From 9758b8236dcaafb958e6ef4f634d201af0bea80b Mon Sep 17 00:00:00 2001 From: seth Date: Fri, 2 Feb 2024 14:40:21 -0500 Subject: modules/nixos+darwin: make everything an actual module again --- modules/darwin/base.nix | 2 +- modules/darwin/desktop.nix | 49 ++++++++------- modules/nixos/default.nix | 3 - modules/nixos/desktop/budgie/default.nix | 101 +++++++++++++++++------------- modules/nixos/desktop/default.nix | 95 ++++++++++++++++------------ modules/nixos/desktop/gnome/default.nix | 43 ++++++++----- modules/nixos/desktop/plasma/default.nix | 37 +++++++---- modules/nixos/features/containers.nix | 23 +++++++ modules/nixos/features/default.nix | 2 +- modules/nixos/features/tailscale.nix | 4 +- modules/nixos/features/virtualisation.nix | 23 ------- modules/nixos/server/acme.nix | 27 +++++--- modules/nixos/server/default.nix | 43 +++++++------ modules/nixos/server/secrets.nix | 23 +++++-- modules/nixos/services/hercules.nix | 4 +- modules/nixos/services/promtail.nix | 2 +- 16 files changed, 277 insertions(+), 204 deletions(-) create mode 100644 modules/nixos/features/containers.nix delete mode 100644 modules/nixos/features/virtualisation.nix (limited to 'modules') diff --git a/modules/darwin/base.nix b/modules/darwin/base.nix index a6bcc3f..913ea04 100644 --- a/modules/darwin/base.nix +++ b/modules/darwin/base.nix @@ -1,4 +1,4 @@ -{ +_: { imports = [../shared]; programs = { diff --git a/modules/darwin/desktop.nix b/modules/darwin/desktop.nix index 6dd7e65..c6eb106 100644 --- a/modules/darwin/desktop.nix +++ b/modules/darwin/desktop.nix @@ -1,32 +1,39 @@ { + config, lib, pkgs, ... -}: { - fonts.fonts = with pkgs; - lib.mkDefault [ - (nerdfonts.override {fonts = ["FiraCode"];}) - ]; +}: let + cfg = config.desktop; +in { + options.desktop.enable = lib.mkEnableOption "base desktop settings"; - homebrew = { - enable = lib.mkDefault true; + config = lib.mkIf cfg.enable { + fonts.fonts = with pkgs; + lib.mkDefault [ + (nerdfonts.override {fonts = ["FiraCode"];}) + ]; - onActivation = lib.mkDefault { - autoUpdate = true; - cleanup = "zap"; - upgrade = true; - }; + homebrew = { + enable = lib.mkDefault true; + + onActivation = lib.mkDefault { + autoUpdate = true; + cleanup = "zap"; + upgrade = true; + }; - caskArgs = { - no_quarantine = true; - require_sha = false; + caskArgs = { + no_quarantine = true; + require_sha = false; + }; + + casks = [ + "chromium" + "iterm2" + ]; }; - casks = [ - "chromium" - "iterm2" - ]; + programs.gnupg.agent.enable = lib.mkDefault true; }; - - programs.gnupg.agent.enable = lib.mkDefault true; } diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 80b0ae1..8d838bf 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -3,9 +3,6 @@ default = ./base.nix; desktop = ./desktop; features = ./features; - gnome = ./desktop/gnome; - plasma = ./desktop/plasma; - budgie = ./desktop/budgie; server = ./server; services = ./services; }; diff --git a/modules/nixos/desktop/budgie/default.nix b/modules/nixos/desktop/budgie/default.nix index cb236b5..dbd3715 100644 --- a/modules/nixos/desktop/budgie/default.nix +++ b/modules/nixos/desktop/budgie/default.nix @@ -1,54 +1,65 @@ -{pkgs, ...}: { - environment = { - budgie.excludePackages = with pkgs; [ - qogir-theme - qogir-icon-theme +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.desktop.budgie; +in { + options.desktop.budgie.enable = lib.mkEnableOption "budgie desktop"; - # i don't like mates apps. fedora doesn't use them either :/ - mate.atril - mate.pluma - mate.engrampa - mate.mate-calc - mate.mate-terminal - mate.mate-system-monitor - vlc - ]; + config = lib.mkIf cfg.enable { + environment = { + budgie.excludePackages = with pkgs; [ + qogir-theme + qogir-icon-theme - systemPackages = with pkgs; [ - materia-theme - papirus-icon-theme + # i don't like mates apps. fedora doesn't use them either :/ + mate.atril + mate.pluma + mate.engrampa + mate.mate-calc + mate.mate-terminal + mate.mate-system-monitor + vlc + ]; - # replacements for mate stuff - evince - gedit - cinnamon.nemo-fileroller - gnome.gnome-calculator - blackbox-terminal - gnome.gnome-system-monitor - celluloid - ]; - }; + systemPackages = with pkgs; [ + materia-theme + papirus-icon-theme - services.xserver = { - displayManager.lightdm.greeters.slick = { - theme = { - name = "Materia-dark"; - package = pkgs.materia-theme; - }; - iconTheme = { - name = "Papirus-Dark"; - package = pkgs.papirus-icon-theme; - }; + # replacements for mate stuff + evince + gedit + cinnamon.nemo-fileroller + gnome.gnome-calculator + blackbox-terminal + gnome.gnome-system-monitor + celluloid + ]; }; - desktopManager.budgie = { - enable = true; - extraGSettingsOverrides = '' - [org.gnome.desktop.interface:Budgie] - color-scheme='prefer-dark' - gtk-theme='Materia-dark' - icon-theme='Papirus-Dark' - ''; + services.xserver = { + displayManager.lightdm.greeters.slick = { + theme = { + name = "Materia-dark"; + package = pkgs.materia-theme; + }; + iconTheme = { + name = "Papirus-Dark"; + package = pkgs.papirus-icon-theme; + }; + }; + + desktopManager.budgie = { + enable = true; + extraGSettingsOverrides = '' + [org.gnome.desktop.interface:Budgie] + color-scheme='prefer-dark' + gtk-theme='Materia-dark' + icon-theme='Papirus-Dark' + ''; + }; }; }; } diff --git a/modules/nixos/desktop/default.nix b/modules/nixos/desktop/default.nix index 68e9d65..12023ef 100644 --- a/modules/nixos/desktop/default.nix +++ b/modules/nixos/desktop/default.nix @@ -1,55 +1,68 @@ { + config, lib, pkgs, ... -}: { - environment = { - noXlibs = lib.mkForce false; - systemPackages = with pkgs; [wl-clipboard xclip]; - }; +}: let + cfg = config.desktop; +in { + options.desktop.enable = lib.mkEnableOption "base desktop settings"; + + imports = [ + ./budgie + ./gnome + ./plasma + ]; + + config = lib.mkIf cfg.enable { + environment = { + noXlibs = lib.mkForce false; + systemPackages = with pkgs; [wl-clipboard xclip]; + }; + + fonts = { + enableDefaultPackages = lib.mkDefault true; + + packages = with pkgs; [ + (nerdfonts.override {fonts = ["FiraCode" "Hack" "Noto"];}) + noto-fonts + noto-fonts-extra + noto-fonts-color-emoji + noto-fonts-cjk-sans + ]; - fonts = { - enableDefaultPackages = lib.mkDefault true; - - packages = with pkgs; [ - (nerdfonts.override {fonts = ["FiraCode" "Hack" "Noto"];}) - noto-fonts - noto-fonts-extra - noto-fonts-color-emoji - noto-fonts-cjk-sans - ]; - - fontconfig = { - enable = lib.mkDefault true; - cache32Bit = true; - defaultFonts = lib.mkDefault { - serif = ["Noto Serif"]; - sansSerif = ["Noto Sans"]; - emoji = ["Noto Color Emoji"]; - monospace = ["Noto Sans Mono"]; + fontconfig = { + enable = lib.mkDefault true; + cache32Bit = true; + defaultFonts = lib.mkDefault { + serif = ["Noto Serif"]; + sansSerif = ["Noto Sans"]; + emoji = ["Noto Color Emoji"]; + monospace = ["Noto Sans Mono"]; + }; }; }; - }; - hardware.pulseaudio.enable = false; + hardware.pulseaudio.enable = false; - programs = { - chromium.enable = lib.mkDefault true; - firefox.enable = lib.mkDefault true; - xwayland.enable = lib.mkDefault true; - }; + programs = { + chromium.enable = lib.mkDefault true; + firefox.enable = lib.mkDefault true; + xwayland.enable = lib.mkDefault true; + }; - services = { - pipewire = lib.mkDefault { - enable = true; - wireplumber.enable = true; - alsa.enable = true; - jack.enable = true; - pulse.enable = true; + services = { + pipewire = lib.mkDefault { + enable = true; + wireplumber.enable = true; + alsa.enable = true; + jack.enable = true; + pulse.enable = true; + }; + + xserver.enable = lib.mkDefault true; }; - xserver.enable = lib.mkDefault true; + xdg.portal.enable = lib.mkDefault true; }; - - xdg.portal.enable = lib.mkDefault true; } diff --git a/modules/nixos/desktop/gnome/default.nix b/modules/nixos/desktop/gnome/default.nix index 18f023f..a925199 100644 --- a/modules/nixos/desktop/gnome/default.nix +++ b/modules/nixos/desktop/gnome/default.nix @@ -1,21 +1,32 @@ -{pkgs, ...}: { - environment = { - gnome.excludePackages = with pkgs; [ - gnome-tour - ]; +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.desktop.gnome; +in { + options.desktop.gnome.enable = lib.mkEnableOption "GNOME desktop"; - sessionVariables = { - NIXOS_OZONE_WL = "1"; - }; + config = lib.mkIf cfg.enable { + environment = { + gnome.excludePackages = with pkgs; [ + gnome-tour + ]; - systemPackages = with pkgs; [ - adw-gtk3 - blackbox-terminal - ]; - }; + sessionVariables = { + NIXOS_OZONE_WL = "1"; + }; - services.xserver = { - displayManager.gdm.enable = true; - desktopManager.gnome.enable = true; + systemPackages = with pkgs; [ + adw-gtk3 + blackbox-terminal + ]; + }; + + services.xserver = { + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + }; }; } diff --git a/modules/nixos/desktop/plasma/default.nix b/modules/nixos/desktop/plasma/default.nix index d580e3f..df9fe38 100644 --- a/modules/nixos/desktop/plasma/default.nix +++ b/modules/nixos/desktop/plasma/default.nix @@ -1,17 +1,28 @@ -{pkgs, ...}: { - environment = { - plasma5.excludePackages = with pkgs.libsForQt5; [ - khelpcenter - plasma-browser-integration - print-manager - ]; - }; +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.desktop.plasma; +in { + options.desktop.plasma.enable = lib.mkEnableOption "Plasma desktop"; + + config = lib.mkIf cfg.enable { + environment = { + plasma5.excludePackages = with pkgs.libsForQt5; [ + khelpcenter + plasma-browser-integration + print-manager + ]; + }; - services.xserver = { - displayManager.sddm.enable = true; - desktopManager.plasma5 = { - enable = true; - useQtScaling = true; + services.xserver = { + displayManager.sddm.enable = true; + desktopManager.plasma5 = { + enable = true; + useQtScaling = true; + }; }; }; } diff --git a/modules/nixos/features/containers.nix b/modules/nixos/features/containers.nix new file mode 100644 index 0000000..290f7b0 --- /dev/null +++ b/modules/nixos/features/containers.nix @@ -0,0 +1,23 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.features.containers; +in { + options.features.containers = { + enable = lib.mkEnableOption "containers support"; + }; + + config.virtualisation = lib.mkIf cfg.enable { + podman = { + enable = true; + enableNvidia = lib.mkDefault (builtins.elem "nvidia" (config.services.xserver.videoDrivers or [])); + extraPackages = with pkgs; [podman-compose]; + autoPrune.enable = true; + }; + + oci-containers.backend = "podman"; + }; +} diff --git a/modules/nixos/features/default.nix b/modules/nixos/features/default.nix index 3ef81c3..607277f 100644 --- a/modules/nixos/features/default.nix +++ b/modules/nixos/features/default.nix @@ -1,7 +1,7 @@ { imports = [ + ./containers.nix ./nvk ./tailscale.nix - ./virtualisation.nix ]; } diff --git a/modules/nixos/features/tailscale.nix b/modules/nixos/features/tailscale.nix index 22168f3..9eba428 100644 --- a/modules/nixos/features/tailscale.nix +++ b/modules/nixos/features/tailscale.nix @@ -7,8 +7,8 @@ cfg = config.features.tailscale; in { options.features.tailscale = { - enable = lib.mkEnableOption "enable support for tailscale"; - ssh.enable = lib.mkEnableOption "enable support for tailscale ssh"; + enable = lib.mkEnableOption "Tailscale"; + ssh.enable = lib.mkEnableOption "Tailscale SSH"; }; config = lib.mkIf cfg.enable { diff --git a/modules/nixos/features/virtualisation.nix b/modules/nixos/features/virtualisation.nix deleted file mode 100644 index 3ecc9a5..0000000 --- a/modules/nixos/features/virtualisation.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.features.virtualisation; -in { - options.features.virtualisation = { - enable = lib.mkEnableOption "enable podman"; - }; - - config.virtualisation = lib.mkIf cfg.enable { - podman = { - enable = true; - enableNvidia = lib.mkDefault (builtins.elem "nvidia" (config.services.xserver.videoDrivers or [])); - extraPackages = with pkgs; [podman-compose]; - autoPrune.enable = true; - }; - - oci-containers.backend = "podman"; - }; -} diff --git a/modules/nixos/server/acme.nix b/modules/nixos/server/acme.nix index edb499c..a08c8ae 100644 --- a/modules/nixos/server/acme.nix +++ b/modules/nixos/server/acme.nix @@ -1,18 +1,25 @@ { config, + lib, secretsDir, ... -}: { - age.secrets = { - cloudflareApiKey.file = secretsDir + "/cloudflareApiKey.age"; - }; +}: let + cfg = config.server.acme; +in { + options.server.acme.enable = lib.mkEnableOption "ACME support"; + + config = lib.mkIf cfg.enable { + age.secrets = { + cloudflareApiKey.file = secretsDir + "/cloudflareApiKey.age"; + }; - security.acme = { - acceptTerms = true; - defaults = { - email = "getchoo@tuta.io"; - dnsProvider = "cloudflare"; - credentialsFile = config.age.secrets.cloudflareApiKey.path; + security.acme = { + acceptTerms = true; + defaults = { + email = "getchoo@tuta.io"; + dnsProvider = "cloudflare"; + credentialsFile = config.age.secrets.cloudflareApiKey.path; + }; }; }; } diff --git a/modules/nixos/server/default.nix b/modules/nixos/server/default.nix index d503eae..d412067 100644 --- a/modules/nixos/server/default.nix +++ b/modules/nixos/server/default.nix @@ -4,33 +4,38 @@ pkgs, inputs, ... -}: { +}: let + cfg = config.server; +in { + options.server.enable = lib.mkEnableOption "base server settings"; + imports = [ - # disabled since i use cloudflare tunnels - #./acme.nix + ./acme.nix ./secrets.nix ]; - _module.args.unstable = inputs.nixpkgs.legacyPackages.${pkgs.stdenv.hostPlatform.system}; + config = lib.mkIf cfg.enable { + _module.args.unstable = inputs.nixpkgs.legacyPackages.${pkgs.stdenv.hostPlatform.system}; - boot = { - tmp.cleanOnBoot = lib.mkDefault true; - kernelPackages = lib.mkDefault pkgs.linuxPackages_hardened; - }; + boot = { + tmp.cleanOnBoot = lib.mkDefault true; + kernelPackages = lib.mkDefault pkgs.linuxPackages_hardened; + }; - documentation = { - enable = false; - man.enable = false; - }; + documentation = { + enable = false; + man.enable = false; + }; - environment.defaultPackages = lib.mkForce []; + environment.defaultPackages = lib.mkForce []; - nix = { - gc = { - dates = "*-*-1,5,9,13,17,21,25,29 00:00:00"; - options = "-d --delete-older-than 2d"; - }; + nix = { + gc = { + dates = "*-*-1,5,9,13,17,21,25,29 00:00:00"; + options = "-d --delete-older-than 2d"; + }; - settings.allowed-users = [config.networking.hostName]; + settings.allowed-users = [config.networking.hostName]; + }; }; } diff --git a/modules/nixos/server/secrets.nix b/modules/nixos/server/secrets.nix index 1d572bd..0f38995 100644 --- a/modules/nixos/server/secrets.nix +++ b/modules/nixos/server/secrets.nix @@ -1,10 +1,21 @@ -{secretsDir, ...}: { - age = { - identityPaths = ["/etc/age/key"]; +{ + config, + lib, + secretsDir, + ... +}: let + cfg = config.server.secrets; +in { + options.server.secrets.enable = lib.mkEnableOption "secrets management"; - secrets = { - rootPassword.file = secretsDir + "/rootPassword.age"; - userPassword.file = secretsDir + "/userPassword.age"; + config = lib.mkIf cfg.enable { + age = { + identityPaths = ["/etc/age/key"]; + + secrets = { + rootPassword.file = secretsDir + "/rootPassword.age"; + userPassword.file = secretsDir + "/userPassword.age"; + }; }; }; } diff --git a/modules/nixos/services/hercules.nix b/modules/nixos/services/hercules.nix index c394da0..879367c 100644 --- a/modules/nixos/services/hercules.nix +++ b/modules/nixos/services/hercules.nix @@ -15,8 +15,8 @@ }; in { options.server.services.hercules-ci = { - enable = mkEnableOption "enable hercules-ci"; - secrets.enable = mkEnableOption "manage secrets for hercules-ci"; + enable = mkEnableOption "hercules-ci"; + secrets.enable = mkEnableOption "secrets management for hercules-ci"; }; config = mkIf cfg.enable { diff --git a/modules/nixos/services/promtail.nix b/modules/nixos/services/promtail.nix index 63faf15..ced1ece 100644 --- a/modules/nixos/services/promtail.nix +++ b/modules/nixos/services/promtail.nix @@ -7,7 +7,7 @@ inherit (lib) mkEnableOption mkIf mkOption types; in { options.server.services.promtail = { - enable = mkEnableOption "enable promtail"; + enable = mkEnableOption "Promtail"; clients = mkOption { type = types.listOf types.attrs; -- cgit v1.2.3