
};
@ -62,16 +62,6 @@ in
username = "aires";
homeDirectory = "/home/aires";
# Install extra packages, specifically gnome extensions
packages = lib.mkIf config.aux.system.ui.desktops.gnome.enable [
pkgs.gnomeExtensions.wallpaper-slideshow
];
# Set environment variables
sessionVariables = {
KUBECONFIG = "/home/aires/.kube/config";
};
# Create .face file
file.".face".source = ./face.png;
};
@ -114,19 +104,6 @@ in
loginExtra = "fastfetch";
};
};
# Gnome settings specific to aires on Shura
/*
dconf.settings = lib.mkIf (config.networking.hostName == "Shura") {
"org/gnome/desktop/interface" = {
# Increase font scaling;
text-scaling-factor = 1.3;
# Dark mode
color-scheme = "prefer-dark";
};
};
*/
};
}
@ -158,15 +135,12 @@ in
enable = true;
extraOptions = [
"--gui-address=0.0.0.0:8080"
"--home=${config.users.users.aires.home}/.config/syncthing"
"--home=${cfg.services.syncthing.home}"
"--no-default-folder"
];
};
# Override the default Syncthing settings so it doesn't start on boot
systemd.user.services."syncthing" = lib.mkIf (!cfg.services.syncthing.autostart) {
wantedBy = lib.mkForce { };
};
systemd.user.services."syncthing".unitConfig.requiresMountsFor = cfg.services.syncthing.home;
};
})
]

View file

@ -17,10 +17,10 @@ in
services.syncthing = {
enable = lib.mkEnableOption "Enables Syncthing";
enableTray = lib.mkEnableOption "Enables the Syncthing Tray application";
autostart = lib.mkOption {
default = true;
type = lib.types.bool;
description = "Whether to auto-start Syncthing on boot";
home = lib.mkOption {
default = "${config.users.users.gremlin.home}/.config/syncthing";
type = lib.types.str;
description = "Where to store Syncthing's configuration files";
};
};
};
@ -126,15 +126,12 @@ in
enable = true;
extraOptions = [
"--gui-address=0.0.0.0:8081"
"--home=${config.users.users.gremlin.home}/.config/syncthing"
"--home=${cfg.services.syncthing.home}"
"--no-default-folder"
];
};
# Override the default Syncthing settings so it doesn't start on boot
systemd.user.services."syncthing" = lib.mkIf (!cfg.services.syncthing.autostart) {
wantedBy = lib.mkForce { };
};
systemd.user.services."syncthing".unitConfig.requiresMountsFor = cfg.services.syncthing.home;
};
})
];

View file

@ -13,16 +13,18 @@ in
};
config = lib.mkIf cfg.enable {
users.groups."media" = {
gid = 1001;
};
users = {
users.media = {
isNormalUser = false;
isSystemUser = true;
description = "Media manager";
uid = 1001;
group = "media";
};
users.users.media = {
isNormalUser = false;
isSystemUser = true;
description = "Media manager";
uid = 1001;
group = "media";
groups."media" = {
gid = 1001;
};
};
};
}

@ -1 +1 @@
Subproject commit 25576ffa753b96e2289380feb81d3ed82e00cbc7
Subproject commit 2e559fbe36dc49c3ea63cc9856b899eb9269950f