diff options
Diffstat (limited to 'modules/nixos')
| -rw-r--r-- | modules/nixos/archetypes/server.nix | 1 | ||||
| -rw-r--r-- | modules/nixos/base/default.nix | 26 | ||||
| -rw-r--r-- | modules/nixos/base/documentation.nix | 20 | ||||
| -rw-r--r-- | modules/nixos/base/networking.nix | 5 | ||||
| -rw-r--r-- | modules/nixos/base/nix.nix | 1 | ||||
| -rw-r--r-- | modules/nixos/base/security.nix | 5 |
6 files changed, 19 insertions, 39 deletions
diff --git a/modules/nixos/archetypes/server.nix b/modules/nixos/archetypes/server.nix index 165725d..053fda2 100644 --- a/modules/nixos/archetypes/server.nix +++ b/modules/nixos/archetypes/server.nix @@ -10,7 +10,6 @@ in config = lib.mkIf cfg.enable { base = { enable = true; - documentation.enable = false; defaultPrograms.enable = false; }; diff --git a/modules/nixos/base/default.nix b/modules/nixos/base/default.nix index d80d573..30e75d9 100644 --- a/modules/nixos/base/default.nix +++ b/modules/nixos/base/default.nix @@ -4,10 +4,12 @@ pkgs, ... }: +let + cfg = config.base; +in { imports = [ ../../shared - ./documentation.nix ./networking.nix ./nix.nix ./programs.nix @@ -15,16 +17,18 @@ ./users.nix ]; - services.journald.extraConfig = '' - MaxRetentionSec=1w - ''; - - system.activationScripts."upgrade-diff" = { - supportsDryActivation = true; - text = '' - ${lib.getExe pkgs.nvd} \ - --nix-bin-dir=${config.nix.package}/bin \ - diff /run/current-system "$systemConfig" + config = lib.mkIf cfg.enable { + services.journald.extraConfig = '' + MaxRetentionSec=1w ''; + + system.activationScripts."upgrade-diff" = { + supportsDryActivation = true; + text = '' + ${lib.getExe pkgs.nvd} \ + --nix-bin-dir=${config.nix.package}/bin \ + diff /run/current-system "$systemConfig" + ''; + }; }; } diff --git a/modules/nixos/base/documentation.nix b/modules/nixos/base/documentation.nix deleted file mode 100644 index 986c6ee..0000000 --- a/modules/nixos/base/documentation.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - cfg = config.base.documentation; - enable = config.base.enable && cfg.enable; -in -{ - config = lib.mkIf enable { - documentation.nixos.enable = false; - - environment.systemPackages = with pkgs; [ - man-pages - man-pages-posix - ]; - }; -} diff --git a/modules/nixos/base/networking.nix b/modules/nixos/base/networking.nix index 49feca5..35e8558 100644 --- a/modules/nixos/base/networking.nix +++ b/modules/nixos/base/networking.nix @@ -1,16 +1,15 @@ { config, lib, ... }: let cfg = config.base.networking; - enable = config.base.enable && cfg.enable; in { options.base.networking = { enable = lib.mkEnableOption "base network settings" // { - default = true; + default = config.base.enable; }; }; - config = lib.mkIf enable { + config = lib.mkIf cfg.enable { networking.networkmanager = { enable = lib.mkDefault true; dns = "systemd-resolved"; diff --git a/modules/nixos/base/nix.nix b/modules/nixos/base/nix.nix index 6c49312..29b0264 100644 --- a/modules/nixos/base/nix.nix +++ b/modules/nixos/base/nix.nix @@ -7,7 +7,6 @@ in config = lib.mkIf enable { nix = { channel.enable = lib.mkDefault false; - gc.dates = lib.mkDefault "weekly"; settings.trusted-users = [ "root" "@wheel" diff --git a/modules/nixos/base/security.nix b/modules/nixos/base/security.nix index c3d606f..5857f0d 100644 --- a/modules/nixos/base/security.nix +++ b/modules/nixos/base/security.nix @@ -1,16 +1,15 @@ { config, lib, ... }: let cfg = config.base.security; - enable = config.base.enable && cfg.enable; in { options.base.security = { enable = lib.mkEnableOption "base security settings" // { - default = true; + default = config.base.enable; }; }; - config = lib.mkIf enable { + config = lib.mkIf cfg.enable { security = { apparmor.enable = lib.mkDefault true; audit.enable = lib.mkDefault true; |