move nixos/base to baseModules

This commit is contained in:
Aly Raffauf 2024-07-07 19:17:35 -04:00
parent 6233a45649
commit dbb3ec3895
21 changed files with 342 additions and 417 deletions

121
baseModules/default.nix Normal file
View file

@ -0,0 +1,121 @@
inputs: {
config,
lib,
pkgs,
...
}: {
imports = [./nixpkgs.nix];
console.useXkbConfig = true;
environment.systemPackages = with pkgs; [
inputs.agenix.packages.${pkgs.system}.default
inxi
];
i18n = {
defaultLocale = lib.mkDefault "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = config.i18n.defaultLocale;
LC_IDENTIFICATION = config.i18n.defaultLocale;
LC_MEASUREMENT = config.i18n.defaultLocale;
LC_MONETARY = config.i18n.defaultLocale;
LC_NAME = config.i18n.defaultLocale;
LC_NUMERIC = config.i18n.defaultLocale;
LC_PAPER = config.i18n.defaultLocale;
LC_TELEPHONE = config.i18n.defaultLocale;
LC_TIME = config.i18n.defaultLocale;
};
};
hardware.keyboard.qmk.enable = true;
programs = {
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
nh.enable = true;
};
nix = {
gc = {
automatic = true;
dates = "daily";
options = "--delete-older-than 3d";
persistent = true;
randomizedDelaySec = "60min";
};
# Run GC when there is less than 100MiB left.
extraOptions = ''
min-free = ${toString (100 * 1024 * 1024)}
max-free = ${toString (1024 * 1024 * 1024)}
'';
optimise.automatic = true;
settings = {
auto-optimise-store = false;
experimental-features = ["nix-command" "flakes"];
};
};
security = {
polkit.enable = true;
rtkit.enable = true;
};
services = {
avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
publish = {
enable = true;
addresses = true;
userServices = true;
workstation = true;
};
};
logind.extraConfig = ''
# Don't shutdown when power button is short-pressed
HandlePowerKey=suspend
HandlePowerKeyLongPress=poweroff
'';
openssh = {
enable = true;
openFirewall = true;
settings.PasswordAuthentication = false;
};
printing.enable = true;
system-config-printer.enable = true;
};
sound.enable = true;
system.autoUpgrade = {
allowReboot = true;
dates = "04:00";
randomizedDelaySec = "20min";
enable = true;
flake = "github:alyraffauf/nixcfg";
operation = "boot";
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
};
time.timeZone = "America/New_York";
zramSwap = {
enable = lib.mkDefault true;
memoryPercent = lib.mkDefault 50;
};
}

46
baseModules/nixpkgs.nix Normal file
View file

@ -0,0 +1,46 @@
{
config,
inputs,
lib,
pkgs,
...
}: {
nixpkgs = let
unstable = import inputs.nixpkgsUnstable {
system = pkgs.system;
config.allowUnfree = true; # Allow unfree packages
};
in {
config.allowUnfree = true; # Allow unfree packages
# Overlays over default packages.
overlays = [
inputs.nur.overlay
(final: prev: {
alyraffauf-wallpapers = inputs.wallpapers.packages.${pkgs.system}.default;
brave = prev.brave.override {commandLineArgs = "--gtk-version=4 --enable-wayland-ime";};
google-chrome = prev.google-chrome.override {commandLineArgs = "--gtk-version=4 --enable-wayland-ime";};
hyprland = inputs.hyprland.packages.${pkgs.system}.hyprland;
nerdfonts = prev.nerdfonts.override {fonts = ["Noto"];};
obsidian = prev.obsidian.overrideAttrs (old: {
installPhase =
builtins.replaceStrings ["--ozone-platform=wayland"]
["--ozone-platform=wayland --enable-wayland-ime"]
old.installPhase;
});
vscodium = prev.vscodium.override {commandLineArgs = "--enable-wayland-ime";};
webcord = prev.webcord.overrideAttrs (old: {
installPhase =
builtins.replaceStrings ["--ozone-platform-hint=auto"]
["--ozone-platform-hint=auto --enable-wayland-ime"]
old.installPhase;
});
xdg-desktop-portal-hyprland = inputs.hyprland.packages.${pkgs.system}.xdg-desktop-portal-hyprland;
})
];
};
}

View file

@ -75,11 +75,11 @@
homeManagerModules.default = homeManagerModules.default =
import ./homeManagerModules inputs self; import ./homeManagerModules inputs self;
nixosModules.nixos = nixosModules = {
import ./nixosModules inputs; base = import ./baseModules inputs;
nixos = import ./nixosModules inputs;
nixosModules.users = users = import ./userModules inputs;
import ./userModules inputs; };
nixosConfigurations = nixosConfigurations =
inputs.nixpkgs.lib.genAttrs [ inputs.nixpkgs.lib.genAttrs [
@ -102,6 +102,7 @@
inputs.nixvim.nixosModules.nixvim inputs.nixvim.nixosModules.nixvim
inputs.nur.nixosModules.nur inputs.nur.nixosModules.nur
inputs.raffauflabs.nixosModules.raffauflabs inputs.raffauflabs.nixosModules.raffauflabs
self.nixosModules.base
self.nixosModules.nixos self.nixosModules.nixos
self.nixosModules.users self.nixosModules.users

121
hosts/common.nix Normal file
View file

@ -0,0 +1,121 @@
{
config,
lib,
pkgs,
...
}: {
age.secrets.wifi.file = ../secrets/wifi.age;
environment.variables.FLAKE = "github:alyraffauf/nixcfg";
fileSystems = lib.attrsets.optionalAttrs (config.networking.hostName != "mauville") {
"/mnt/Archive" = {
device = "//mauville/Archive";
fsType = "cifs";
options = [
"gid=100"
"guest"
"nofail"
"uid=${toString config.users.users.aly.uid}"
"x-systemd.after=network.target"
"x-systemd.after=tailscaled.service"
"x-systemd.automount"
"x-systemd.device-timeout=5s"
"x-systemd.idle-timeout=60"
"x-systemd.mount-timeout=5s"
];
};
"/mnt/Media" = {
device = "//mauville/Media";
fsType = "cifs";
options = [
"gid=100"
"guest"
"nofail"
"uid=${toString config.users.users.aly.uid}"
"x-systemd.after=network.target"
"x-systemd.after=tailscaled.service"
"x-systemd.automount"
"x-systemd.device-timeout=5s"
"x-systemd.idle-timeout=60"
"x-systemd.mount-timeout=5s"
];
};
};
home-manager.sharedModules = [
{
gtk.gtk3.bookmarks = lib.optionals (config.networking.hostName != "mauville") [
"file:///mnt/Media"
"file:///mnt/Archive"
];
}
];
nix.settings.trusted-users = ["aly"];
networking.networkmanager = {
enable = true;
ensureProfiles = {
environmentFiles = [config.age.secrets.wifi.path];
profiles = let
mkOpenWiFi = ssid: {
connection = {
id = "${ssid}";
type = "wifi";
};
ipv4.method = "auto";
ipv6 = {
addr-gen-mode = "default";
method = "auto";
};
wifi = {
mode = "infrastructure";
ssid = "${ssid}";
};
};
mkWPA2WiFi = ssid: psk: (
(mkOpenWiFi ssid)
// {
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "${psk}";
};
}
);
mkEAPWiFi = ssid: identity: pass: auth: (
(mkOpenWiFi ssid)
// {
"802-1x" = {
eap = "peap;";
identity = "${identity}";
password = "${pass}";
phase2-auth = "${auth}";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-eap";
};
}
);
in {
"Dustin's A54" = mkWPA2WiFi "Dustin's A54" "$DustinsA54PSK";
"FCS-WiFi2" = mkEAPWiFi "FCS-WiFi2" "$FCSIdentity" "$FCSPassword" "mschapv2";
"javapatron" = mkOpenWiFi "javapatron";
"Stargate-Discovery" = mkWPA2WiFi "Stargate-Discovery" "$StargateDiscoveryPSK";
"Taproom Public WiFi" = mkOpenWiFi "Taproom Public WiFi";
"wallace" = mkWPA2WiFi "wallace" "$wallacePSK";
"WeWorkWiFi" = mkEAPWiFi "WeWorkWiFi" "$WeWorkWiFiIdentity" "$WeWorkWiFiPassword" "mschapv2";
};
};
};
}

View file

@ -7,6 +7,7 @@
... ...
}: { }: {
imports = [ imports = [
../common.nix
./disko.nix ./disko.nix
./home.nix ./home.nix
inputs.nixhw.nixosModules.framework-13-intel-11th inputs.nixhw.nixosModules.framework-13-intel-11th
@ -26,11 +27,6 @@
steam.enable = true; steam.enable = true;
}; };
base = {
enable = true;
sambaAutoMount = false;
};
desktop = { desktop = {
greetd.enable = true; greetd.enable = true;
hyprland.enable = true; hyprland.enable = true;

View file

@ -8,6 +8,7 @@
... ...
}: { }: {
imports = [ imports = [
../common.nix
./disko.nix ./disko.nix
./home.nix ./home.nix
inputs.nixhw.nixosModules.framework-13-amd-7000 inputs.nixhw.nixosModules.framework-13-amd-7000
@ -30,8 +31,6 @@
virt-manager.enable = true; virt-manager.enable = true;
}; };
base.enable = true;
desktop = { desktop = {
greetd = { greetd = {
enable = true; enable = true;

View file

@ -4,20 +4,29 @@
inputs, inputs,
lib, lib,
pkgs, pkgs,
self,
... ...
}: { }: {
imports = [ imports = [
../common.nix
./disko.nix ./disko.nix
./hardware.nix
./home.nix ./home.nix
inputs.nixhw.nixosModules.common-amd-cpu
inputs.nixhw.nixosModules.common-amd-gpu
inputs.nixhw.nixosModules.common-bluetooth
inputs.nixhw.nixosModules.common-ssd
]; ];
boot.loader = { boot = {
initrd.availableKernelModules = ["nvme" "sd_mod" "usb_storage" "usbhid" "xhci_pci"];
kernelPackages = pkgs.linuxPackages_latest;
loader = {
efi.canTouchEfiVariables = true; efi.canTouchEfiVariables = true;
systemd-boot.enable = true; systemd-boot.enable = true;
}; };
};
hardware.enableAllFirmware = true;
networking.hostName = "mandarin"; networking.hostName = "mandarin";
services.ollama = { services.ollama = {
@ -35,8 +44,6 @@
virt-manager.enable = true; virt-manager.enable = true;
}; };
base.enable = true;
desktop = { desktop = {
greetd = { greetd = {
enable = true; enable = true;

View file

@ -1,22 +0,0 @@
{
config,
inputs,
lib,
pkgs,
...
}: {
imports = [
inputs.nixhw.nixosModules.common-amd-cpu
inputs.nixhw.nixosModules.common-amd-gpu
inputs.nixhw.nixosModules.common-bluetooth
inputs.nixhw.nixosModules.common-ssd
];
boot = {
initrd.availableKernelModules = ["nvme" "sd_mod" "usb_storage" "usbhid" "xhci_pci"];
kernelPackages = pkgs.linuxPackages_latest;
};
hardware.enableAllFirmware = true;
}

View file

@ -1,6 +1,7 @@
# Custom desktop with AMD Ryzen 5 2600, 16GB RAM, AMD Rx 6700, and 1TB SSD + 2TB HDD. # Custom desktop with AMD Ryzen 5 2600, 16GB RAM, AMD Rx 6700, and 1TB SSD + 2TB HDD.
{ {
config, config,
inputs,
lib, lib,
pkgs, pkgs,
... ...
@ -10,9 +11,13 @@
mediaDirectory = "/mnt/Media"; mediaDirectory = "/mnt/Media";
in { in {
imports = [ imports = [
../common.nix
./filesystems.nix ./filesystems.nix
./hardware.nix
./home.nix ./home.nix
inputs.nixhw.nixosModules.common-amd-cpu
inputs.nixhw.nixosModules.common-amd-gpu
inputs.nixhw.nixosModules.common-bluetooth
inputs.nixhw.nixosModules.common-ssd
]; ];
age.secrets = { age.secrets = {
@ -39,11 +44,16 @@ in {
}; };
}; };
boot.loader = { boot = {
initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "sd_mod"];
loader = {
efi.canTouchEfiVariables = true; efi.canTouchEfiVariables = true;
systemd-boot.enable = true; systemd-boot.enable = true;
}; };
};
hardware.enableAllFirmware = true;
networking.hostName = "mauville"; networking.hostName = "mauville";
services = { services = {
@ -94,8 +104,6 @@ in {
virt-manager.enable = true; virt-manager.enable = true;
}; };
base.enable = true;
desktop = { desktop = {
greetd = { greetd = {
enable = true; enable = true;

View file

@ -1,18 +0,0 @@
{
config,
inputs,
lib,
pkgs,
...
}: {
imports = [
inputs.nixhw.nixosModules.common-amd-cpu
inputs.nixhw.nixosModules.common-amd-gpu
inputs.nixhw.nixosModules.common-bluetooth
inputs.nixhw.nixosModules.common-ssd
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "sd_mod"];
hardware.enableAllFirmware = true;
}

View file

@ -4,10 +4,10 @@
inputs, inputs,
lib, lib,
pkgs, pkgs,
self,
... ...
}: { }: {
imports = [ imports = [
../common.nix
./disko.nix ./disko.nix
./home.nix ./home.nix
inputs.nixhw.nixosModules.lenovo-yoga-9i-intel-13th inputs.nixhw.nixosModules.lenovo-yoga-9i-intel-13th
@ -29,8 +29,6 @@
steam.enable = true; steam.enable = true;
}; };
base.enable = true;
desktop = { desktop = {
greetd = { greetd = {
enable = true; enable = true;

View file

@ -8,6 +8,7 @@
... ...
}: { }: {
imports = [ imports = [
../common.nix
./disko.nix ./disko.nix
./home.nix ./home.nix
inputs.nixhw.nixosModules.thinkpad-t440p inputs.nixhw.nixosModules.thinkpad-t440p
@ -26,7 +27,6 @@
ar = { ar = {
apps.firefox.enable = true; apps.firefox.enable = true;
base.enable = true;
desktop = { desktop = {
greetd = { greetd = {

View file

@ -1,12 +1,11 @@
{ {
pkgs,
lib,
config, config,
lib,
pkgs,
... ...
}: { }: {
config = lib.mkIf config.ar.apps.virt-manager.enable { config = lib.mkIf config.ar.apps.virt-manager.enable {
programs.virt-manager.enable = true; programs.virt-manager.enable = true;
virtualisation.libvirtd.enable = true;
virtualisation = {libvirtd.enable = true;};
}; };
} }

View file

@ -1,78 +0,0 @@
{
config,
inputs,
lib,
pkgs,
...
}: {
imports = [
./networking
./nix
./nixpkgs
];
config = lib.mkIf config.ar.base.enable {
console.useXkbConfig = true;
environment.systemPackages = with pkgs; [
inputs.agenix.packages.${pkgs.system}.default
inxi
];
i18n = {
defaultLocale = lib.mkDefault "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = config.i18n.defaultLocale;
LC_IDENTIFICATION = config.i18n.defaultLocale;
LC_MEASUREMENT = config.i18n.defaultLocale;
LC_MONETARY = config.i18n.defaultLocale;
LC_NAME = config.i18n.defaultLocale;
LC_NUMERIC = config.i18n.defaultLocale;
LC_PAPER = config.i18n.defaultLocale;
LC_TELEPHONE = config.i18n.defaultLocale;
LC_TIME = config.i18n.defaultLocale;
};
};
hardware.keyboard.qmk.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
security = {
polkit.enable = true;
rtkit.enable = true;
};
services.logind.extraConfig = ''
# Don't shutdown when power button is short-pressed
HandlePowerKey=suspend
HandlePowerKeyLongPress=poweroff
'';
sound.enable = true;
system.autoUpgrade = {
allowReboot = true;
dates = "04:00";
randomizedDelaySec = "20min";
enable = true;
flake = "github:alyraffauf/nixcfg";
operation = "boot";
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
};
time.timeZone = "America/New_York";
zramSwap = {
enable = lib.mkDefault true;
memoryPercent = lib.mkDefault 50;
};
};
}

View file

@ -1,101 +0,0 @@
{
config,
inputs,
lib,
pkgs,
...
}: {
imports = [./sambaAutoMount.nix];
config = lib.mkIf config.ar.base.enable {
age.secrets.wifi.file = ../../../secrets/wifi.age;
networking.networkmanager = {
enable = true;
ensureProfiles = {
environmentFiles = [config.age.secrets.wifi.path];
profiles = let
mkOpenWiFi = ssid: {
connection = {
id = "${ssid}";
type = "wifi";
};
ipv4.method = "auto";
ipv6 = {
addr-gen-mode = "default";
method = "auto";
};
wifi = {
mode = "infrastructure";
ssid = "${ssid}";
};
};
mkWPA2WiFi = ssid: psk: (
(mkOpenWiFi ssid)
// {
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "${psk}";
};
}
);
mkEAPWiFi = ssid: identity: pass: auth: (
(mkOpenWiFi ssid)
// {
"802-1x" = {
eap = "peap;";
identity = "${identity}";
password = "${pass}";
phase2-auth = "${auth}";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-eap";
};
}
);
in {
"Dustin's A54" = mkWPA2WiFi "Dustin's A54" "$DustinsA54PSK";
"FCS-WiFi2" = mkEAPWiFi "FCS-WiFi2" "$FCSIdentity" "$FCSPassword" "mschapv2";
"javapatron" = mkOpenWiFi "javapatron";
"Stargate-Discovery" = mkWPA2WiFi "Stargate-Discovery" "$StargateDiscoveryPSK";
"Taproom Public WiFi" = mkOpenWiFi "Taproom Public WiFi";
"wallace" = mkWPA2WiFi "wallace" "$wallacePSK";
"WeWorkWiFi" = mkEAPWiFi "WeWorkWiFi" "$WeWorkWiFiIdentity" "$WeWorkWiFiPassword" "mschapv2";
};
};
};
services = {
avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
publish = {
enable = true;
addresses = true;
userServices = true;
workstation = true;
};
};
openssh = {
enable = true;
openFirewall = true;
settings.PasswordAuthentication = false;
};
printing.enable = true;
system-config-printer.enable = true;
};
};
}

View file

@ -1,54 +0,0 @@
{
config,
inputs,
lib,
pkgs,
...
}: {
config = lib.mkIf config.ar.base.sambaAutoMount {
fileSystems = {
"/mnt/Archive" = {
device = "//mauville/Archive";
fsType = "cifs";
options = [
"gid=100"
"guest"
"nofail"
"uid=${toString config.users.users.aly.uid}"
"x-systemd.after=network.target"
"x-systemd.after=tailscaled.service"
"x-systemd.automount"
"x-systemd.device-timeout=5s"
"x-systemd.idle-timeout=60"
"x-systemd.mount-timeout=5s"
];
};
"/mnt/Media" = {
device = "//mauville/Media";
fsType = "cifs";
options = [
"gid=100"
"guest"
"nofail"
"uid=${toString config.users.users.aly.uid}"
"x-systemd.after=network.target"
"x-systemd.after=tailscaled.service"
"x-systemd.automount"
"x-systemd.device-timeout=5s"
"x-systemd.idle-timeout=60"
"x-systemd.mount-timeout=5s"
];
};
};
home-manager.sharedModules = [
{
gtk.gtk3.bookmarks = [
"file:///mnt/Media"
"file:///mnt/Archive"
];
}
];
};
}

View file

@ -1,49 +0,0 @@
{
config,
inputs,
lib,
pkgs,
...
}: {
config = lib.mkIf config.ar.base.enable {
environment.variables = {
FLAKE = "github:alyraffauf/nixcfg";
};
programs.nh.enable = true;
nix = {
gc = {
automatic = true;
dates = "daily";
options = "--delete-older-than 3d";
persistent = true;
randomizedDelaySec = "60min";
};
# Run GC when there is less than 100MiB left.
extraOptions = ''
min-free = ${toString (100 * 1024 * 1024)}
max-free = ${toString (1024 * 1024 * 1024)}
'';
optimise.automatic = true;
settings = {
auto-optimise-store = false;
experimental-features = ["nix-command" "flakes"];
substituters = [
"https://hyprland.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
trusted-users = ["aly"];
};
};
};
}

View file

@ -1,48 +0,0 @@
{
config,
inputs,
lib,
pkgs,
...
}: {
config = lib.mkIf config.ar.base.enable {
nixpkgs = let
unstable = import inputs.nixpkgsUnstable {
system = pkgs.system;
config.allowUnfree = true; # Allow unfree packages
};
in {
config.allowUnfree = true; # Allow unfree packages
# Overlays over default packages.
overlays = [
inputs.nur.overlay
(final: prev: {
alyraffauf-wallpapers = inputs.wallpapers.packages.${pkgs.system}.default;
brave = prev.brave.override {commandLineArgs = "--gtk-version=4 --enable-wayland-ime";};
google-chrome = prev.google-chrome.override {commandLineArgs = "--gtk-version=4 --enable-wayland-ime";};
hyprland = inputs.hyprland.packages.${pkgs.system}.hyprland;
nerdfonts = prev.nerdfonts.override {fonts = ["Noto"];};
obsidian = prev.obsidian.overrideAttrs (old: {
installPhase =
builtins.replaceStrings ["--ozone-platform=wayland"]
["--ozone-platform=wayland --enable-wayland-ime"]
old.installPhase;
});
vscodium = prev.vscodium.override {commandLineArgs = "--enable-wayland-ime";};
webcord = prev.webcord.overrideAttrs (old: {
installPhase =
builtins.replaceStrings ["--ozone-platform-hint=auto"]
["--ozone-platform-hint=auto --enable-wayland-ime"]
old.installPhase;
});
xdg-desktop-portal-hyprland = inputs.hyprland.packages.${pkgs.system}.xdg-desktop-portal-hyprland;
})
];
};
};
}

View file

@ -6,7 +6,6 @@ inputs: {
}: { }: {
imports = [ imports = [
./apps ./apps
./base
./desktop ./desktop
./options.nix ./options.nix
./services ./services

View file

@ -5,6 +5,19 @@
... ...
}: { }: {
config = lib.mkIf config.ar.desktop.hyprland.enable { config = lib.mkIf config.ar.desktop.hyprland.enable {
nix.settings = {
auto-optimise-store = false;
substituters = [
"https://hyprland.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
};
programs = { programs = {
hyprland = { hyprland = {
enable = true; enable = true;

View file

@ -75,18 +75,5 @@
tailscale.enable = lib.mkEnableOption "Tailscale WireGuard VPN."; tailscale.enable = lib.mkEnableOption "Tailscale WireGuard VPN.";
}; };
base = {
enable =
lib.mkEnableOption "Basic system configuration and sane defaults.";
sambaAutoMount = lib.mkOption {
description = "Automounting of mauville Samba Shares.";
default =
config.ar.services.tailscale.enable
&& !(config.networking.hostName == "mauville");
type = lib.types.bool;
};
};
}; };
} }