pim/nixos-laptop
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Modularize stuff better

Browse source
This commit is contained in:
Pim Kunis 2024-10-27 12:23:20 +01:00
parent 5b92ddde89
commit d427be6e4a
20 changed files with 417 additions and 321 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
flake.lock
View file

@ -419,7 +419,7 @@
"flake-compat": "flake-compat_2",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": [
"nixpkgs"
"nixpkgs-unstable"
],
"rust-overlay": "rust-overlay_2"
},

113
flake.nix
View file

@ -40,10 +40,9 @@
inputs.nixpkgs.follows = "nixpkgs";
};
# nixpkgs-cosmic.follows = "nixos-cosmic/nixpkgs-stable";
nixos-cosmic = {
url = "github:lilyinstarlight/nixos-cosmic";
inputs.nixpkgs-stable.follows = "nixpkgs";
inputs.nixpkgs-stable.follows = "nixpkgs-unstable";
};
};
@ -67,13 +66,15 @@
treefmtEval = forAllSystems (
system: inputs.treefmt-nix.lib.evalModule (pkgsForSystem system) ./treefmt.nix
);
in {
formatter = forAllSystems (system: (treefmtEval.${system}.config.build.wrapper));
mkNixosSystem = {
extraModule,
nixpkgs' ? nixpkgs,
useDefaultConfiguration ? true,
nixosConfigurations = nixpkgs.lib.mapAttrs (
name: {
nixosModule,
homeManagerModule,
}:
nixpkgs'.lib.nixosSystem rec {
nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = {
@ -81,96 +82,14 @@
flake = self;
};
modules =
[
extraModule
]
++ nixpkgs'.lib.optional useDefaultConfiguration ./nixos;
};
in {
formatter = forAllSystems (system: (treefmtEval.${system}.config.build.wrapper));
nixosConfigurations = {
sue-cosmic = mkNixosSystem {
useDefaultConfiguration = false;
extraModule = {...}: {
imports = [
inputs.nixos-hardware.nixosModules.dell-xps-13-9310
inputs.nixos-cosmic.nixosModules.default
./modules/nixos/lanzaboote.nix
modules = [
nixosModule
./nixos
{
home-manager.users.pim.imports = [homeManagerModule];
}
];
config = {
nixpkgs.config.allowUnfree = true;
nix.settings = {
substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
};
users = {
users.pim = {
isNormalUser = true;
extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
};
};
services.desktopManager.cosmic.enable = true;
services.displayManager.cosmic-greeter.enable = true;
pim.lanzaboote.enable = true;
networking.hostName = "xps-9315";
swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage"];
};
};
};
sue = mkNixosSystem {
extraModule = {...}: {
imports = [inputs.nixos-hardware.nixosModules.dell-xps-13-9310];
config = {
pim.lanzaboote.enable = true;
networking.hostName = "xps-9315";
swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
};
nix.settings = {
substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage"];
};
};
};
};
}
) (import ./machines);
};
}

3
home-manager/default.nix
View file

@ -11,7 +11,8 @@
./firefox
./tidal.nix
./gnome.nix
./gnome.nix
./syncthing.nix
./vscode.nix
inputs.sops-nix.homeManagerModules.sops
inputs.nix-index-database.hmModules.nix-index
];

6
home-manager/firefox/default.nix
View file

@ -1,6 +1,7 @@
{
pkgs,
lib,
config,
...
}: let
firefoxAddons = import ./addons.nix pkgs lib;
@ -17,8 +18,11 @@
"browser.newtabpage.activity-stream.showSponsored" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
};
cfg = config.pim.firefox;
in {
config = {
options.pim.firefox.enable = lib.mkEnableOption "firefox";
config = lib.mkIf cfg.enable {
programs.firefox = {
enable = true;
profiles = {

8
home-manager/gnome.nix
View file

@ -4,7 +4,12 @@
flake,
config,
...
}: {
}: let
cfg = config.pim.gnome;
in {
options.pim.gnome.enable = lib.mkEnableOption "gnome";
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [gnome.gnome-tweaks];
dconf.settings = with lib.hm.gvariant; {
@ -85,4 +90,5 @@
"org/gnome/shell/extensions/space-iflow-randomwallpaper/sources/general/42".type = 4;
"org/gnome/shell/extensions/space-iflow-randomwallpaper/sources/localFolder/42".folder = "${flake}/wallpapers";
};
};
}

13
home-manager/neovim/default.nix
View file

@ -1,5 +1,14 @@
{pkgs, ...}: {
config = {
{
pkgs,
config,
lib,
...
}: let
cfg = config.pim.neovim;
in {
options.pim.neovim.enable = lib.mkEnableOption "neovim";
config = lib.mkIf cfg.enable {
programs.neovim = {
enable = true;
viAlias = true;

12
home-manager/syncthing.nix
View file

@ -1,8 +1,18 @@
{config, ...}: {
{
config,
lib,
...
}: let
cfg = config.pim.syncthing;
in {
options.pim.syncthing.enable = lib.mkEnableOption "syncthing";
config = lib.mkIf cfg.enable {
services.syncthing.enable = true;
sops.secrets = {
"syncthing/key".path = "${config.xdg.configHome}/syncthing/key.pem";
"syncthing/cert".path = "${config.xdg.configHome}/syncthing/cert.pem";
};
};
}

13
home-manager/tidal.nix
View file

@ -1,5 +1,16 @@
{pkgs, ...}: {
{
config,
lib,
pkgs,
...
}: let
cfg = config.pim.tidal;
in {
options.pim.tidal.enable = lib.mkEnableOption "tidal";
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
supercollider-with-sc3-plugins
];
};
}

9
home-manager/vscode.nix
View file

@ -1,8 +1,14 @@
{
pkgs,
lib,
config,
...
}: {
}: let
cfg = config.pim.vscode;
in {
options.pim.vscode.enable = lib.mkEnableOption "vscode";
config = lib.mkIf cfg.enable {
programs.vscode = {
enable = true;
package = pkgs.vscodium;
@ -22,4 +28,5 @@
"explorer.confirmDelete" = false;
};
};
};
}

3
machines/default.nix Normal file
View file

@ -0,0 +1,3 @@
{
sue = import ./sue;
}

50
machines/sue/configuration.nix Normal file
View file

@ -0,0 +1,50 @@
{inputs, ...}: {
imports = [inputs.nixos-hardware.nixosModules.dell-xps-13-9310];
config = {
pim = {
lanzaboote.enable = true;
tidal.enable = true;
gnome.enable = true;
stylix.enable = true;
wireguard.enable = true;
tailscale.enable = true;
compliance.enable = true;
sops.enable = true;
};
networking.hostName = "xps-9315";
swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/560E-F8A2";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
};
nix.settings = {
substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
};
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage"];
# specialisation.cosmic.configuration = {
# imports = [
# inputs.nixos-cosmic.nixosModules.default
# ];
# services.desktopManager = {
# cosmic.enable = true;
# cosmic-greeter.enable = true;
# };
# };
};
}

4
machines/sue/default.nix Normal file
View file

@ -0,0 +1,4 @@
{
nixosModule = import ./configuration.nix;
homeManagerModule = import ./home.nix;
}

12
machines/sue/home.nix Normal file
View file

@ -0,0 +1,12 @@
{...}: {
config = {
pim = {
tidal.enable = true;
gnome.enable = true;
vscode.enable = true;
syncthing.enable = true;
neovim.enable = true;
firefox.enable = true;
};
};
}

11
nixos/compliance.nix
View file

@ -1,5 +1,14 @@
{ ... }: {
{
config,
lib,
...
}: let
cfg = config.pim.compliance;
in {
options.pim.compliance.enable = lib.mkEnableOption "compliance";
config = lib.mkIf cfg.enable {
services.clamav = {
daemon.enable = true;
};
};
}

13
nixos/gnome.nix
View file

@ -1,4 +1,14 @@
{pkgs, ...}: {
{
pkgs,
config,
lib,
...
}: let
cfg = config.pim.gnome;
in {
options.pim.gnome.enable = lib.mkEnableOption "gnome";
config = lib.mkIf cfg.enable {
services.xserver.desktopManager.gnome.enable = true;
environment = {
@ -35,4 +45,5 @@
gnome-weather
]);
};
};
}

9
nixos/sops.nix
View file

@ -2,14 +2,21 @@
inputs,
pkgs,
flake,
config,
lib,
...
}: {
}: let
cfg = config.pim.sops;
in {
imports = [inputs.sops-nix.nixosModules.sops];
options.pim.sops.enable = lib.mkEnableOption "sops";
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [sops];
sops = {
age.keyFile = "/home/pim/.config/sops/age/keys.txt";
defaultSopsFile = "${flake}/secrets/secrets.yaml";
};
};
}

9
nixos/stylix.nix
View file

@ -1,10 +1,16 @@
{
pkgs,
inputs,
config,
lib,
...
}: {
}: let
cfg = config.pim.stylix;
in {
imports = [inputs.stylix.nixosModules.stylix];
options.pim.stylix.enable = lib.mkEnableOption "stylix";
config = lib.mkIf cfg.enable {
stylix = {
enable = true;
base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-medium.yaml";
@ -33,4 +39,5 @@
};
};
};
};
}

12
nixos/tailscale.nix
View file

@ -1,4 +1,13 @@
{pkgs, ...}: {
{
pkgs,
config,
lib,
...
}: let
cfg = config.pim.tailscale;
in {
options.pim.tailscale.enable = lib.mkEnableOption "tailscale";
config = lib.mkIf cfg.enable {
environment.systemPackages = [pkgs.gnomeExtensions.tailscale-status];
services.tailscale = {
@ -7,4 +16,5 @@
};
networking.networkmanager.unmanaged = ["tailscale0"];
};
}

12
nixos/tidal.nix
View file

@ -1,3 +1,13 @@
{...}: {
{
lib,
config,
...
}: let
cfg = config.pim.tidal;
in {
options.pim.tidal.enable = lib.mkEnableOption "tidal";
config = lib.mkIf cfg.enable {
users.users.pim.extraGroups = ["audio"];
};
}

8
nixos/wireguard.nix
View file

@ -2,7 +2,12 @@
lib,
config,
...
}: {
}: let
cfg = config.pim.wireguard;
in {
options.pim.wireguard.enable = lib.mkEnableOption "wireguard";
config = lib.mkIf cfg.enable {
networking = {
useDHCP = lib.mkDefault true;
networkmanager.unmanaged = ["tailscale0"];
@ -46,4 +51,5 @@
"wireguard/home/presharedKey" = {};
"wireguard/home/privateKey" = {};
};
};
}