karitham.dev / dotfiles
nix all the things
fork atom

modules: move the last of the more specific nixos modules

karitham.dev 01c25e63 ed3b4409

+141 -165
unified split
+9
modules/cachix.nix
··· 1 + { pkgs, lib, ... }: 2 + { 3 + nix.settings = { 4 + substituters = lib.mkAfter [ "https://karitham.cachix.org" ]; 5 + trusted-public-keys = lib.mkAfter [ "karitham.cachix.org-1:Q0wdHZsCssuepIrtx83gHibE0LTDYLVNnvaV3Nms9U0=" ]; 6 + }; 7 + 8 + environment.systemPackages = [ pkgs.cachix ]; 9 + }
+2 -4
modules/default.nix
··· 1 1 { 2 2 withSystem, 3 - config, 4 3 self, 5 4 nixpkgs, 6 5 inputs, ··· 54 53 modules = [ 55 54 { networking.hostName = hostname; } 56 55 ./core.nix 57 - ./nixos 58 56 ./systems/${hostname} 59 57 ]; 60 58 } ··· 74 72 nixosModules = { 75 73 dev = import ./dev/nixos.nix; 76 74 desktop = import ./desktop/nixos.nix; 77 - multi-scrobbler = import ./nixos/services/multi-scrobbler.nix; 78 - pds-backup = import ./nixos/services/pds.nix; 75 + multi-scrobbler = import ./services/multi-scrobbler.nix; 76 + pds-backup = import ./services/pds.nix; 79 77 }; 80 78 }; 81 79 }
+20 -1
modules/desktop/default.nix
··· 3 3 imports = [ 4 4 self.nixosModules.desktop 5 5 self.nixosModules.dev 6 + ../../modules/home 6 7 ../locale.nix 7 - ../nixos/desktop-common.nix 8 + ../nix.nix 9 + ../cachix.nix 8 10 ../hardware/peripherals.nix 9 11 ]; 10 12 11 13 desktop.enable = true; 12 14 dev.enable = true; 15 + 16 + networking.networkmanager.enable = true; 17 + 18 + services = { 19 + tailscale = { 20 + enable = true; 21 + useRoutingFeatures = "client"; 22 + }; 23 + touchegg.enable = true; 24 + blueman.enable = true; 25 + auto-cpufreq.enable = true; 26 + }; 27 + 28 + security = { 29 + sudo.wheelNeedsPassword = false; 30 + rtkit.enable = true; 31 + }; 13 32 14 33 home-manager.users.${config.my.username}.imports = [ 15 34 self.homeModules.desktop
+2 -9
modules/desktop/home.nix
··· 2 2 lib, 3 3 osConfig ? { }, 4 4 pkgs, 5 + config, 5 6 ... 6 7 }: 7 8 let 8 9 inherit (lib) mkEnableOption mkOption types; 9 10 in 10 11 { 11 - config.desktop = { 12 - inherit (osConfig.desktop or { }) 13 - enable 14 - wm 15 - terminal 16 - audio 17 - apps 18 - ; 19 - }; 12 + config.dev = lib.intersectAttrs config.dev (osConfig.dev or { }); 20 13 options.desktop = { 21 14 enable = mkEnableOption "all desktop tools"; 22 15
+2 -1
modules/dev/home.nix
··· 1 1 { 2 2 osConfig ? { }, 3 3 lib, 4 + config, 4 5 ... 5 6 }: 6 7 let 7 8 inherit (lib) mkEnableOption; 8 9 in 9 10 { 10 - config.dev = osConfig.dev or { }; 11 + config.dev = lib.intersectAttrs config.dev (osConfig.dev or { }); 11 12 options.dev = { 12 13 enable = mkEnableOption "all development tools"; 13 14
+2
modules/dev/nixos.nix
··· 16 16 editor.enable = mkEnableOption "editor tools"; 17 17 vcs.enable = mkEnableOption "version control tools"; 18 18 tools.enable = mkEnableOption "development utilities"; 19 + docker.enable = mkEnableOption "Docker"; 19 20 }; 20 21 21 22 config = { ··· 23 24 dev.editor.enable = mkIf cfg.enable true; 24 25 dev.vcs.enable = mkIf cfg.enable true; 25 26 dev.tools.enable = mkIf cfg.enable true; 27 + dev.docker.enable = mkIf cfg.enable true; 26 28 27 29 users.defaultUserShell = mkIf (cfg.enable || cfg.shell.enable) pkgs.nushell; 28 30 environment.shells = mkIf (cfg.enable || cfg.shell.enable) [ pkgs.nushell ];
+56
modules/nix.nix
··· 1 + { 2 + inputs, 3 + config, 4 + pkgs, 5 + ... 6 + }: 7 + { 8 + nix = { 9 + package = pkgs.lix; 10 + 11 + registry.nixpkgs.flake = inputs.nixpkgs; 12 + registry.self.flake = inputs.self; 13 + channel.enable = false; 14 + 15 + settings = { 16 + auto-optimise-store = true; 17 + builders-use-substitutes = true; 18 + allowed-users = [ "@wheel" ]; 19 + trusted-users = [ "@wheel" ]; 20 + commit-lockfile-summary = "chore: Update flake.lock"; 21 + accept-flake-config = true; 22 + keep-derivations = true; 23 + keep-outputs = true; 24 + warn-dirty = false; 25 + 26 + sandbox = true; 27 + max-jobs = "auto"; 28 + keep-going = true; 29 + log-lines = 20; 30 + extra-experimental-features = [ 31 + "flakes" 32 + "nix-command" 33 + ]; 34 + }; 35 + }; 36 + 37 + environment.etc."nix/inputs/nixpkgs".source = "${inputs.nixpkgs}"; 38 + 39 + nixpkgs = { 40 + config = { 41 + allowUnfree = true; 42 + input-fonts.acceptLicense = true; 43 + }; 44 + overlays = [ 45 + inputs.self.overlays.default 46 + inputs.niri.overlays.niri 47 + inputs.ghostty.overlays.default 48 + inputs.knixpkgs.overlays.default 49 + ]; 50 + }; 51 + 52 + programs.nh = { 53 + enable = true; 54 + flake = "/home/${config.my.username}/dotfiles"; 55 + }; 56 + }
-18
modules/nixos/cachix.nix
··· 1 - { 2 - pkgs, 3 - lib, 4 - config, 5 - ... 6 - }: 7 - { 8 - config = lib.mkIf (!config.server) { 9 - nix.settings = { 10 - substituters = lib.mkAfter [ "https://karitham.cachix.org" ]; 11 - trusted-public-keys = lib.mkAfter [ 12 - "karitham.cachix.org-1:Q0wdHZsCssuepIrtx83gHibE0LTDYLVNnvaV3Nms9U0=" 13 - ]; 14 - }; 15 - 16 - environment.systemPackages = [ pkgs.cachix ]; 17 - }; 18 - }
-9
modules/nixos/default.nix
··· 1 - { ... }: 2 - { 3 - imports = [ 4 - ./nix.nix 5 - ./cachix.nix 6 - ./docker.nix 7 - ./server.nix 8 - ]; 9 - }
-22
modules/nixos/desktop-common.nix
··· 1 - _: { 2 - imports = [ ../../modules/home ]; 3 - 4 - networking.networkmanager.enable = true; 5 - 6 - services = { 7 - tailscale = { 8 - enable = true; 9 - useRoutingFeatures = "client"; 10 - }; 11 - touchegg.enable = true; 12 - blueman.enable = true; 13 - auto-cpufreq.enable = true; 14 - }; 15 - 16 - security = { 17 - sudo.wheelNeedsPassword = false; 18 - rtkit.enable = true; 19 - }; 20 - 21 - virtualisation.docker.enable = true; 22 - }
+3 -1
modules/nixos/docker.nix modules/dev/docker/default.nix
··· 1 - _: { 1 + { lib, ... }: 2 + { 2 3 virtualisation.docker = { 4 + enable = lib.mkDefault true; 3 5 enableOnBoot = false; 4 6 daemon.settings = { 5 7 shutdown-timeout = 2;
-59
modules/nixos/nix.nix
··· 1 - { 2 - inputs, 3 - lib, 4 - config, 5 - pkgs, 6 - ... 7 - }: 8 - { 9 - config = lib.mkIf (!config.server) { 10 - nix = { 11 - package = pkgs.lix; 12 - 13 - registry.nixpkgs.flake = inputs.nixpkgs; 14 - registry.self.flake = inputs.self; 15 - channel.enable = false; 16 - 17 - settings = { 18 - auto-optimise-store = true; 19 - builders-use-substitutes = true; 20 - allowed-users = [ "@wheel" ]; 21 - trusted-users = [ "@wheel" ]; 22 - commit-lockfile-summary = "chore: Update flake.lock"; 23 - accept-flake-config = true; 24 - keep-derivations = true; 25 - keep-outputs = true; 26 - warn-dirty = false; 27 - 28 - sandbox = true; 29 - max-jobs = "auto"; 30 - keep-going = true; 31 - log-lines = 20; 32 - extra-experimental-features = [ 33 - "flakes" 34 - "nix-command" 35 - ]; 36 - }; 37 - }; 38 - 39 - environment.etc."nix/inputs/nixpkgs".source = "${inputs.nixpkgs}"; 40 - 41 - nixpkgs = { 42 - config = { 43 - allowUnfree = true; 44 - input-fonts.acceptLicense = true; 45 - }; 46 - overlays = [ 47 - inputs.self.overlays.default 48 - inputs.niri.overlays.niri 49 - inputs.ghostty.overlays.default 50 - inputs.knixpkgs.overlays.default 51 - ]; 52 - }; 53 - 54 - programs.nh = { 55 - enable = true; 56 - flake = "/home/${config.my.username}/dotfiles"; 57 - }; 58 - }; 59 - }
-9
modules/nixos/server-common.nix
··· 1 - _: { 2 - services = { 3 - tailscale = { 4 - enable = true; 5 - useRoutingFeatures = "server"; 6 - }; 7 - openssh.enable = true; 8 - }; 9 - }
-4
modules/nixos/server.nix
··· 1 - { lib, ... }: 2 - { 3 - options.server = lib.mkEnableOption "enable server mode"; 4 - }
modules/nixos/services/acme-nginx.nix modules/services/acme-nginx.nix
modules/nixos/services/multi-scrobbler.nix modules/services/multi-scrobbler.nix
modules/nixos/services/pds.nix modules/services/pds.nix
+9 -1
modules/server/default.nix
··· 1 - { imports = [ ../nixos/server-common.nix ]; } 1 + _: { 2 + services = { 3 + tailscale = { 4 + enable = true; 5 + useRoutingFeatures = "server"; 6 + }; 7 + openssh.enable = true; 8 + }; 9 + }
+34
modules/wsl/default.nix
··· 2 2 inputs, 3 3 self, 4 4 config, 5 + lib, 6 + pkgs, 5 7 ... 6 8 }: 9 + let 10 + inherit (lib) mkForce; 11 + in 7 12 { 8 13 imports = [ 9 14 self.nixosModules.dev 10 15 inputs.nixos-wsl.nixosModules.default 11 16 ../locale.nix 12 17 ../home 18 + ../nix.nix 19 + ../cachix.nix 13 20 ]; 14 21 15 22 dev.enable = true; 23 + 24 + services = { 25 + tailscale = { 26 + enable = true; 27 + useRoutingFeatures = "client"; 28 + }; 29 + smartd.enable = mkForce false; 30 + xserver.enable = mkForce false; 31 + resolved.enable = mkForce false; 32 + }; 33 + 34 + wsl = { 35 + enable = true; 36 + defaultUser = config.my.username; 37 + }; 38 + 39 + environment = { 40 + variables.BROWSER = mkForce "wsl-open"; 41 + systemPackages = [ pkgs.wsl-open ]; 42 + }; 43 + 44 + networking.tcpcrypt.enable = mkForce false; 45 + 46 + security = { 47 + apparmor.enable = mkForce false; 48 + sudo.wheelNeedsPassword = false; 49 + }; 16 50 17 51 home-manager.users.${config.my.username}.imports = [ self.homeModules.dev ]; 18 52 }
+1 -4
systems/default.nix
··· 4 4 5 5 config.easy-hosts = { 6 6 shared = { 7 - modules = [ 8 - ../modules/core.nix 9 - ../modules/nixos 10 - ]; 7 + modules = [ ../modules/core.nix ]; 11 8 12 9 specialArgs = { inherit inputs self; }; 13 10 };
-22
systems/ozen/default.nix
··· 9 9 in 10 10 { 11 11 my.username = "nixos"; 12 - 13 - wsl.enable = true; 14 - wsl.defaultUser = config.my.username; 15 12 system.stateVersion = "25.11"; 16 - 17 - virtualisation.docker.enable = true; 18 - 19 13 programs.ssh.startAgent = true; 20 - 21 - services = { 22 - smartd.enable = mkForce false; 23 - xserver.enable = mkForce false; 24 - }; 25 - 26 - networking.tcpcrypt.enable = mkForce false; 27 - 28 - # resolv.conf is managed by wsl 29 - services.resolved.enable = mkForce false; 30 - security.apparmor.enable = mkForce false; 31 - 32 - environment = { 33 - variables.BROWSER = mkForce "wsl-open"; 34 - systemPackages = [ pkgs.wsl-open ]; 35 - }; 36 14 37 15 nixpkgs.hostPlatform = "x86_64-linux"; 38 16 }
+1 -1
systems/reg/pds.nix
··· 2 2 { 3 3 imports = [ 4 4 self.nixosModules.pds-backup 5 - ../../modules/nixos/services/acme-nginx.nix 5 + ../../modules/services/acme-nginx.nix 6 6 ]; 7 7 8 8 sops = {