summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/base/default.nix56
-rw-r--r--modules/base/documentation.nix19
-rw-r--r--modules/base/packages.nix34
-rw-r--r--modules/default.nix8
-rw-r--r--modules/desktop/audio.nix23
-rw-r--r--modules/desktop/default.nix39
-rw-r--r--modules/desktop/fonts.nix33
-rw-r--r--modules/desktop/gnome/default.nix38
-rw-r--r--modules/desktop/plasma/default.nix32
-rw-r--r--modules/hardware/default.nix18
-rw-r--r--modules/hardware/nvidia.nix33
-rw-r--r--modules/nixos/default.nix28
-rw-r--r--modules/nixos/locale.nix24
-rw-r--r--modules/nixos/network.nix26
-rw-r--r--modules/nixos/root.nix19
-rw-r--r--modules/nixos/security.nix28
-rw-r--r--modules/nixos/systemd.nix7
-rw-r--r--modules/nixos/virtualisation.nix23
18 files changed, 488 insertions, 0 deletions
diff --git a/modules/base/default.nix b/modules/base/default.nix
new file mode 100644
index 0000000..0523d0e
--- /dev/null
+++ b/modules/base/default.nix
@@ -0,0 +1,56 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}: let
+ cfg = config.base;
+ inherit (lib) mkDefault mkEnableOption mkIf;
+in {
+ options.base.enable = mkEnableOption "base module";
+
+ imports = [
+ ./documentation.nix
+ ./packages.nix
+ ];
+
+ config = let
+ channelPath = "/etc/nix/channels/nixpkgs";
+ in
+ mkIf cfg.enable {
+ base = {
+ documentation.enable = mkDefault true;
+ defaultPackages.enable = mkDefault true;
+ };
+
+ nix = {
+ package = pkgs.nixFlakes;
+
+ gc = {
+ automatic = true;
+ dates = "weekly";
+ options = "--delete-older-than 7d";
+ };
+
+ settings = {
+ auto-optimise-store = true;
+ warn-dirty = false;
+ experimental-features = ["nix-command" "flakes"];
+ trusted-substituters = [
+ "https://nix-community.cachix.org"
+ ];
+ trusted-public-keys = [
+ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+ ];
+ };
+
+ nixPath = [
+ "nixpkgs=${channelPath}"
+ ];
+ };
+
+ systemd.tmpfiles.rules = [
+ "L+ ${channelPath} - - - - ${pkgs.path}"
+ ];
+ };
+}
diff --git a/modules/base/documentation.nix b/modules/base/documentation.nix
new file mode 100644
index 0000000..0f3b9d3
--- /dev/null
+++ b/modules/base/documentation.nix
@@ -0,0 +1,19 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}: let
+ cfg = config.base.documentation;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.base.documentation.enable = mkEnableOption "base module documentation";
+
+ config = mkIf cfg.enable {
+ environment.systemPackages = with pkgs; [man-pages man-pages-posix];
+ documentation = {
+ dev.enable = true;
+ man.enable = true;
+ };
+ };
+}
diff --git a/modules/base/packages.nix b/modules/base/packages.nix
new file mode 100644
index 0000000..68f56aa
--- /dev/null
+++ b/modules/base/packages.nix
@@ -0,0 +1,34 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}: let
+ cfg = config.base.defaultPackages;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.base.defaultPackages.enable = mkEnableOption "base module default packages";
+
+ config = mkIf cfg.enable {
+ environment.systemPackages = with pkgs; [
+ cachix
+ hyfetch
+ neofetch
+ pinentry-curses
+ python311
+ ];
+
+ programs = {
+ git.enable = true;
+
+ gnupg = {
+ agent = {
+ enable = true;
+ pinentryFlavor = lib.mkDefault "curses";
+ };
+ };
+
+ vim.defaultEditor = true;
+ };
+ };
+}
diff --git a/modules/default.nix b/modules/default.nix
new file mode 100644
index 0000000..4c3dbf8
--- /dev/null
+++ b/modules/default.nix
@@ -0,0 +1,8 @@
+_: {
+ imports = [
+ ./base
+ ./desktop
+ ./hardware
+ ./nixos
+ ];
+}
diff --git a/modules/desktop/audio.nix b/modules/desktop/audio.nix
new file mode 100644
index 0000000..cbfbf55
--- /dev/null
+++ b/modules/desktop/audio.nix
@@ -0,0 +1,23 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ cfg = config.desktop.audio;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.desktop.audio.enable = mkEnableOption "enable audio support";
+
+ config = mkIf cfg.enable {
+ services = {
+ pipewire = {
+ enable = true;
+ wireplumber.enable = true;
+ alsa.enable = true;
+ jack.enable = true;
+ pulse.enable = true;
+ };
+ };
+ hardware.pulseaudio.enable = false;
+ };
+}
diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix
new file mode 100644
index 0000000..e4c08fb
--- /dev/null
+++ b/modules/desktop/default.nix
@@ -0,0 +1,39 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}: let
+ cfg = config.desktop;
+ inherit (lib) mkDefault mkEnableOption mkIf;
+in {
+ imports = [
+ ./audio.nix
+ ./fonts.nix
+ ./gnome
+ ./plasma
+ ];
+
+ options.desktop.enable = mkEnableOption "desktop module";
+
+ config = mkIf cfg.enable {
+ nixos.enable = true;
+
+ desktop = {
+ audio.enable = mkDefault true;
+ fonts.enable = mkDefault true;
+ };
+
+ environment = {
+ noXlibs = lib.mkForce false;
+ systemPackages = with pkgs; [pinentry-curses wl-clipboard xclip];
+ };
+ programs = {
+ dconf.enable = true;
+ firefox.enable = true;
+ xwayland.enable = true;
+ };
+ services.xserver.enable = true;
+ xdg.portal.enable = true;
+ };
+}
diff --git a/modules/desktop/fonts.nix b/modules/desktop/fonts.nix
new file mode 100644
index 0000000..8470568
--- /dev/null
+++ b/modules/desktop/fonts.nix
@@ -0,0 +1,33 @@
+{
+ config,
+ pkgs,
+ lib,
+ ...
+}: let
+ cfg = config.desktop.fonts;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.desktop.fonts.enable = mkEnableOption "enable default fonts";
+
+ config = mkIf cfg.enable {
+ fonts = {
+ enableDefaultFonts = true;
+ fonts = with pkgs; [
+ corefonts
+ fira-code
+ (nerdfonts.override {fonts = ["FiraCode"];})
+ noto-fonts
+ noto-fonts-extra
+ noto-fonts-emoji
+ noto-fonts-cjk-sans
+ ];
+
+ fontconfig.defaultFonts = {
+ serif = ["Noto Serif"];
+ sansSerif = ["Noto Sans"];
+ emoji = ["Noto Color Emoji"];
+ monospace = ["Fira Code"];
+ };
+ };
+ };
+}
diff --git a/modules/desktop/gnome/default.nix b/modules/desktop/gnome/default.nix
new file mode 100644
index 0000000..55b53f5
--- /dev/null
+++ b/modules/desktop/gnome/default.nix
@@ -0,0 +1,38 @@
+{
+ config,
+ pkgs,
+ lib,
+ ...
+}: let
+ cfg = config.desktop.gnome;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.desktop.gnome.enable = mkEnableOption "enable gnome";
+
+ config = mkIf cfg.enable {
+ desktop.enable = true;
+
+ environment = {
+ gnome.excludePackages = with pkgs; [
+ epiphany
+ gnome-tour
+ ];
+ systemPackages = with pkgs; [
+ adw-gtk3
+ blackbox-terminal
+ pinentry-gnome
+ pinentry-gnome
+ ];
+ };
+
+ services.xserver = {
+ displayManager.gdm = {
+ enable = true;
+ wayland = lib.mkForce true;
+ };
+ desktopManager.gnome.enable = true;
+ };
+
+ programs.gnupg.agent.pinentryFlavor = "gnome3";
+ };
+}
diff --git a/modules/desktop/plasma/default.nix b/modules/desktop/plasma/default.nix
new file mode 100644
index 0000000..7434f52
--- /dev/null
+++ b/modules/desktop/plasma/default.nix
@@ -0,0 +1,32 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}: let
+ cfg = config.desktop.plasma;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.desktop.plasma.enable = mkEnableOption "enable plasma";
+
+ config = mkIf cfg.enable {
+ desktop.enable = true;
+
+ environment.systemPackages = with pkgs; [pinentry-qt];
+
+ services.xserver = {
+ displayManager.sddm.enable = true;
+ desktopManager.plasma5 = {
+ enable = true;
+ excludePackages = with pkgs.libsForQt5; [
+ khelpcenter
+ plasma-browser-integration
+ print-manager
+ ];
+ useQtScaling = true;
+ };
+ };
+
+ programs.gnupg.agent.pinentryFlavor = "qt";
+ };
+}
diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix
new file mode 100644
index 0000000..00f3169
--- /dev/null
+++ b/modules/hardware/default.nix
@@ -0,0 +1,18 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ cfg = config.myHardware;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.myHardware.enable = mkEnableOption "hardware module";
+
+ imports = [
+ ./nvidia.nix
+ ];
+
+ config = mkIf cfg.enable {
+ hardware.enableAllFirmware = true;
+ };
+}
diff --git a/modules/hardware/nvidia.nix b/modules/hardware/nvidia.nix
new file mode 100644
index 0000000..12f6550
--- /dev/null
+++ b/modules/hardware/nvidia.nix
@@ -0,0 +1,33 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}: let
+ cfg = config.myHardware.nvidia;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.myHardware.nvidia.enable = mkEnableOption "enable nvidia support";
+
+ config = mkIf cfg.enable {
+ myHardware.enable = true;
+
+ hardware = {
+ nvidia = {
+ package = config.boot.kernelPackages.nvidiaPackages.stable;
+ modesetting.enable = true;
+ };
+
+ opengl = {
+ enable = true;
+ # make steam work
+ driSupport32Bit = true;
+ extraPackages = with pkgs; [
+ vaapiVdpau
+ ];
+ };
+ };
+
+ services.xserver.videoDrivers = ["nvidia"];
+ };
+}
diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix
new file mode 100644
index 0000000..5767d6b
--- /dev/null
+++ b/modules/nixos/default.nix
@@ -0,0 +1,28 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ cfg = config.nixos;
+ inherit (lib) mkDefault mkEnableOption mkIf;
+in {
+ options.nixos.enable = mkEnableOption "base nixos module";
+
+ imports = [
+ ./locale.nix
+ ./network.nix
+ ./root.nix
+ ./security.nix
+ ./systemd.nix
+ ./virtualisation.nix
+ ];
+
+ config = mkIf cfg.enable {
+ base.enable = true;
+ nixos = {
+ defaultLocale.enable = mkDefault true;
+ defaultRoot.enable = mkDefault true;
+ networking.enable = mkDefault true;
+ };
+ };
+}
diff --git a/modules/nixos/locale.nix b/modules/nixos/locale.nix
new file mode 100644
index 0000000..1ac2466
--- /dev/null
+++ b/modules/nixos/locale.nix
@@ -0,0 +1,24 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ cfg = config.nixos.defaultLocale;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.nixos.defaultLocale.enable = mkEnableOption "enable default locale";
+
+ config = mkIf cfg.enable {
+ i18n = {
+ supportedLocales = [
+ "en_US.UTF-8/UTF-8"
+ ];
+ defaultLocale = "en_US.UTF-8";
+ };
+
+ time = {
+ hardwareClockInLocalTime = true;
+ timeZone = "America/New_York";
+ };
+ };
+}
diff --git a/modules/nixos/network.nix b/modules/nixos/network.nix
new file mode 100644
index 0000000..8ad670e
--- /dev/null
+++ b/modules/nixos/network.nix
@@ -0,0 +1,26 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ cfg = config.nixos.networking;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.nixos.networking.enable = mkEnableOption "enable networking";
+
+ config = mkIf cfg.enable {
+ networking.networkmanager = {
+ enable = true;
+ dns = "systemd-resolved";
+ };
+ services.resolved = {
+ enable = lib.mkDefault true;
+ dnssec = "allow-downgrade";
+ extraConfig = ''
+ [Resolve]
+ DNS=1.1.1.1 1.0.0.1
+ DNSOverTLS=yes
+ '';
+ };
+ };
+}
diff --git a/modules/nixos/root.nix b/modules/nixos/root.nix
new file mode 100644
index 0000000..4e27694
--- /dev/null
+++ b/modules/nixos/root.nix
@@ -0,0 +1,19 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ cfg = config.nixos.defaultRoot;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.nixos.defaultRoot.enable = mkEnableOption "enable default root user";
+
+ config = mkIf cfg.enable {
+ users.users.root = {
+ home = "/root";
+ uid = config.ids.uids.root;
+ group = "root";
+ passwordFile = config.age.secrets.rootPassword.path;
+ };
+ };
+}
diff --git a/modules/nixos/security.nix b/modules/nixos/security.nix
new file mode 100644
index 0000000..403cfa5
--- /dev/null
+++ b/modules/nixos/security.nix
@@ -0,0 +1,28 @@
+{
+ lib,
+ pkgs,
+ ...
+}: let
+ inherit (lib) mkDefault;
+in {
+ security = {
+ apparmor.enable = mkDefault true;
+ audit.enable = mkDefault true;
+ auditd.enable = mkDefault true;
+ polkit.enable = mkDefault true;
+ rtkit.enable = mkDefault true;
+ sudo.execWheelOnly = true;
+ };
+
+ services.dbus.apparmor = mkDefault "enabled";
+
+ users = {
+ defaultUserShell = pkgs.bash;
+ mutableUsers = false;
+ };
+
+ nix.settings = {
+ allowed-users = ["root" "@wheel"];
+ trusted-users = ["root"];
+ };
+}
diff --git a/modules/nixos/systemd.nix b/modules/nixos/systemd.nix
new file mode 100644
index 0000000..2888c0b
--- /dev/null
+++ b/modules/nixos/systemd.nix
@@ -0,0 +1,7 @@
+_: {
+ services = {
+ journald.extraConfig = ''
+ MaxRetentionSec=1w
+ '';
+ };
+}
diff --git a/modules/nixos/virtualisation.nix b/modules/nixos/virtualisation.nix
new file mode 100644
index 0000000..d3ceb28
--- /dev/null
+++ b/modules/nixos/virtualisation.nix
@@ -0,0 +1,23 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}: let
+ cfg = config.nixos.virtualisation;
+ inherit (lib) mkEnableOption mkIf;
+in {
+ options.nixos.virtualisation.enable = mkEnableOption "enable podman";
+
+ config = mkIf cfg.enable {
+ virtualisation = {
+ podman = {
+ enable = true;
+ enableNvidia = true;
+ extraPackages = with pkgs; [podman-compose];
+ autoPrune.enable = true;
+ };
+ oci-containers.backend = "podman";
+ };
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 20:43:05 +0000