diff options
43 files changed, 535 insertions, 325 deletions
@@ -74,16 +74,13 @@ ... }: let inherit - (import ./util { + (import ./lib { inherit (nixpkgs) lib; inherit inputs; }) mapHosts mapHMUsers ; - - users = import ./users {inherit inputs;}; - hosts = import ./hosts {inherit inputs;}; in flake-utils.lib.eachDefaultSystem (system: let pkgs = nixpkgs.legacyPackages.${system}; @@ -120,11 +117,15 @@ formatter = pkgs.alejandra; - homeConfigurations = mapHMUsers (users.users {inherit system;}); + homeConfigurations = mapHMUsers inputs system; + + packages = { + turret = pkgs.callPackage ./hosts/turret {inherit openwrt-imagebuilder;}; + }; }) // { - nixosConfigurations = mapHosts hosts; + nixosConfigurations = mapHosts inputs; - packages.x86_64-linux.turret = nixpkgs.legacyPackages.x86_64-linux.callPackage ./hosts/turret {inherit openwrt-imagebuilder;}; + nixosModules.getchoo = import ./modules; }; } diff --git a/hosts/default.nix b/hosts/default.nix index e48d482..fdaea60 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -1,4 +1,4 @@ -{inputs}: +inputs: with inputs; let common = { system = "x86_64-linux"; diff --git a/hosts/glados-wsl/default.nix b/hosts/glados-wsl/default.nix index 2ba4190..4ba8485 100644 --- a/hosts/glados-wsl/default.nix +++ b/hosts/glados-wsl/default.nix @@ -1,12 +1,10 @@ { - lib, modulesPath, pkgs, ... }: { imports = [ (modulesPath + "/profiles/minimal.nix") - ../../profiles/nixos ../../users/seth ]; @@ -26,11 +24,17 @@ interop.includePath = false; }; - services.resolved.enable = lib.mkForce false; + services = { + dbus.apparmor = "disabled"; + resolved.enable = false; + }; + + nixos.networking.enable = false; + security = { - apparmor.enable = lib.mkForce false; - audit.enable = lib.mkForce false; - auditd.enable = lib.mkForce false; + apparmor.enable = false; + audit.enable = false; + auditd.enable = false; }; system.stateVersion = "23.05"; diff --git a/hosts/glados/default.nix b/hosts/glados/default.nix index 3cb8f82..15aff17 100644 --- a/hosts/glados/default.nix +++ b/hosts/glados/default.nix @@ -1,13 +1,18 @@ {home-manager, ...}: { imports = [ - ../../profiles/desktop/gnome - ../../profiles/hardware/nvidia.nix - ../../profiles/virtualisation.nix ../../users/seth ./boot.nix ./hardware-configuration.nix ]; + myHardware = { + enable = true; + nvidia.enable = true; + }; + + nixos.virtualisation.enable = true; + desktop.gnome.enable = true; + home-manager.users.seth = { imports = [ ../../users/seth/desktop/gnome diff --git a/util/default.nix b/lib/default.nix index b909fe5..b909fe5 100644 --- a/util/default.nix +++ b/lib/default.nix diff --git a/util/host.nix b/lib/host.nix index a8af69f..b5e00b3 100644 --- a/util/host.nix +++ b/lib/host.nix @@ -15,27 +15,28 @@ inherit system specialArgs; modules = [ - ../profiles/base - ../profiles/nixos + ../modules ../hosts/${name} { system.stateVersion = stateVersion; networking.hostName = mkDefault name; + nixpkgs = { overlays = with inputs; [nur.overlay getchoo.overlays.default]; - config = { - allowUnfree = true; - allowUnsupportedSystem = true; - }; + config.allowUnfree = true; }; nix.registry.getchoo.flake = inputs.getchoo; + + nixos.enable = true; } ] ++ modules; }; - mapHosts = hosts: + mapHosts = inputs: let + hosts = import ../hosts inputs; + in mapFilterDirs ../hosts (n: v: v == "directory" && n != "turret") (name: _: mkHost { inherit name; diff --git a/util/user.nix b/lib/user.nix index 3355459..6377faa 100644 --- a/util/user.nix +++ b/lib/user.nix @@ -25,14 +25,16 @@ ++ modules; }; - mapHMUsers = users: - mapFilterDirs ../users (n: v: v == "directory" && n != "root" && n != "secrets") (username: _: + mapHMUsers = inputs: system: let + users = import ../users inputs system; + in + mapFilterDirs ../users (n: v: v == "directory" && n != "secrets") (username: _: mkHMUser { inherit username; inherit (users.${username}) pkgs stateVersion; modules = if builtins.hasAttr "modules" users.${username} then users.${username}.modules - else {}; + else []; }); } diff --git a/modules/base/default.nix b/modules/base/default.nix new file mode 100644 index 0000000..0523d0e --- /dev/null +++ b/modules/base/default.nix @@ -0,0 +1,56 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.base; + inherit (lib) mkDefault mkEnableOption mkIf; +in { + options.base.enable = mkEnableOption "base module"; + + imports = [ + ./documentation.nix + ./packages.nix + ]; + + config = let + channelPath = "/etc/nix/channels/nixpkgs"; + in + mkIf cfg.enable { + base = { + documentation.enable = mkDefault true; + defaultPackages.enable = mkDefault true; + }; + + nix = { + package = pkgs.nixFlakes; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + + settings = { + auto-optimise-store = true; + warn-dirty = false; + experimental-features = ["nix-command" "flakes"]; + trusted-substituters = [ + "https://nix-community.cachix.org" + ]; + trusted-public-keys = [ + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; + + nixPath = [ + "nixpkgs=${channelPath}" + ]; + }; + + systemd.tmpfiles.rules = [ + "L+ ${channelPath} - - - - ${pkgs.path}" + ]; + }; +} diff --git a/modules/base/documentation.nix b/modules/base/documentation.nix new file mode 100644 index 0000000..0f3b9d3 --- /dev/null +++ b/modules/base/documentation.nix @@ -0,0 +1,19 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.base.documentation; + inherit (lib) mkEnableOption mkIf; +in { + options.base.documentation.enable = mkEnableOption "base module documentation"; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [man-pages man-pages-posix]; + documentation = { + dev.enable = true; + man.enable = true; + }; + }; +} diff --git a/modules/base/packages.nix b/modules/base/packages.nix new file mode 100644 index 0000000..68f56aa --- /dev/null +++ b/modules/base/packages.nix @@ -0,0 +1,34 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.base.defaultPackages; + inherit (lib) mkEnableOption mkIf; +in { + options.base.defaultPackages.enable = mkEnableOption "base module default packages"; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + cachix + hyfetch + neofetch + pinentry-curses + python311 + ]; + + programs = { + git.enable = true; + + gnupg = { + agent = { + enable = true; + pinentryFlavor = lib.mkDefault "curses"; + }; + }; + + vim.defaultEditor = true; + }; + }; +} diff --git a/modules/default.nix b/modules/default.nix new file mode 100644 index 0000000..4c3dbf8 --- /dev/null +++ b/modules/default.nix @@ -0,0 +1,8 @@ +_: { + imports = [ + ./base + ./desktop + ./hardware + ./nixos + ]; +} diff --git a/modules/desktop/audio.nix b/modules/desktop/audio.nix new file mode 100644 index 0000000..cbfbf55 --- /dev/null +++ b/modules/desktop/audio.nix @@ -0,0 +1,23 @@ +{ + config, + lib, + ... +}: let + cfg = config.desktop.audio; + inherit (lib) mkEnableOption mkIf; +in { + options.desktop.audio.enable = mkEnableOption "enable audio support"; + + config = mkIf cfg.enable { + services = { + pipewire = { + enable = true; + wireplumber.enable = true; + alsa.enable = true; + jack.enable = true; + pulse.enable = true; + }; + }; + hardware.pulseaudio.enable = false; + }; +} diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix new file mode 100644 index 0000000..e4c08fb --- /dev/null +++ b/modules/desktop/default.nix @@ -0,0 +1,39 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.desktop; + inherit (lib) mkDefault mkEnableOption mkIf; +in { + imports = [ + ./audio.nix + ./fonts.nix + ./gnome + ./plasma + ]; + + options.desktop.enable = mkEnableOption "desktop module"; + + config = mkIf cfg.enable { + nixos.enable = true; + + desktop = { + audio.enable = mkDefault true; + fonts.enable = mkDefault true; + }; + + environment = { + noXlibs = lib.mkForce false; + systemPackages = with pkgs; [pinentry-curses wl-clipboard xclip]; + }; + programs = { + dconf.enable = true; + firefox.enable = true; + xwayland.enable = true; + }; + services.xserver.enable = true; + xdg.portal.enable = true; + }; +} diff --git a/modules/desktop/fonts.nix b/modules/desktop/fonts.nix new file mode 100644 index 0000000..8470568 --- /dev/null +++ b/modules/desktop/fonts.nix @@ -0,0 +1,33 @@ +{ + config, + pkgs, + lib, + ... +}: let + cfg = config.desktop.fonts; + inherit (lib) mkEnableOption mkIf; +in { + options.desktop.fonts.enable = mkEnableOption "enable default fonts"; + + config = mkIf cfg.enable { + fonts = { + enableDefaultFonts = true; + fonts = with pkgs; [ + corefonts + fira-code + (nerdfonts.override {fonts = ["FiraCode"];}) + noto-fonts + noto-fonts-extra + noto-fonts-emoji + noto-fonts-cjk-sans + ]; + + fontconfig.defaultFonts = { + serif = ["Noto Serif"]; + sansSerif = ["Noto Sans"]; + emoji = ["Noto Color Emoji"]; + monospace = ["Fira Code"]; + }; + }; + }; +} diff --git a/modules/desktop/gnome/default.nix b/modules/desktop/gnome/default.nix new file mode 100644 index 0000000..55b53f5 --- /dev/null +++ b/modules/desktop/gnome/default.nix @@ -0,0 +1,38 @@ +{ + config, + pkgs, + lib, + ... +}: let + cfg = config.desktop.gnome; + inherit (lib) mkEnableOption mkIf; +in { + options.desktop.gnome.enable = mkEnableOption "enable gnome"; + + config = mkIf cfg.enable { + desktop.enable = true; + + environment = { + gnome.excludePackages = with pkgs; [ + epiphany + gnome-tour + ]; + systemPackages = with pkgs; [ + adw-gtk3 + blackbox-terminal + pinentry-gnome + pinentry-gnome + ]; + }; + + services.xserver = { + displayManager.gdm = { + enable = true; + wayland = lib.mkForce true; + }; + desktopManager.gnome.enable = true; + }; + + programs.gnupg.agent.pinentryFlavor = "gnome3"; + }; +} diff --git a/modules/desktop/plasma/default.nix b/modules/desktop/plasma/default.nix new file mode 100644 index 0000000..7434f52 --- /dev/null +++ b/modules/desktop/plasma/default.nix @@ -0,0 +1,32 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.desktop.plasma; + inherit (lib) mkEnableOption mkIf; +in { + options.desktop.plasma.enable = mkEnableOption "enable plasma"; + + config = mkIf cfg.enable { + desktop.enable = true; + + environment.systemPackages = with pkgs; [pinentry-qt]; + + services.xserver = { + displayManager.sddm.enable = true; + desktopManager.plasma5 = { + enable = true; + excludePackages = with pkgs.libsForQt5; [ + khelpcenter + plasma-browser-integration + print-manager + ]; + useQtScaling = true; + }; + }; + + programs.gnupg.agent.pinentryFlavor = "qt"; + }; +} diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix new file mode 100644 index 0000000..00f3169 --- /dev/null +++ b/modules/hardware/default.nix @@ -0,0 +1,18 @@ +{ + config, + lib, + ... +}: let + cfg = config.myHardware; + inherit (lib) mkEnableOption mkIf; +in { + options.myHardware.enable = mkEnableOption "hardware module"; + + imports = [ + ./nvidia.nix + ]; + + config = mkIf cfg.enable { + hardware.enableAllFirmware = true; + }; +} diff --git a/modules/hardware/nvidia.nix b/modules/hardware/nvidia.nix new file mode 100644 index 0000000..12f6550 --- /dev/null +++ b/modules/hardware/nvidia.nix @@ -0,0 +1,33 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.myHardware.nvidia; + inherit (lib) mkEnableOption mkIf; +in { + options.myHardware.nvidia.enable = mkEnableOption "enable nvidia support"; + + config = mkIf cfg.enable { + myHardware.enable = true; + + hardware = { + nvidia = { + package = config.boot.kernelPackages.nvidiaPackages.stable; + modesetting.enable = true; + }; + + opengl = { + enable = true; + # make steam work + driSupport32Bit = true; + extraPackages = with pkgs; [ + vaapiVdpau + ]; + }; + }; + + services.xserver.videoDrivers = ["nvidia"]; + }; +} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix new file mode 100644 index 0000000..5767d6b --- /dev/null +++ b/modules/nixos/default.nix @@ -0,0 +1,28 @@ +{ + config, + lib, + ... +}: let + cfg = config.nixos; + inherit (lib) mkDefault mkEnableOption mkIf; +in { + options.nixos.enable = mkEnableOption "base nixos module"; + + imports = [ + ./locale.nix + ./network.nix + ./root.nix + ./security.nix + ./systemd.nix + ./virtualisation.nix + ]; + + config = mkIf cfg.enable { + base.enable = true; + nixos = { + defaultLocale.enable = mkDefault true; + defaultRoot.enable = mkDefault true; + networking.enable = mkDefault true; + }; + }; +} diff --git a/modules/nixos/locale.nix b/modules/nixos/locale.nix new file mode 100644 index 0000000..1ac2466 --- /dev/null +++ b/modules/nixos/locale.nix @@ -0,0 +1,24 @@ +{ + config, + lib, + ... +}: let + cfg = config.nixos.defaultLocale; + inherit (lib) mkEnableOption mkIf; +in { + options.nixos.defaultLocale.enable = mkEnableOption "enable default locale"; + + config = mkIf cfg.enable { + i18n = { + supportedLocales = [ + "en_US.UTF-8/UTF-8" + ]; + defaultLocale = "en_US.UTF-8"; + }; + + time = { + hardwareClockInLocalTime = true; + timeZone = "America/New_York"; + }; + }; +} diff --git a/modules/nixos/network.nix b/modules/nixos/network.nix new file mode 100644 index 0000000..8ad670e --- /dev/null +++ b/modules/nixos/network.nix @@ -0,0 +1,26 @@ +{ + config, + lib, + ... +}: let + cfg = config.nixos.networking; + inherit (lib) mkEnableOption mkIf; +in { + options.nixos.networking.enable = mkEnableOption "enable networking"; + + config = mkIf cfg.enable { + networking.networkmanager = { + enable = true; + dns = "systemd-resolved"; + }; + services.resolved = { + enable = lib.mkDefault true; + dnssec = "allow-downgrade"; + extraConfig = '' + [Resolve] + DNS=1.1.1.1 1.0.0.1 + DNSOverTLS=yes + ''; + }; + }; +} diff --git a/modules/nixos/root.nix b/modules/nixos/root.nix new file mode 100644 index 0000000..4e27694 --- /dev/null +++ b/modules/nixos/root.nix @@ -0,0 +1,19 @@ +{ + config, + lib, + ... +}: let + cfg = config.nixos.defaultRoot; + inherit (lib) mkEnableOption mkIf; +in { + options.nixos.defaultRoot.enable = mkEnableOption "enable default root user"; + + config = mkIf cfg.enable { + users.users.root = { + home = "/root"; + uid = config.ids.uids.root; + group = "root"; + passwordFile = config.age.secrets.rootPassword.path; + }; + }; +} diff --git a/modules/nixos/security.nix b/modules/nixos/security.nix new file mode 100644 index 0000000..403cfa5 --- /dev/null +++ b/modules/nixos/security.nix @@ -0,0 +1,28 @@ +{ + lib, + pkgs, + ... +}: let + inherit (lib) mkDefault; +in { + security = { + apparmor.enable = mkDefault true; + audit.enable = mkDefault true; + auditd.enable = mkDefault true; + polkit.enable = mkDefault true; + rtkit.enable = mkDefault true; + sudo.execWheelOnly = true; + }; + + services.dbus.apparmor = mkDefault "enabled"; + + users = { + defaultUserShell = pkgs.bash; + mutableUsers = false; + }; + + nix.settings = { + allowed-users = ["root" "@wheel"]; + trusted-users = ["root"]; + }; +} diff --git a/modules/nixos/systemd.nix b/modules/nixos/systemd.nix new file mode 100644 index 0000000..2888c0b --- /dev/null +++ b/modules/nixos/systemd.nix @@ -0,0 +1,7 @@ +_: { + services = { + journald.extraConfig = '' + MaxRetentionSec=1w + ''; + }; +} diff --git a/modules/nixos/virtualisation.nix b/modules/nixos/virtualisation.nix new file mode 100644 index 0000000..d3ceb28 --- /dev/null +++ b/modules/nixos/virtualisation.nix @@ -0,0 +1,23 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.nixos.virtualisation; + inherit (lib) mkEnableOption mkIf; +in { + options.nixos.virtualisation.enable = mkEnableOption "enable podman"; + + config = mkIf cfg.enable { + virtualisation = { + podman = { + enable = true; + enableNvidia = true; + extraPackages = with pkgs; [podman-compose]; + autoPrune.enable = true; + }; + oci-containers.backend = "podman"; + }; + }; +} diff --git a/profiles/base/default.nix b/profiles/base/default.nix deleted file mode 100644 index 3d41319..0000000 --- a/profiles/base/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{pkgs, ...}: let - channelPath = "/etc/nix/channels/nixpkgs"; -in { - imports = [ - ./documentation.nix - ./packages.nix - ]; - - nix = { - package = pkgs.nixFlakes; - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 7d"; - }; - settings = { - auto-optimise-store = true; - warn-dirty = false; - experimental-features = ["nix-command" "flakes"]; - trusted-substituters = [ - "https://nix-community.cachix.org" - ]; - trusted-public-keys = [ - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; - }; - nixPath = [ - "nixpkgs=${channelPath}" - ]; - }; - - systemd.tmpfiles.rules = [ - "L+ ${channelPath} - - - - ${pkgs.path}" - ]; -} diff --git a/profiles/base/documentation.nix b/profiles/base/documentation.nix deleted file mode 100644 index bd22316..0000000 --- a/profiles/base/documentation.nix +++ /dev/null @@ -1,7 +0,0 @@ -{pkgs, ...}: { - environment.systemPackages = with pkgs; [man-pages man-pages-posix]; - documentation = { - dev.enable = true; - man.enable = true; - }; -} diff --git a/profiles/base/packages.nix b/profiles/base/packages.nix deleted file mode 100644 index 7cc6d59..0000000 --- a/profiles/base/packages.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - environment.systemPackages = with pkgs; [ - cachix - hyfetch - neofetch - pinentry-curses - python311 - ]; - - programs = { - git.enable = true; - gnupg = { - agent = { - enable = true; - pinentryFlavor = lib.mkDefault "curses"; - }; - }; - vim.defaultEditor = true; - }; -} diff --git a/profiles/desktop/default.nix b/profiles/desktop/default.nix deleted file mode 100644 index 3dcf0c8..0000000 --- a/profiles/desktop/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - imports = [ - ../nixos - ./fonts.nix - ./network.nix - ./services.nix - ]; - environment = { - noXlibs = lib.mkForce false; - systemPackages = with pkgs; [pinentry-curses wl-clipboard xclip]; - }; - programs = { - dconf.enable = true; - firefox.enable = true; - xwayland.enable = true; - }; - services.xserver.enable = true; - xdg.portal.enable = true; -} diff --git a/profiles/desktop/fonts.nix b/profiles/desktop/fonts.nix deleted file mode 100644 index 89bff21..0000000 --- a/profiles/desktop/fonts.nix +++ /dev/null @@ -1,20 +0,0 @@ -{pkgs, ...}: { - fonts = { - enableDefaultFonts = true; - fonts = with pkgs; [ - corefonts - fira-code - (nerdfonts.override {fonts = ["FiraCode"];}) - noto-fonts - noto-fonts-extra - noto-fonts-emoji - noto-fonts-cjk-sans - ]; - fontconfig.defaultFonts = { - serif = ["Noto Serif"]; - sansSerif = ["Noto Sans"]; - emoji = ["Noto Color Emoji"]; - monospace = ["Fira Code"]; - }; - }; -} diff --git a/profiles/desktop/gnome/default.nix b/profiles/desktop/gnome/default.nix deleted file mode 100644 index d225531..0000000 --- a/profiles/desktop/gnome/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - imports = [ - ../. - ]; - environment = { - gnome.excludePackages = with pkgs; [ - epiphany - gnome-tour - ]; - systemPackages = with pkgs; [ - adw-gtk3 - blackbox-terminal - pinentry-gnome - pinentry-gnome - ]; - }; - - services.xserver = { - displayManager.gdm = { - enable = true; - wayland = lib.mkForce true; - }; - desktopManager.gnome.enable = true; - }; - - programs.gnupg.agent.pinentryFlavor = "gnome3"; -} diff --git a/profiles/desktop/network.nix b/profiles/desktop/network.nix deleted file mode 100644 index 4a380cd..0000000 --- a/profiles/desktop/network.nix +++ /dev/null @@ -1,6 +0,0 @@ -_: { - networking.networkmanager = { - enable = true; - dns = "systemd-resolved"; - }; -} diff --git a/profiles/desktop/plasma/default.nix b/profiles/desktop/plasma/default.nix deleted file mode 100644 index b04279d..0000000 --- a/profiles/desktop/plasma/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{pkgs, ...}: { - imports = [ - ../. - ]; - - environment.systemPackages = with pkgs; [pinentry-qt]; - - services.xserver = { - displayManager.sddm.enable = true; - desktopManager.plasma5 = { - enable = true; - excludePackages = with pkgs.libsForQt5; [ - khelpcenter - plasma-browser-integration - print-manager - ]; - useQtScaling = true; - }; - }; - - programs.gnupg.agent.pinentryFlavor = "qt"; -} diff --git a/profiles/desktop/services.nix b/profiles/desktop/services.nix deleted file mode 100644 index 4d83240..0000000 --- a/profiles/desktop/services.nix +++ /dev/null @@ -1,16 +0,0 @@ -_: { - services = { - dbus = { - enable = true; - apparmor = "enabled"; - }; - pipewire = { - enable = true; - wireplumber.enable = true; - alsa.enable = true; - jack.enable = true; - pulse.enable = true; - }; - }; - hardware.pulseaudio.enable = false; -} diff --git a/profiles/hardware/default.nix b/profiles/hardware/default.nix deleted file mode 100644 index be395d2..0000000 --- a/profiles/hardware/default.nix +++ /dev/null @@ -1,3 +0,0 @@ -_: { - hardware.enableAllFirmware = true; -} diff --git a/profiles/hardware/nvidia.nix b/profiles/hardware/nvidia.nix deleted file mode 100644 index 473eb81..0000000 --- a/profiles/hardware/nvidia.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - config, - pkgs, - ... -}: { - imports = [ - ./. - ]; - hardware = { - nvidia = { - package = config.boot.kernelPackages.nvidiaPackages.stable; - modesetting.enable = true; - }; - opengl = { - enable = true; - # make steam work - driSupport32Bit = true; - extraPackages = with pkgs; [ - vaapiVdpau - ]; - }; - }; - - services.xserver.videoDrivers = ["nvidia"]; -} diff --git a/profiles/nixos/default.nix b/profiles/nixos/default.nix deleted file mode 100644 index 078ee24..0000000 --- a/profiles/nixos/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -_: { - imports = [ - ../base - ../../users/root - ./locale.nix - ./security.nix - ./systemd.nix - ]; -} diff --git a/profiles/nixos/locale.nix b/profiles/nixos/locale.nix deleted file mode 100644 index 45589ef..0000000 --- a/profiles/nixos/locale.nix +++ /dev/null @@ -1,13 +0,0 @@ -_: { - i18n = { - supportedLocales = [ - "en_US.UTF-8/UTF-8" - ]; - defaultLocale = "en_US.UTF-8"; - }; - - time = { - hardwareClockInLocalTime = true; - timeZone = "America/New_York"; - }; -} diff --git a/profiles/nixos/security.nix b/profiles/nixos/security.nix deleted file mode 100644 index 4e7303a..0000000 --- a/profiles/nixos/security.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - security = { - apparmor.enable = lib.mkDefault true; - audit.enable = lib.mkDefault true; - auditd.enable = lib.mkDefault true; - polkit.enable = true; - rtkit.enable = true; - sudo.execWheelOnly = true; - }; - - users = { - defaultUserShell = pkgs.bash; - mutableUsers = false; - }; - - nix.settings = { - allowed-users = ["root" "@wheel"]; - trusted-users = ["root"]; - }; -} diff --git a/profiles/nixos/systemd.nix b/profiles/nixos/systemd.nix deleted file mode 100644 index 0e40e39..0000000 --- a/profiles/nixos/systemd.nix +++ /dev/null @@ -1,16 +0,0 @@ -{lib, ...}: { - services = { - journald.extraConfig = '' - MaxRetentionSec=1w - ''; - resolved = { - enable = lib.mkDefault true; - dnssec = "allow-downgrade"; - extraConfig = '' - [Resolve] - DNS=1.1.1.1 1.0.0.1 - DNSOverTLS=yes - ''; - }; - }; -} diff --git a/profiles/virtualisation.nix b/profiles/virtualisation.nix deleted file mode 100644 index f78ca1d..0000000 --- a/profiles/virtualisation.nix +++ /dev/null @@ -1,11 +0,0 @@ -{pkgs, ...}: { - virtualisation = { - podman = { - enable = true; - enableNvidia = true; - extraPackages = with pkgs; [podman-compose]; - autoPrune.enable = true; - }; - oci-containers.backend = "podman"; - }; -} diff --git a/users/default.nix b/users/default.nix index 6f5a787..964fc3d 100644 --- a/users/default.nix +++ b/users/default.nix @@ -1,9 +1,11 @@ -{inputs}: +inputs: system: with inputs; { - users = {system}: { - seth = { - pkgs = nixpkgsUnstable.legacyPackages.${system}; - stateVersion = "23.05"; + seth = { + pkgs = import nixpkgsUnstable { + inherit system; + overlays = [nur.overlay getchoo.overlays.default]; }; + + stateVersion = "23.05"; }; } diff --git a/users/root/default.nix b/users/root/default.nix deleted file mode 100644 index a77e461..0000000 --- a/users/root/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{config, ...}: { - users.users.root = { - home = "/root"; - uid = config.ids.uids.root; - group = "root"; - passwordFile = config.age.secrets.rootPassword.path; - }; -} |