diff --git a/hosts/brontes/configuration.nix b/hosts/brontes/configuration.nix index 33a0071..460f105 100644 --- a/hosts/brontes/configuration.nix +++ b/hosts/brontes/configuration.nix @@ -32,13 +32,19 @@ mime.enable = true; }; - modules.system = { - networking = { + modules = { + system.networking = { wifi.enable = true; bluetooth.enable = true; }; - services.nysh.enable = true; + services = { + nysh.enable = true; + tailscale = { + enable = true; + tags = [ "client" ]; + }; + }; media.enableAll = true; }; @@ -47,18 +53,6 @@ displayManager.sddm.enable = true; dbus.enable = true; pipewire.enable = true; - - tailscale = { - enable = true; - extraUpFlags = [ - "--ssh" - "--advertise-tags" - "tag:client" - "--login-server" - "https://hs.ccnlc.eu" - ]; - }; - # Necessary for Nautilus to display trash, DVDs and for gnome-disk-utility to show file systems gvfs.enable = true; gnome.gnome-keyring.enable = true; diff --git a/hosts/brontes/home.nix b/hosts/brontes/home.nix index 470c52c..5cc4c16 100644 --- a/hosts/brontes/home.nix +++ b/hosts/brontes/home.nix @@ -13,19 +13,19 @@ home-manager.users.${username} = { imports = [ - ../../home/rofi ../../home/themes/catppuccin.nix ../../home ]; - programs.direnv = { - enable = true; - nix-direnv.enable = true; - }; - programs = { + direnv = { + enable = true; + nix-direnv.enable = true; + }; + waybar.enable = true; ssh.enable = true; + rofi.enable = true; }; services = { @@ -66,17 +66,11 @@ obsidian # CLI tools - delta - fzf jhead fdupes exiftool sshfs - zip - unzip lazygit - fd - ripgrep wl-clipboard # custom diff --git a/hosts/marr/configuration.nix b/hosts/marr/configuration.nix index bc66bb2..4d161e3 100644 --- a/hosts/marr/configuration.nix +++ b/hosts/marr/configuration.nix @@ -8,50 +8,46 @@ }: { imports = [ - # Include the results of the hardware scan. ./hardware-configuration.nix ../../modules ./home.nix ]; modules = { + media.enableAll = true; + system = { networking = { bluetooth.enable = true; wifi.enable = true; }; - type = { - graphical.enable = true; - workstation.enable = true; - gaming.enable = true; - }; }; services = { nysh.enable = true; + tailscale = { + enable = true; + tags = [ "client" ]; + }; }; }; # Bootloader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; - boot.initrd.luks.devices."luks-7adaa102-d438-4e9e-9972-4a3c91b887b3".device = "/dev/disk/by-uuid/7adaa102-d438-4e9e-9972-4a3c91b887b3"; + initrd.luks.devices."luks-7adaa102-d438-4e9e-9972-4a3c91b887b3".device = "/dev/disk/by-uuid/7adaa102-d438-4e9e-9972-4a3c91b887b3"; + }; hardware.graphics.enable = true; - # Configure keymap in X11 - services.xserver.xkb = { - layout = "fr"; - variant = ""; + xdg = { + portal.enable = true; + mime.enable = true; }; - xdg.mime.enable = true; - services.pipewire.enable = true; - systemd.sleep.extraConfig = '' - HibernateDelaySec=1200 - ''; - - programs.pulseview.enable = true; specialisation = { gpu.configuration = { @@ -59,9 +55,14 @@ }; }; - age.identityPaths = [ - "/etc/ssh/ssh_host_ed25519_key" - ]; + age = { + identityPaths = [ + "/etc/ssh/ssh_host_ed25519_key" + ]; + secrets.rustypaste = { + file = ../../secrets/rustypaste.age; + }; + }; programs = { dconf.enable = true; @@ -70,93 +71,68 @@ firefox.enable = true; thunderbird.enable = true; sway.enable = true; - }; + pulseview.enable = true; - services = { - tailscale = { + gnupg.agent = { enable = true; - extraUpFlags = [ - "--ssh" - "--advertise-tags" - "tag:client" - "--login-server" - "https://hs.ccnlc.eu" - ]; + enableSSHSupport = true; }; }; - services.greetd = { - enable = true; - settings = { - default_session = { - command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd \"sway --unsupported-gpu\""; - user = "greeter"; - }; - }; - }; - age.secrets.rustypaste = { - file = ../../secrets/rustypaste.age; - }; - #: Virtualisation {{{ - virtualisation.docker = { - enable = false; - enableOnBoot = false; - rootless = { - enable = true; - setSocketVariable = true; - }; - }; - - virtualisation.libvirtd.enable = true; - programs.virt-manager.enable = true; - #: }}} - - #: Power Consumption {{{ - - services.logind = { - lidSwitch = "suspend-then-hibernate"; - powerKey = "hibernate"; - }; - - services.thermald.enable = true; - - services.tlp = { - enable = false; - settings = { - # CPU_SCALING_GOVERNOR_ON_AC = "performance"; - CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; - - CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; - # CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; - - # CPU_MIN_PERF_ON_AC = 0; - # CPU_MAX_PERF_ON_AC = 100; - CPU_MIN_PERF_ON_BAT = 0; - CPU_MAX_PERF_ON_BAT = 20; - - #Optional helps save long term battery health - START_CHARGE_THRESH_BAT0 = 40; # 40 and below it starts to charge - STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging - }; - }; - - services.upower = { - enable = true; - criticalPowerAction = "Hibernate"; - }; - #:}}} - services = { dbus.enable = true; fwupd.enable = true; gvfs.enable = true; printing.enable = true; + + xserver.xkb = { + layout = "fr"; + variant = ""; + }; + + pipewire.enable = true; + gnome.gnome-keyring.enable = true; + openssh.enable = true; + + greetd = { + enable = true; + settings = { + default_session = { + command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd \"sway --unsupported-gpu\""; + user = "greeter"; + }; + }; + }; + + #: Power Consumption {{{ + logind = { + lidSwitch = "suspend-then-hibernate"; + powerKey = "hibernate"; + }; + + thermald.enable = true; + + tlp = { + enable = false; + settings = { + CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; + CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; + CPU_MIN_PERF_ON_BAT = 0; + CPU_MAX_PERF_ON_BAT = 20; + + # Optional helps save long term battery health + START_CHARGE_THRESH_BAT0 = 40; # 40 and below it starts to charge + STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging + }; + }; + + upower = { + enable = true; + criticalPowerAction = "Hibernate"; + }; + #:}}} }; - xdg.portal.enable = true; - - modules.media.enableAll = true; - # Configure console keymap console.keyMap = "fr"; users = { @@ -175,8 +151,6 @@ }; }; - services.gnome.gnome-keyring.enable = true; - environment.variables = { ELECTRON_OZONE_PLATFORM_HINT = "auto"; MOZ_ENABLE_WAYLAND = 1; @@ -184,21 +158,10 @@ security.polkit.enable = true; - services.openssh = { - enable = true; - }; - - # List packages installed in system profile. To search, run: - # $ nix search wget environment.systemPackages = with pkgs; [ shared-mime-info - fish - git - htop nextcloud-client kdeconnect - eza - bat glib wireguard-tools dconf @@ -208,19 +171,5 @@ pop-icon-theme ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.11"; # Did you read the comment? + system.stateVersion = "23.11"; } diff --git a/hosts/marr/home.nix b/hosts/marr/home.nix index c98dbfb..fbdbf75 100644 --- a/hosts/marr/home.nix +++ b/hosts/marr/home.nix @@ -26,12 +26,12 @@ }; }; - programs.direnv = { - enable = true; - nix-direnv.enable = true; - }; - programs = { + direnv = { + enable = true; + nix-direnv.enable = true; + }; + waybar.enable = true; rofi.enable = true; vscode.enable = true; @@ -70,17 +70,11 @@ obsidian # CLI tools - delta - fzf jhead fdupes exiftool sshfs - zip - unzip lazygit - fd - ripgrep swaybg wl-clipboard diff --git a/hosts/shan/configuration.nix b/hosts/shan/configuration.nix index 1dc935f..e504ba0 100644 --- a/hosts/shan/configuration.nix +++ b/hosts/shan/configuration.nix @@ -13,10 +13,12 @@ ./adguard.nix ]; - age.secrets.navidrome.file = ../../secrets/navidrome.age; - age.secrets.adguard-dns-list = { - file = ../../secrets/adguard-dns-list.age; - mode = "444"; + age.secrets = { + navidrome.file = ../../secrets/navidrome.age; + adguard-dns-list = { + file = ../../secrets/adguard-dns-list.age; + mode = "444"; + }; }; boot.loader.grub = { @@ -56,21 +58,16 @@ }; }; }; + + services.tailscale = { + enable = true; + isExitNode = true; + tags = [ "server" ]; + }; }; services = { openssh.enable = true; - tailscale = { - enable = true; - extraUpFlags = [ - "--ssh" - "--advertise-tags" - "tag:server" - "--login-server" - "https://hs.ccnlc.eu" - ]; - useRoutingFeatures = "server"; - }; immich = { enable = true; diff --git a/options/container/kitchenowl/default.nix b/options/container/kitchenowl/default.nix index 34a6f96..9512505 100644 --- a/options/container/kitchenowl/default.nix +++ b/options/container/kitchenowl/default.nix @@ -6,7 +6,7 @@ }: let inherit (lib) mkIf mkOption mkEnableOption; - inherit (lib.types) port bool string; + inherit (lib.types) port bool str; cfg = config.modules.container.kitchenowl; in { @@ -21,7 +21,7 @@ in default = false; }; version = mkOption { - type = string; + type = str; default = "latest"; }; }; diff --git a/options/default.nix b/options/default.nix index a98a4ae..4e9403b 100644 --- a/options/default.nix +++ b/options/default.nix @@ -1,8 +1,8 @@ { imports = [ ./media.nix - ./nysh.nix + ./services ./system ./container ./server diff --git a/options/media.nix b/options/media.nix index ff7eb59..14142ce 100644 --- a/options/media.nix +++ b/options/media.nix @@ -5,37 +5,90 @@ ... }: let + inherit (lib) + mkEnableOption + mkOption + mkIf + flatten + map + filter + any + ; + inherit (lib.types) + listOf + package + bool + str + ; + cfg = config.modules.media; - mkMedia = defPackages: { - enable = lib.mkOption { default = cfg.enableAll; }; - packages = lib.mkOption { default = defPackages; }; + mkMedia = packages: defaultHandler: { + enable = mkOption { + type = bool; + default = cfg.enableAll; + }; + packages = mkOption { + type = listOf package; + default = packages; + }; + default = mkOption { + type = str; + default = defaultHandler; + }; }; in { options.modules.media = { - enableAll = lib.mkEnableOption ""; + enableAll = mkEnableOption ""; + setMime = mkOption { + type = bool; + default = true; + }; audio = mkMedia [ pkgs.feishin - pkgs.lollypop - ]; + pkgs.amberol + ] "io.bassi.Amberol.desktop"; video = mkMedia [ pkgs.vlc - ]; + ] "vlc.desktop"; + image = mkMedia [ + pkgs.loupe + ] "org.gnome.Loupe.desktop"; ebook = mkMedia [ pkgs.calibre pkgs.foliate - ]; + ] "com.github.johnfactotum.Foliate.desktop"; }; - config = { - environment.systemPackages = lib.flatten ( - lib.map (opt: opt.packages) ( - lib.filter (opt: opt.enable) [ - cfg.audio - cfg.video - cfg.ebook - ] - ) - ); - }; + config = + let + anyEnabled = any (e: e) [ + cfg.audio.enable + cfg.video.enable + cfg.ebook.enable + ]; + in + mkIf anyEnabled { + environment.systemPackages = flatten ( + map (opt: opt.packages) ( + filter (opt: opt.enable) [ + cfg.audio + cfg.video + cfg.ebook + ] + ) + ); + + xdg.mime = mkIf cfg.setMime { + enable = true; + defaultApplications = { + "video/*" = cfg.ebook.default; + "image/*" = cfg.image.default; + "audio/*" = cfg.audio.default; + # Ebooks sadly don't have a singular major type. + "application/epub+zip" = cfg.ebook.default; + }; + }; + }; + } diff --git a/options/services/default.nix b/options/services/default.nix new file mode 100644 index 0000000..7e1355c --- /dev/null +++ b/options/services/default.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ./nysh.nix + ./tailscale.nix + ]; +} diff --git a/options/nysh.nix b/options/services/nysh.nix similarity index 100% rename from options/nysh.nix rename to options/services/nysh.nix diff --git a/options/services/tailscale.nix b/options/services/tailscale.nix new file mode 100644 index 0000000..8dd3089 --- /dev/null +++ b/options/services/tailscale.nix @@ -0,0 +1,68 @@ +{ config, lib, ... }: +let + inherit (lib) + mkIf + mkEnableOption + mkOption + concatLists + concatStringsSep + ; + inherit (lib.types) + str + listOf + enum + bool + ; + cfg = config.modules.services.tailscale; +in +{ + options.modules.services.tailscale = { + enable = mkEnableOption "Tailscale"; + + server = mkOption { + type = str; + default = "https://hs.ccnlc.eu"; + }; + + isExitNode = mkOption { + type = bool; + default = false; + description = "Enable if node should serve advertise itself as an exit node."; + }; + + tags = mkOption { + type = listOf (enum [ + "client" + "server" + ]); + default = [ ]; + apply = map (e: "tag:${e}"); + }; + + defaultFlags = mkOption { + type = listOf str; + default = [ "--ssh" ]; + }; + }; + + config = mkIf cfg.enable { + services.tailscale = { + enable = true; + extraUpFlags = concatLists [ + cfg.defaultFlags + ( + mkIf cfg.tags != [ ] [ + "--advertise-tags" + (concatStringsSep "," cfg.tags) + ] + ) + (mkIf cfg.server [ + "--login-server" + cfg.server + ]) + ]; + useRoutingFeatures = mkIf cfg.isExitNode "server"; + }; + }; + +} diff --git a/options/system/default.nix b/options/system/default.nix index 161c0e5..234023c 100644 --- a/options/system/default.nix +++ b/options/system/default.nix @@ -1,37 +1,6 @@ -{ lib, ... }: -let - inherit (lib.types) bool array string; - inherit (lib) mkEnableOption; -in { - imports = [ ./networking ]; - - options.modules.system = { - type = { - gaming.enable = lib.mkEnableOption { - type = bool; - default = false; - }; - - graphical.enable = lib.mkEnableOption { - type = bool; - default = false; - }; - - workstation.enable = lib.mkEnableOption { - type = bool; - default = false; - }; - - server.enable = lib.mkEnableOption { - type = bool; - default = false; - }; - - vm.enable = lib.mkEnableOption { - type = lib.types.bool; - default = false; - }; - }; - }; + imports = [ + ./networking + ./roles + ]; } diff --git a/options/system/roles/default.nix b/options/system/roles/default.nix new file mode 100644 index 0000000..7e6c3c1 --- /dev/null +++ b/options/system/roles/default.nix @@ -0,0 +1 @@ +{ imports = [ ./terminal.nix ]; } diff --git a/options/system/roles/terminal.nix b/options/system/roles/terminal.nix new file mode 100644 index 0000000..c27ff21 --- /dev/null +++ b/options/system/roles/terminal.nix @@ -0,0 +1,47 @@ +{ + pkgs, + lib, + config, + ... +}: +let + inherit (lib) mkEnableOption mkOption mkIf; + inherit (lib.types) listOf package; + cfg = config.modules.system.roles.terminal; +in +{ + options.modules.system.roles.terminal = { + enable = mkEnableOption "terminal packages" // { + default = true; + defaultText = '' + Enable by default, most systems will need a common set of CLI tools. + ''; + }; + extraPackages = mkOption { + type = listOf package; + default = [ ]; + }; + defaultPackages = mkOption { + type = listOf package; + default = with pkgs; [ + btop + eza + bat + fish + cyme + lsof + git + delta + fzf + zip + unzip + fd + ripgrep + ]; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = cfg.extraPackages ++ cfg.defaultPackages; + }; +}