trustmeim.gay / nix
Personal Nix flake
nixos home-manager nix
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

refactor: Split base nixos config into separate modules

Lucas Chaim 654cc932 e9a8d76c

+198 -177
-177
modules/nixos/base/default.nix
··· 1 - # Edit this configuration file to define what should be installed on 2 - # your system. Help is available in the configuration.nix(5) man page, on 3 - # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). 4 1 { 5 - config, 6 2 lib, 7 3 pkgs, 8 4 ... 9 5 }: let 10 - inherit (lib) mkDefault; 11 - inherit (lib.lpchaim) shared; 12 6 inherit (lib.snowfall) fs; 13 - getFileSystemsByFsType = fsType: 14 - lib.filterAttrs (_: fs: fs.fsType == fsType) config.fileSystems; 15 7 in { 16 8 imports = [ 17 9 (fs.get-file "modules/shared") 18 10 ]; 19 11 20 - # Boot 21 - boot = { 22 - binfmt.emulatedSystems = lib.optionals pkgs.stdenv.isx86_64 ["aarch64-linux"]; 23 - loader = { 24 - grub = { 25 - enable = mkDefault false; 26 - device = "nodev"; 27 - efiSupport = true; 28 - configurationLimit = 5; 29 - }; 30 - efi.canTouchEfiVariables = true; 31 - systemd-boot = { 32 - enable = mkDefault true; 33 - editor = false; 34 - configurationLimit = 5; 35 - memtest86.enable = pkgs.stdenv.isx86_64; 36 - netbootxyz.enable = true; 37 - }; 38 - }; 39 - initrd.systemd.enable = true; 40 - plymouth = { 41 - enable = true; 42 - theme = mkDefault "breeze"; 43 - }; 44 - kernelParams = ["splash" "quiet" "btusb.enable_autosuspend=n"]; 45 - }; 46 - 47 - # Package manager 48 - nix = { 49 - package = pkgs.lix; 50 - extraOptions = '' 51 - experimental-features = flakes nix-command 52 - ''; 53 - settings = shared.nix.settings; 54 - gc = { 55 - automatic = !config.programs.nh.clean.enable; 56 - dates = "weekly"; 57 - }; 58 - }; 59 - 60 - # Networking 61 - networking = { 62 - firewall = { 63 - enable = true; 64 - allowedTCPPorts = [ 65 - 57621 # spotify local discovery 66 - 5353 # spotify cast discovery 67 - ]; 68 - }; 69 - dhcpcd.extraConfig = let 70 - wifiOffset = 2000; 71 - in '' 72 - ssid Lpchaim5G 73 - metric ${toString (wifiOffset - 20)} 74 - 75 - ssid Lpchaim 76 - metric ${toString (wifiOffset - 10)} 77 - ''; 78 - }; 79 - 80 - # Internationalization 81 - time = { 82 - timeZone = "America/Sao_Paulo"; 83 - hardwareClockInLocalTime = true; 84 - }; 85 - i18n = { 86 - supportedLocales = [ 87 - "en_US.UTF-8/UTF-8" 88 - "pt_BR.UTF-8/UTF-8" 89 - ]; 90 - defaultLocale = "en_US.UTF-8"; 91 - }; 92 - console.useXkbConfig = true; # use xkb.options in tty. 93 - services.xserver.xkb = { 94 - inherit (lib.lpchaim.shared.kb.default) layout options variant; 95 - }; 96 - 97 - # Hardware 98 - hardware = { 99 - bluetooth = { 100 - enable = true; 101 - settings = { 102 - General = { 103 - FastConnectable = true; 104 - }; 105 - }; 106 - }; 107 - graphics = let 108 - getExtraPackages = p: 109 - with p; 110 - lib.optionals pkgs.stdenv.isx86_64 [ 111 - intel-media-driver 112 - intel-vaapi-driver 113 - ]; 114 - in { 115 - enable = lib.mkDefault false; 116 - enable32Bit = config.hardware.graphics.enable && pkgs.stdenv.isx86_64; 117 - extraPackages = lib.mkIf config.hardware.graphics.enable (getExtraPackages pkgs); 118 - extraPackages32 = lib.mkIf config.hardware.graphics.enable (getExtraPackages pkgs.pkgsi686Linux); 119 - }; 120 - }; 121 - 122 - # Programs 123 - programs = { 124 - adb.enable = true; 125 - fish.enable = true; 126 - nix-ld.enable = true; 127 - nh = { 128 - enable = true; 129 - clean = { 130 - enable = true; 131 - dates = "weekly"; 132 - extraArgs = "--keep 5"; 133 - }; 134 - }; 135 - zsh.enable = true; 136 - }; 137 12 environment.systemPackages = with pkgs; [ 138 13 android-udev-rules 139 14 helix ··· 146 21 NIXPKGS_ALLOW_UNFREE = "1"; 147 22 }; 148 23 149 - # Services 150 - services = { 151 - blueman.enable = true; 152 - btrfs.autoScrub = let 153 - btrfsFileSystems = getFileSystemsByFsType "btrfs"; 154 - in 155 - lib.mkIf (btrfsFileSystems != {}) { 156 - enable = true; 157 - interval = "monthly"; 158 - fileSystems = 159 - if btrfsFileSystems ? "/" 160 - then ["/"] 161 - else lib.attrNames btrfsFileSystems; 162 - }; 163 - devmon.enable = true; 164 - fstrim = { 165 - enable = true; 166 - interval = "weekly"; 167 - }; 168 - fwupd.enable = true; 169 - gvfs.enable = true; 170 - libinput.enable = true; 171 - ollama = { 172 - enable = true; 173 - openFirewall = true; 174 - host = "127.0.0.1"; 175 - port = 11434; 176 - }; 177 - openssh = { 178 - enable = true; 179 - allowSFTP = true; 180 - openFirewall = true; 181 - settings = { 182 - PasswordAuthentication = mkDefault false; 183 - PermitRootLogin = mkDefault "no"; 184 - }; 185 - }; 186 - power-profiles-daemon.enable = true; 187 - printing.enable = true; 188 - udisks2.enable = true; 189 - }; 190 - services.xserver.enable = lib.mkDefault true; 191 - 192 - # Misc 193 24 home-manager = { 194 25 backupFileExtension = "backup"; 195 26 useGlobalPkgs = true; 196 27 useUserPackages = true; 197 - }; 198 - sops = { 199 - defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml"; 200 - age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; 201 - secrets = { 202 - password.neededForUsers = true; 203 - "tailscale/oauth/secret" = {}; 204 - }; 205 28 }; 206 29 stylix = { 207 30 homeManagerIntegration = {
+33
modules/nixos/boot/default.nix
··· 1 + { 2 + lib, 3 + pkgs, 4 + ... 5 + }: let 6 + inherit (lib) mkDefault; 7 + in { 8 + boot = { 9 + binfmt.emulatedSystems = lib.optionals pkgs.stdenv.isx86_64 ["aarch64-linux"]; 10 + loader = { 11 + grub = { 12 + enable = mkDefault false; 13 + device = "nodev"; 14 + efiSupport = true; 15 + configurationLimit = 5; 16 + }; 17 + efi.canTouchEfiVariables = true; 18 + systemd-boot = { 19 + enable = mkDefault true; 20 + editor = false; 21 + configurationLimit = 5; 22 + memtest86.enable = pkgs.stdenv.isx86_64; 23 + netbootxyz.enable = true; 24 + }; 25 + }; 26 + initrd.systemd.enable = true; 27 + plymouth = { 28 + enable = true; 29 + theme = mkDefault "breeze"; 30 + }; 31 + kernelParams = ["splash" "quiet" "btusb.enable_autosuspend=n"]; 32 + }; 33 + }
+30
modules/nixos/hardware/default.nix
··· 1 + { 2 + config, 3 + lib, 4 + pkgs, 5 + ... 6 + }: { 7 + hardware = { 8 + bluetooth = { 9 + enable = true; 10 + settings = { 11 + General = { 12 + FastConnectable = true; 13 + }; 14 + }; 15 + }; 16 + graphics = let 17 + getExtraPackages = p: 18 + with p; 19 + lib.optionals pkgs.stdenv.isx86_64 [ 20 + intel-media-driver 21 + intel-vaapi-driver 22 + ]; 23 + in { 24 + enable = lib.mkDefault false; 25 + enable32Bit = config.hardware.graphics.enable && pkgs.stdenv.isx86_64; 26 + extraPackages = lib.mkIf config.hardware.graphics.enable (getExtraPackages pkgs); 27 + extraPackages32 = lib.mkIf config.hardware.graphics.enable (getExtraPackages pkgs.pkgsi686Linux); 28 + }; 29 + }; 30 + }
+17
modules/nixos/locale/default.nix
··· 1 + {lib, ...}: { 2 + time = { 3 + timeZone = "America/Sao_Paulo"; 4 + hardwareClockInLocalTime = true; 5 + }; 6 + i18n = { 7 + supportedLocales = [ 8 + "en_US.UTF-8/UTF-8" 9 + "pt_BR.UTF-8/UTF-8" 10 + ]; 11 + defaultLocale = "en_US.UTF-8"; 12 + }; 13 + console.useXkbConfig = true; # use xkb.options in tty. 14 + services.xserver.xkb = { 15 + inherit (lib.lpchaim.shared.kb.default) layout options variant; 16 + }; 17 + }
+20
modules/nixos/networking/default.nix
··· 1 + { 2 + networking = { 3 + firewall = { 4 + enable = true; 5 + allowedTCPPorts = [ 6 + 57621 # spotify local discovery 7 + 5353 # spotify cast discovery 8 + ]; 9 + }; 10 + dhcpcd.extraConfig = let 11 + wifiOffset = 2000; 12 + in '' 13 + ssid Lpchaim5G 14 + metric ${toString (wifiOffset - 20)} 15 + 16 + ssid Lpchaim 17 + metric ${toString (wifiOffset - 10)} 18 + ''; 19 + }; 20 + }
+20
modules/nixos/nix/default.nix
··· 1 + { 2 + config, 3 + lib, 4 + pkgs, 5 + ... 6 + }: let 7 + inherit (lib.lpchaim) shared; 8 + in { 9 + nix = { 10 + package = pkgs.lix; 11 + extraOptions = '' 12 + experimental-features = flakes nix-command 13 + ''; 14 + settings = shared.nix.settings; 15 + gc = { 16 + automatic = !config.programs.nh.clean.enable; 17 + dates = "weekly"; 18 + }; 19 + }; 20 + }
+16
modules/nixos/programs/default.nix
··· 1 + { 2 + programs = { 3 + adb.enable = true; 4 + fish.enable = true; 5 + nix-ld.enable = true; 6 + nh = { 7 + enable = true; 8 + clean = { 9 + enable = true; 10 + dates = "weekly"; 11 + extraArgs = "--keep 5"; 12 + }; 13 + }; 14 + zsh.enable = true; 15 + }; 16 + }
+10
modules/nixos/secrets/default.nix
··· 1 + {lib, ...}: { 2 + sops = { 3 + defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml"; 4 + age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; 5 + secrets = { 6 + password.neededForUsers = true; 7 + "tailscale/oauth/secret" = {}; 8 + }; 9 + }; 10 + }
+52
modules/nixos/services/default.nix
··· 1 + { 2 + config, 3 + lib, 4 + ... 5 + }: let 6 + inherit (lib) mkDefault; 7 + getFileSystemsByFsType = fsType: 8 + lib.filterAttrs (_: fs: fs.fsType == fsType) config.fileSystems; 9 + in { 10 + # Services 11 + services = { 12 + blueman.enable = true; 13 + btrfs.autoScrub = let 14 + btrfsFileSystems = getFileSystemsByFsType "btrfs"; 15 + in 16 + lib.mkIf (btrfsFileSystems != {}) { 17 + enable = true; 18 + interval = "monthly"; 19 + fileSystems = 20 + if btrfsFileSystems ? "/" 21 + then ["/"] 22 + else lib.attrNames btrfsFileSystems; 23 + }; 24 + devmon.enable = true; 25 + fstrim = { 26 + enable = true; 27 + interval = "weekly"; 28 + }; 29 + fwupd.enable = true; 30 + gvfs.enable = true; 31 + libinput.enable = true; 32 + ollama = { 33 + enable = true; 34 + openFirewall = true; 35 + host = "127.0.0.1"; 36 + port = 11434; 37 + }; 38 + openssh = { 39 + enable = true; 40 + allowSFTP = true; 41 + openFirewall = true; 42 + settings = { 43 + PasswordAuthentication = mkDefault false; 44 + PermitRootLogin = mkDefault "no"; 45 + }; 46 + }; 47 + power-profiles-daemon.enable = true; 48 + printing.enable = true; 49 + udisks2.enable = true; 50 + }; 51 + services.xserver.enable = lib.mkDefault true; 52 + }