diff options
Diffstat (limited to 'parts/modules/nixos/base')
| -rw-r--r-- | parts/modules/nixos/base/default.nix | 34 | ||||
| -rw-r--r-- | parts/modules/nixos/base/documentation.nix | 21 | ||||
| -rw-r--r-- | parts/modules/nixos/base/locale.nix | 18 | ||||
| -rw-r--r-- | parts/modules/nixos/base/network.nix | 26 | ||||
| -rw-r--r-- | parts/modules/nixos/base/nix.nix | 24 | ||||
| -rw-r--r-- | parts/modules/nixos/base/packages.nix | 15 | ||||
| -rw-r--r-- | parts/modules/nixos/base/root.nix | 26 | ||||
| -rw-r--r-- | parts/modules/nixos/base/security.nix | 27 | ||||
| -rw-r--r-- | parts/modules/nixos/base/systemd.nix | 7 | ||||
| -rw-r--r-- | parts/modules/nixos/base/upgrade-diff.nix | 12 |
10 files changed, 0 insertions, 210 deletions
diff --git a/parts/modules/nixos/base/default.nix b/parts/modules/nixos/base/default.nix deleted file mode 100644 index ed0fb23..0000000 --- a/parts/modules/nixos/base/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.base; - inherit (lib) mkDefault mkEnableOption mkIf; -in { - options.base.enable = mkEnableOption "base nixos module"; - - imports = [ - ../../shared - ./documentation.nix - ./locale.nix - ./network.nix - ./nix.nix - ./packages.nix - ./root.nix - ./security.nix - ./systemd.nix - ./upgrade-diff.nix - ]; - - config = mkIf cfg.enable { - base = { - defaultPackages.enable = mkDefault true; - defaultLocale.enable = mkDefault true; - defaultRoot.enable = mkDefault true; - documentation.enable = mkDefault true; - networking.enable = mkDefault true; - nix-settings.enable = mkDefault true; - }; - }; -} diff --git a/parts/modules/nixos/base/documentation.nix b/parts/modules/nixos/base/documentation.nix deleted file mode 100644 index 68a194f..0000000 --- a/parts/modules/nixos/base/documentation.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.base.documentation; - inherit (lib) mkIf; -in { - config = mkIf cfg.enable { - environment.systemPackages = with pkgs; [man-pages man-pages-posix]; - documentation = { - man = { - generateCaches = true; - man-db.enable = true; - }; - - dev.enable = true; - }; - }; -} diff --git a/parts/modules/nixos/base/locale.nix b/parts/modules/nixos/base/locale.nix deleted file mode 100644 index 7259ef2..0000000 --- a/parts/modules/nixos/base/locale.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.base.defaultLocale; - inherit (lib) mkIf; -in { - config = mkIf cfg.enable { - i18n = { - supportedLocales = [ - "en_US.UTF-8/UTF-8" - ]; - - defaultLocale = "en_US.UTF-8"; - }; - }; -} diff --git a/parts/modules/nixos/base/network.nix b/parts/modules/nixos/base/network.nix deleted file mode 100644 index 5bc90d1..0000000 --- a/parts/modules/nixos/base/network.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.base.networking; - inherit (lib) mkEnableOption mkIf; -in { - options.base.networking.enable = mkEnableOption "networking"; - - config = mkIf cfg.enable { - networking.networkmanager = { - enable = true; - dns = "systemd-resolved"; - }; - services.resolved = { - enable = lib.mkDefault true; - dnssec = "allow-downgrade"; - extraConfig = '' - [Resolve] - DNS=1.1.1.1 1.0.0.1 - DNSOverTLS=yes - ''; - }; - }; -} diff --git a/parts/modules/nixos/base/nix.nix b/parts/modules/nixos/base/nix.nix deleted file mode 100644 index 3dcac11..0000000 --- a/parts/modules/nixos/base/nix.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - config, - lib, - inputs, - ... -}: let - inherit (builtins) attrNames map; - inherit (lib) mkDefault mkIf; - cfg = config.base.nix-settings; - - channelPath = i: "/etc/nix/channels/${i}"; - - mapInputs = fn: map fn (attrNames inputs); -in { - config = mkIf cfg.enable { - nix = { - nixPath = mapInputs (i: "${i}=${channelPath i}"); - gc.dates = mkDefault "weekly"; - }; - - systemd.tmpfiles.rules = - mapInputs (i: "L+ ${channelPath i} - - - - ${inputs.${i}.outPath}"); - }; -} diff --git a/parts/modules/nixos/base/packages.nix b/parts/modules/nixos/base/packages.nix deleted file mode 100644 index 7390a40..0000000 --- a/parts/modules/nixos/base/packages.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.base.defaultPackages; - inherit (lib) mkIf; -in { - config = mkIf cfg.enable { - programs = { - git.enable = true; - vim.defaultEditor = true; - }; - }; -} diff --git a/parts/modules/nixos/base/root.nix b/parts/modules/nixos/base/root.nix deleted file mode 100644 index ecc5203..0000000 --- a/parts/modules/nixos/base/root.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.base.defaultRoot; - inherit (lib) mkDefault mkEnableOption mkIf; - - # yes this is a bad way to detect which option should be used (or exists) - # but i'm lazy. please do not copy this - passwordFile = - if lib.versionAtLeast config.system.stateVersion "23.11" - then "hashedPasswordFile" - else "passwordFile"; -in { - options.base.defaultRoot.enable = mkEnableOption "default root user"; - - config = mkIf cfg.enable { - users.users.root = { - home = mkDefault "/root"; - uid = mkDefault config.ids.uids.root; - group = mkDefault "root"; - "${passwordFile}" = mkDefault config.age.secrets.rootPassword.path; - }; - }; -} diff --git a/parts/modules/nixos/base/security.nix b/parts/modules/nixos/base/security.nix deleted file mode 100644 index e13d1c7..0000000 --- a/parts/modules/nixos/base/security.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ - lib, - pkgs, - ... -}: let - inherit (lib) mkDefault; -in { - security = { - apparmor.enable = mkDefault true; - audit.enable = mkDefault true; - auditd.enable = mkDefault true; - polkit.enable = mkDefault true; - rtkit.enable = mkDefault true; - sudo.execWheelOnly = true; - }; - - services.dbus.apparmor = mkDefault "enabled"; - - users = { - defaultUserShell = pkgs.bash; - mutableUsers = false; - }; - - nix.settings = { - trusted-users = ["root" "@wheel"]; - }; -} diff --git a/parts/modules/nixos/base/systemd.nix b/parts/modules/nixos/base/systemd.nix deleted file mode 100644 index 2888c0b..0000000 --- a/parts/modules/nixos/base/systemd.nix +++ /dev/null @@ -1,7 +0,0 @@ -_: { - services = { - journald.extraConfig = '' - MaxRetentionSec=1w - ''; - }; -} diff --git a/parts/modules/nixos/base/upgrade-diff.nix b/parts/modules/nixos/base/upgrade-diff.nix deleted file mode 100644 index 68be9af..0000000 --- a/parts/modules/nixos/base/upgrade-diff.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - config, - pkgs, - ... -}: { - system.activationScripts."upgrade-diff" = { - supportsDryActivation = true; - text = '' - ${pkgs.nvd}/bin/nvd --nix-bin-dir=${config.nix.package}/bin diff /run/current-system "$systemConfig" - ''; - }; -} |