another major refactor

author: seth <[email protected]> 2023-03-08 02:57:57 -0500
committer: seth <[email protected]> 2023-03-08 15:32:06 -0500
commit: fa7a407bda1b26b413702287f227629af0798f55 (patch)
tree: 38cc9ae1791939a0f92a3f03d37a0249e62cdf1a /profiles
parent: 729db074dc1b93cab10b43119197c8e02a452405 (diff)
14 files changed, 247 insertions, 0 deletions
diff --git a/profiles/base/default.nix b/profiles/base/default.nix
new file mode 100644
index 0000000..dbaabe8
--- /dev/null
+++ b/profiles/base/default.nix
@@ -0,0 +1,20 @@
+{pkgs, ...}: {
+  imports = [
+    ./documentation.nix
+    ./packages.nix
+  ];
+
+  nix = {
+    package = pkgs.nixFlakes;
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 7d";
+    };
+    settings = {
+      auto-optimise-store = true;
+      warn-dirty = false;
+      experimental-features = ["nix-command" "flakes"];
+    };
+  };
+}
diff --git a/profiles/base/documentation.nix b/profiles/base/documentation.nix
new file mode 100644
index 0000000..bd22316
--- /dev/null
+++ b/profiles/base/documentation.nix
@@ -0,0 +1,7 @@
+{pkgs, ...}: {
+  environment.systemPackages = with pkgs; [man-pages man-pages-posix];
+  documentation = {
+    dev.enable = true;
+    man.enable = true;
+  };
+}
diff --git a/profiles/base/packages.nix b/profiles/base/packages.nix
new file mode 100644
index 0000000..b0fcae4
--- /dev/null
+++ b/profiles/base/packages.nix
@@ -0,0 +1,23 @@
+{
+  lib,
+  pkgs,
+  ...
+}: {
+  environment.systemPackages = with pkgs; [
+    hyfetch
+    neofetch
+    pinentry-curses
+    python311
+  ];
+
+  programs = {
+    git.enable = true;
+    gnupg = {
+      agent = {
+        enable = true;
+        pinentryFlavor = lib.mkDefault "curses";
+      };
+    };
+    vim.defaultEditor = true;
+  };
+}
diff --git a/profiles/desktop/default.nix b/profiles/desktop/default.nix
new file mode 100644
index 0000000..68c6774
--- /dev/null
+++ b/profiles/desktop/default.nix
@@ -0,0 +1,21 @@
+{
+  lib,
+  pkgs,
+  ...
+}: {
+  imports = [
+    ../nixos
+    ./fonts.nix
+  ];
+  environment = {
+    noXlibs = lib.mkForce false;
+    systemPackages = with pkgs; [pinentry-curses];
+  };
+  programs = {
+    dconf.enable = true;
+    firefox.enable = true;
+    xwayland.enable = true;
+  };
+  services.xserver.enable = true;
+  xdg.portal.enable = true;
+}
diff --git a/profiles/desktop/fonts.nix b/profiles/desktop/fonts.nix
new file mode 100644
index 0000000..89bff21
--- /dev/null
+++ b/profiles/desktop/fonts.nix
@@ -0,0 +1,20 @@
+{pkgs, ...}: {
+  fonts = {
+    enableDefaultFonts = true;
+    fonts = with pkgs; [
+      corefonts
+      fira-code
+      (nerdfonts.override {fonts = ["FiraCode"];})
+      noto-fonts
+      noto-fonts-extra
+      noto-fonts-emoji
+      noto-fonts-cjk-sans
+    ];
+    fontconfig.defaultFonts = {
+      serif = ["Noto Serif"];
+      sansSerif = ["Noto Sans"];
+      emoji = ["Noto Color Emoji"];
+      monospace = ["Fira Code"];
+    };
+  };
+}
diff --git a/profiles/desktop/gnome/default.nix b/profiles/desktop/gnome/default.nix
new file mode 100644
index 0000000..c0cc5ca
--- /dev/null
+++ b/profiles/desktop/gnome/default.nix
@@ -0,0 +1,30 @@
+{
+  pkgs,
+  lib,
+  ...
+}: {
+  imports = [
+    ../.
+  ];
+  environment = {
+    gnome.excludePackages = with pkgs; [
+      epiphany
+      gnome-tour
+    ];
+    systemPackages = with pkgs; [
+      adw-gtk3
+      blackbox-terminal
+      pinentry-gnome
+    ];
+  };
+
+  services.xserver = {
+    displayManager.gdm = {
+      enable = true;
+      wayland = lib.mkForce true;
+    };
+    desktopManager.gnome.enable = true;
+  };
+
+  programs.gnupg.agent.pinentryFlavor = "gnome3";
+}
diff --git a/profiles/desktop/plasma/default.nix b/profiles/desktop/plasma/default.nix
new file mode 100644
index 0000000..898e259
--- /dev/null
+++ b/profiles/desktop/plasma/default.nix
@@ -0,0 +1,17 @@
+{pkgs, ...}: {
+  imports = [
+    ../.
+  ];
+  services.xserver = {
+    displayManager.sddm.enable = true;
+    desktopManager.plasma5 = {
+      enable = true;
+      excludePackages = with pkgs.libsForQt5; [
+        khelpcenter
+        plasma-browser-integration
+        print-manager
+      ];
+      useQtScaling = true;
+    };
+  };
+}
diff --git a/profiles/hardware/default.nix b/profiles/hardware/default.nix
new file mode 100644
index 0000000..be395d2
--- /dev/null
+++ b/profiles/hardware/default.nix
@@ -0,0 +1,3 @@
+_: {
+  hardware.enableAllFirmware = true;
+}
diff --git a/profiles/hardware/nvidia.nix b/profiles/hardware/nvidia.nix
new file mode 100644
index 0000000..473eb81
--- /dev/null
+++ b/profiles/hardware/nvidia.nix
@@ -0,0 +1,25 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  imports = [
+    ./.
+  ];
+  hardware = {
+    nvidia = {
+      package = config.boot.kernelPackages.nvidiaPackages.stable;
+      modesetting.enable = true;
+    };
+    opengl = {
+      enable = true;
+      # make steam work
+      driSupport32Bit = true;
+      extraPackages = with pkgs; [
+        vaapiVdpau
+      ];
+    };
+  };
+
+  services.xserver.videoDrivers = ["nvidia"];
+}
diff --git a/profiles/nixos/default.nix b/profiles/nixos/default.nix
new file mode 100644
index 0000000..078ee24
--- /dev/null
+++ b/profiles/nixos/default.nix
@@ -0,0 +1,9 @@
+_: {
+  imports = [
+    ../base
+    ../../users/root
+    ./locale.nix
+    ./security.nix
+    ./systemd.nix
+  ];
+}
diff --git a/profiles/nixos/locale.nix b/profiles/nixos/locale.nix
new file mode 100644
index 0000000..45589ef
--- /dev/null
+++ b/profiles/nixos/locale.nix
@@ -0,0 +1,13 @@
+_: {
+  i18n = {
+    supportedLocales = [
+      "en_US.UTF-8/UTF-8"
+    ];
+    defaultLocale = "en_US.UTF-8";
+  };
+
+  time = {
+    hardwareClockInLocalTime = true;
+    timeZone = "America/New_York";
+  };
+}
diff --git a/profiles/nixos/security.nix b/profiles/nixos/security.nix
new file mode 100644
index 0000000..7ad0069
--- /dev/null
+++ b/profiles/nixos/security.nix
@@ -0,0 +1,32 @@
+{
+  lib,
+  pkgs,
+  ...
+}: {
+  security = {
+    apparmor.enable = lib.mkDefault true;
+    audit.enable = lib.mkDefault true;
+    auditd.enable = lib.mkDefault true;
+    rtkit.enable = true;
+    sudo = {
+      execWheelOnly = true;
+      extraRules = [
+        {
+          users = ["root"];
+          groups = ["root"];
+          commands = ["ALL"];
+        }
+        {
+          users = ["seth"];
+          commands = ["ALL"];
+        }
+      ];
+    };
+    polkit.enable = true;
+  };
+
+  users = {
+    defaultUserShell = pkgs.bash;
+    mutableUsers = false;
+  };
+}
diff --git a/profiles/nixos/systemd.nix b/profiles/nixos/systemd.nix
new file mode 100644
index 0000000..0e40e39
--- /dev/null
+++ b/profiles/nixos/systemd.nix
@@ -0,0 +1,16 @@
+{lib, ...}: {
+  services = {
+    journald.extraConfig = ''
+      MaxRetentionSec=1w
+    '';
+    resolved = {
+      enable = lib.mkDefault true;
+      dnssec = "allow-downgrade";
+      extraConfig = ''
+        [Resolve]
+        DNS=1.1.1.1 1.0.0.1
+        DNSOverTLS=yes
+      '';
+    };
+  };
+}
diff --git a/profiles/virtualisation.nix b/profiles/virtualisation.nix
new file mode 100644
index 0000000..f78ca1d
--- /dev/null
+++ b/profiles/virtualisation.nix
@@ -0,0 +1,11 @@
+{pkgs, ...}: {
+  virtualisation = {
+    podman = {
+      enable = true;
+      enableNvidia = true;
+      extraPackages = with pkgs; [podman-compose];
+      autoPrune.enable = true;
+    };
+    oci-containers.backend = "podman";
+  };
+}
author	seth <[email protected]>	2023-03-08 02:57:57 -0500
committer	seth <[email protected]>	2023-03-08 15:32:06 -0500
commit	fa7a407bda1b26b413702287f227629af0798f55 (patch)
tree	38cc9ae1791939a0f92a3f03d37a0249e62cdf1a /profiles
parent	729db074dc1b93cab10b43119197c8e02a452405 (diff)