Remove pim from wheel on gamepc

Remove some default packages
2024-11-14 21:04:17 +01:00 · 2024-11-14 21:04:17 +01:00 · 1519cacfc3
commit 1519cacfc3
parent 5374402dde
3 changed files with 147 additions and 148 deletions
--- a/machines/gamepc/default.nix
+++ b/machines/gamepc/default.nix
@ -6,6 +6,7 @@
  config = {
    pim = {
      cinnamon.enable = true;
      inWheel = false;
    };
    facter.reportPath = ./facter.json;
--- a/machines/sue/default.nix
+++ b/machines/sue/default.nix
@ -1,4 +1,4 @@
-{inputs, ...}: {
+{pkgs, ...}: {
  config = {
    pim = {
      lanzaboote.enable = true;
@ -13,8 +13,25 @@
    services.tailscale.enable = true;
    facter.reportPath = ./facter.json;
    home-manager.users.pim.imports = [./home.nix];
    networking.hostName = "sue";
    environment.systemPackages = with pkgs; [
      borgbackup
      kubectl
      nmap
      poppler_utils # For pdfunite
      silicon
      units
    ];
    virtualisation.docker = {
      enable = true;
      rootless = {
        enable = true;
        setSocketVariable = true;
      };
    };
    swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
    fileSystems = {
      "/" = {
--- a/nixos/default.nix
+++ b/nixos/default.nix
@ -21,167 +21,148 @@
    ./ssh.nix
  ];
-  time.timeZone = "Europe/Amsterdam";
+  options.pim.inWheel = lib.mkOption {
-  i18n.defaultLocale = "en_US.UTF-8";
+    type = lib.types.bool;
-  programs.ssh.startAgent = true;
+    default = true;
-  systemd.services.NetworkManager-wait-online.enable = lib.mkForce false;
+  };
-  services = {
+  config = {
-    xserver.enable = true;
+    time.timeZone = "Europe/Amsterdam";
    i18n.defaultLocale = "en_US.UTF-8";
    programs.ssh.startAgent = true;
    systemd.services.NetworkManager-wait-online.enable = lib.mkForce false;
    hardware.pulseaudio.enable = false;
-    tailscale = {
+    services = {
-      useRoutingFeatures = "client";
+      xserver.enable = true;
-      extraSetFlags = ["--accept-routes"];
+
      tailscale = {
        useRoutingFeatures = "client";
        extraSetFlags = ["--accept-routes"];
      };
      printing = {
        enable = true;
        drivers = [pkgs.hplip pkgs.gutenprint];
      };
      pipewire = {
        enable = true;
        alsa.enable = true;
        alsa.support32Bit = true;
        pulse.enable = true;
        jack.enable = true;
      };
    };
-    printing = {
+    users.users.pim = {
-      enable = true;
+      isNormalUser = true;
-      drivers = [pkgs.hplip pkgs.gutenprint];
+      extraGroups =
        ["docker" "input" "wireshark" "dialout"]
        ++ lib.optional config.pim.inWheel "wheel";
    };
-    pipewire = {
+    environment = {
-      enable = true;
+      systemPackages = with pkgs; [
-      alsa.enable = true;
+        age
-      alsa.support32Bit = true;
+        btop
-      pulse.enable = true;
+        btrfs-progs
-      jack.enable = true;
+        curl
-    };
+        dig
-  };
+        exfat
-
+        f3
-  users.users.pim = {
+        fastfetch
-    isNormalUser = true;
+        file
-    extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
+        git
-  };
+        jq
-
+        ripgrep
-  environment = {
+        sbctl
-    systemPackages = with pkgs; [
+        tree
-      age
+        vim
-      borgbackup
+        wget
-      btop
+        yq
-      btrfs-progs
+        ncdu
-      curl
+        lshw
-      dig
+      ];
      exfat
      f3
      fastfetch
      file
      git
      jq
      kubectl
      nmap
      poppler_utils # For pdfunite
      ripgrep
      sbctl
      silicon
      tree
      units
      vim
      wget
      yq
      ncdu
      lshw
    ];
  };
  system = {
    stateVersion = "23.05";
    activationScripts.diff = ''
      if [[ -e  /run/current-system ]]; then
        ${pkgs.nix}/bin/nix store diff-closures /run/current-system "$systemConfig"
      fi
    '';
  };
  security = {
    rtkit.enable = true;
    sudo.extraConfig = ''
      Defaults        timestamp_timeout=30
    '';
  };
  nix = {
    package = pkgs.nixFlakes;
    settings.trusted-users = ["root" "pim"];
    extraOptions = ''
      experimental-features = nix-command flakes
    '';
    gc = {
      automatic = true;
      persistent = true;
      dates = "weekly";
      options = "--delete-older-than 7d";
    };
  };
  networking = {
    useDHCP = lib.mkDefault true;
    networkmanager.unmanaged = lib.mkIf config.services.tailscale.enable ["tailscale0"];
    wireless.extraConfig = ''
      p2p_disabled=1
    '';
  };
  virtualisation.docker = {
    enable = true;
    rootless = {
      enable = true;
      setSocketVariable = true;
    };
  };
  nixpkgs = {
    hostPlatform = lib.mkDefault "x86_64-linux";
    config = {
      allowUnfreePredicate = pkg:
        builtins.elem (lib.getName pkg) [
          "libfprint-2-tod1-goodix"
          "steam"
          "steam-original"
          "steam-run"
        ];
    };
-    overlays = [
+    system = {
-      inputs.nur.overlay
+      stateVersion = "23.05";
      (final: _prev: {
        unstable = import inputs.nixpkgs-unstable {
          inherit (pkgs) system;
          config.allowUnfree = true;
        };
      })
    ];
  };
-  boot = {
+      activationScripts.diff = ''
-    kernelModules = ["kvm-intel" "cdrom"];
+        if [[ -e  /run/current-system ]]; then
-    extraModulePackages = [];
+          ${pkgs.nix}/bin/nix store diff-closures /run/current-system "$systemConfig"
-
+        fi
-    initrd = {
+      '';
      availableKernelModules = ["sd_mod"];
      kernelModules = [];
    };
-    kernel.sysctl = {
+    security = {
      rtkit.enable = true;
      sudo.extraConfig = ''
        Defaults        timestamp_timeout=30
      '';
    };
    nix = {
      package = pkgs.nixFlakes;
      settings.trusted-users = ["root" "pim"];
      extraOptions = ''
        experimental-features = nix-command flakes
      '';
      gc = {
        automatic = true;
        persistent = true;
        dates = "weekly";
        options = "--delete-older-than 7d";
      };
    };
    networking = {
      useDHCP = lib.mkDefault true;
      networkmanager.unmanaged = lib.mkIf config.services.tailscale.enable ["tailscale0"];
      wireless.extraConfig = ''
        p2p_disabled=1
      '';
    };
    nixpkgs = {
      hostPlatform = lib.mkDefault "x86_64-linux";
      config = {
        allowUnfreePredicate = pkg:
          builtins.elem (lib.getName pkg) [
            "libfprint-2-tod1-goodix"
            "steam"
            "steam-original"
            "steam-run"
          ];
      };
      overlays = [
        inputs.nur.overlay
        (final: _prev: {
          unstable = import inputs.nixpkgs-unstable {
            inherit (pkgs) system;
            config.allowUnfree = true;
          };
        })
      ];
    };
    boot.kernel.sysctl = {
      "net.core.default_qdisc" = "fq";
      "net.ipv4.tcp_congestion_control" = "bbr";
    };
  };
-  hardware = {
+    home-manager = {
-    cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+      useGlobalPkgs = true;
-    pulseaudio.enable = false;
+      useUserPackages = true;
-  };
+      extraSpecialArgs = {inherit self inputs;};
-  home-manager = {
+      users.pim.imports = ["${self}/home-manager"];
-    useGlobalPkgs = true;
+    };
    useUserPackages = true;
    extraSpecialArgs = {inherit self inputs;};
    users.pim.imports = ["${self}/home-manager"];
  };
 }