diff --git a/flake.nix b/flake.nix index d0c2a32..9addcce 100644 --- a/flake.nix +++ b/flake.nix @@ -19,6 +19,8 @@ hasSuffix mkAliasOptionModule strings + mkOption + types ; systemFn = @@ -44,7 +46,6 @@ mkSystem = system: { - profile ? "minimal", machine ? { }, modules ? [ ], specialArgs ? { }, @@ -60,117 +61,69 @@ home-manager.darwinModules.home-manager else if hasSuffix "linux" system then [ - home-manager.nixosModules.home-manager lanzaboote.nixosModules.lanzaboote ] else throw "System: ${system} not supported." ) - ./modules/machine.nix - ./profiles/${strings.concatStrings (lib.drop 1 (strings.splitString "-" system))}/${profile}.nix - ./machines/${machine.hostName}/system.nix - { - imports = [ - (mkAliasOptionModule - [ "hm" ] - [ - "home-manager" - "users" - "${machine.mainUser}" - ] - ) - ]; + { nixpkgs.hostPlatform = "${system}"; } - config = { - machine = machine; - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - } - // lib.optionalAttrs (lib.hasSuffix "linux" system) { - hm.home.homeDirectory = "/home/${machine.mainUser}"; - } - // lib.optionalAttrs (lib.hasSuffix "darwin" system) { - users.users.${machine.mainUser}.home = "/Users/pml"; - nixpkgs.config.allowUnfreePredicate = - pkg: - builtins.elem (lib.getName pkg) [ - "obsidian" - ]; + { + options.machine = { + mainUser = mkOption { + type = types.str; + description = "The main user of the machine"; + }; + + hostName = mkOption { + type = types.str; + description = "The name of the machine"; + }; }; } + { config.machine = machine; } + + ./modules/common/environment.nix + ./modules/common/nix.nix + ./modules/common/nixpkgs.nix + ./modules/common/programs.nix + + ./machines/${machine.hostName}.nix ] ); }; }; - - mkDarwinSystem = - { - modules ? [ ], - machine, - specialArgs ? { }, - system ? { }, - home ? { }, - }: - inputs.nix-darwin.lib.darwinSystem { - specialArgs = specialArgs // { - inherit inputs; - }; - modules = [ - { system.configurationRevision = self.rev or self.dirtyRev or null; } - inputs.home-manager.darwinModules.home-manager - ./modules/machine.nix - ./machines/${machine.hostName}/system.nix - { config.machine = machine; } - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - environment.etc = { - "1password" = { - target = "1password/custom_allowed_browsers"; - enable = true; - text = '' - firefox - brave - ''; - # mode = "0755"; - }; - }; - } - ( - { config, ... }: - { - users.users.pml.home = "/Users/pml"; - hm.home.username = "pml"; - } - ) - ] - ++ modules; - }; in { nixosConfigurations."persephone" = systems.mkSystem "x86_64-linux" { - profile = "desktop"; machine = { hostName = "persephone"; mainUser = "pml"; - filesystem.uuid = { - boot = "cb03cf78-715e-4030-ba82-189ff8897eaf"; - esp = "4E4C-1139"; - luks = "0cf52ea1-16d1-4dec-a69a-bdac82bbcf25"; - cryptroot = "6fb9ce3c-c870-4eb7-8199-6536ff898701"; - }; }; - modules = [ ./home.nix ]; + modules = [ + ./modules/nixos/boot.nix + ./modules/nixos/environment.nix + ./modules/nixos/filesystems.nix + ./modules/nixos/fonts.nix + ./modules/nixos/hardware.nix + ./modules/nixos/networking.nix + ./modules/nixos/programs.nix + ./modules/nixos/security.nix + ./modules/nixos/services.nix + ./modules/nixos/system.nix + ]; }; darwinConfigurations."hermes" = systems.mkSystem "aarch64-darwin" { - profile = "desktop"; machine = { hostName = "hermes"; mainUser = "pml"; }; - modules = [ ./home.nix ]; + modules = [ + ./modules/darwin/homebrew.nix + ./modules/darwin/programs.nix + ]; }; devShells = forEachSupportedSystem ( diff --git a/home.nix b/home.nix deleted file mode 100644 index aec4995..0000000 --- a/home.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) mkIf; -in -{ - hm = { - programs.alacritty = { - enable = true; - }; - - programs.brave = { - enable = pkgs.stdenv.hostPlatform.isLinux; - }; - programs.direnv = { - enable = true; - enableZshIntegration = true; - }; - - programs.firefox.enable = true; - programs.fuzzel.enable = pkgs.stdenv.hostPlatform.isLinux; - - programs.git = { - enable = true; - settings = { - user = { - name = "monologiq"; - email = "git@pmlogue.me"; - }; - }; - }; - - programs.mpv.enable = true; - - programs.obsidian = { - enable = true; - - defaultSettings = { - appearance = { - theme = "native"; - }; - }; - - vaults."Notes" = { - enable = true; - target = "Documents/Notes"; - }; - }; - programs.rtorrent.enable = true; - - programs.vscode = { - enable = true; - package = pkgs.vscodium; - profiles.default.extensions = with pkgs.vscode-extensions; [ - jnoortheen.nix-ide - mkhl.direnv - yzhang.markdown-all-in-one - ]; - }; - - programs.zsh = { - enable = config.programs.zsh.enable; - enableCompletion = true; - }; - - home.stateVersion = "25.11"; - }; -} diff --git a/lib/default.nix b/lib/default.nix index 5168942..0df675e 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -8,7 +8,7 @@ }: let inherit (nixpkgs.lib) genAttrs; - + forEachSupportedSystem = f: genAttrs supportedSystems ( diff --git a/machines/hermes/system.nix b/machines/hermes.nix similarity index 100% rename from machines/hermes/system.nix rename to machines/hermes.nix diff --git a/machines/persephone/system.nix b/machines/persephone.nix similarity index 70% rename from machines/persephone/system.nix rename to machines/persephone.nix index 366ce52..c638620 100644 --- a/machines/persephone/system.nix +++ b/machines/persephone.nix @@ -4,7 +4,12 @@ pkgs, ... }: - +let + boot = "cb03cf78-715e-4030-ba82-189ff8897eaf"; + esp = "4E4C-1139"; + luks = "0cf52ea1-16d1-4dec-a69a-bdac82bbcf25"; + cryptroot = "6fb9ce3c-c870-4eb7-8199-6536ff898701"; +in { boot = { blacklistedKernelModules = [ @@ -19,14 +24,18 @@ kernelParams = [ "i915.enable_guc=3" ]; }; - boot.initrd.availableKernelModules = [ - "xhci_pci" - "thunderbolt" - "nvme" - "ahci" - "usbhid" - "sd_mod" - ]; + boot.initrd = { + availableKernelModules = [ + "xhci_pci" + "thunderbolt" + "nvme" + "ahci" + "usbhid" + "sd_mod" + ]; + luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luks}"; + + }; console = { keyMap = "us"; @@ -35,6 +44,18 @@ i18n.defaultLocale = "en_US.UTF-8"; + fileSystems."/".device = "/dev/disk/by-uuid/${cryptroot}"; + fileSystems."/boot".device = "/dev/disk/by-uuid/${boot}"; + fileSystems."/efi".device = "/dev/disk/by-uuid/${esp}"; + fileSystems."/home".device = "/dev/disk/by-uuid/${cryptroot}"; + fileSystems."/nix".device = "/dev/disk/by-uuid/${cryptroot}"; + fileSystems."/var/cache".device = "/dev/disk/by-uuid/${cryptroot}"; + fileSystems."/var/lib/machines".device = "/dev/disk/by-uuid/${cryptroot}"; + fileSystems."/var/lib/portables".device = "/dev/disk/by-uuid/${cryptroot}"; + fileSystems."/var/log".device = "/dev/disk/by-uuid/${cryptroot}"; + fileSystems."/var/spool".device = "/dev/disk/by-uuid/${cryptroot}"; + fileSystems."/var/tmp".device = "/dev/disk/by-uuid/${cryptroot}"; + hardware.enableRedistributableFirmware = true; hardware.bluetooth.enable = true; @@ -121,16 +142,6 @@ trusted-public-keys = [ "cache.nixos-cuda.org:74DUi4Ye579gUqzH4ziL9IyiJBlDpMRn9MBN8oNan9M=" ]; }; - nixpkgs.config.allowUnfreePredicate = - pkg: - builtins.elem (lib.getName pkg) [ - "1password" - "1password-cli" - "nvidia-x11" - "nvidia-settings" - "obsidian" - ]; - programs._1password.enable = true; services.hardware.openrgb = { @@ -155,16 +166,6 @@ "i2c" "wheel" ]; - packages = with pkgs; [ - (vscode-with-extensions.override { - vscode = vscodium; - vscodeExtensions = with vscode-extensions; [ - jnoortheen.nix-ide - mkhl.direnv - yzhang.markdown-all-in-one - ]; - }) - ]; }; # DO NOT EDIT diff --git a/modules/common/environment.nix b/modules/common/environment.nix new file mode 100644 index 0000000..5eaa263 --- /dev/null +++ b/modules/common/environment.nix @@ -0,0 +1,49 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) + getName + mkIf + mkMerge + optionalAttrs + ; + + cfg = config; +in +{ + config = mkMerge [ + { + environment.systemPackages = with pkgs; [ + chezmoi + direnv + git + curl + vim + wget + ]; + + users.users."${config.machine.mainUser}".packages = with pkgs; [ + (vscode-with-extensions.override { + vscode = vscodium; + vscodeExtensions = with vscode-extensions; [ + bbenoist.nix + jnoortheen.nix-ide + mkhl.direnv + ms-azuretools.vscode-docker + ms-python.python + ms-vscode-remote.remote-ssh + yzhang.markdown-all-in-one + ]; + }) + ]; + } + + (mkIf cfg.programs.zsh.enable { + environment.pathsToLink = [ "/share/zsh" ]; + }) + ]; +} diff --git a/modules/common/nix.nix b/modules/common/nix.nix new file mode 100644 index 0000000..2152dd9 --- /dev/null +++ b/modules/common/nix.nix @@ -0,0 +1,24 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) getName mkMerge; +in +{ + config = mkMerge [ + { + nix = { + package = pkgs.lixPackageSets.stable.lix; + settings = { + experimental-features = [ + "nix-command" + "flakes" + ]; + }; + }; + } + ]; +} diff --git a/modules/common/nixpkgs.nix b/modules/common/nixpkgs.nix new file mode 100644 index 0000000..b39820f --- /dev/null +++ b/modules/common/nixpkgs.nix @@ -0,0 +1,32 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) getName mkMerge optionalAttrs; +in +{ + config = mkMerge [ + { + nixpkgs.config.allowUnfreePredicate = + pkg: + builtins.elem (getName pkg) [ + "1password-cli" + "1password" + "nvidia-settings" + "nvidia-x11" + "obsidian" + "vscode-extension-ms-vscode-remote-remote-ssh" + ]; + + } + + (optionalAttrs (builtins.pathExists ../../overlays) { + nixpkgs.overlays = [ + (import ../../overlays) + ]; + }) + ]; +} diff --git a/modules/common/programs.nix b/modules/common/programs.nix new file mode 100644 index 0000000..84a3051 --- /dev/null +++ b/modules/common/programs.nix @@ -0,0 +1,16 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) getName mkMerge; +in +{ + config = mkMerge [ + { + programs.zsh.enable = true; + } + ]; +} diff --git a/modules/darwin/homebrew.nix b/modules/darwin/homebrew.nix new file mode 100644 index 0000000..8ef53c5 --- /dev/null +++ b/modules/darwin/homebrew.nix @@ -0,0 +1,23 @@ +{ lib, pkgs, ... }: +let + inherit (lib) getName mkMerge; +in +{ + config = mkMerge [ + { + homebrew = { + enable = true; + + casks = [ + "1password-cli" + "1password" + "adguard" + "alacritty" + "brave-browser" + "figma" + "firefox" + ]; + }; + } + ]; +} diff --git a/modules/darwin/programs.nix b/modules/darwin/programs.nix new file mode 100644 index 0000000..85dc430 --- /dev/null +++ b/modules/darwin/programs.nix @@ -0,0 +1,22 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) getName mkMerge; +in +{ + config = mkMerge [ + { + programs.zsh = { + shellInit = '' + if [ -e "/opt/homebrew/bin/brew" ]; then + eval "$(/opt/homebrew/bin/brew shellenv)" + fi + ''; + }; + } + ]; +} diff --git a/modules/nixos/boot.nix b/modules/nixos/boot.nix new file mode 100644 index 0000000..1c44dbe --- /dev/null +++ b/modules/nixos/boot.nix @@ -0,0 +1,40 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) mkMerge; + + boot = "cb03cf78-715e-4030-ba82-189ff8897eaf"; + esp = "4E4C-1139"; + luks = "0cf52ea1-16d1-4dec-a69a-bdac82bbcf25"; + cryptroot = "6fb9ce3c-c870-4eb7-8199-6536ff898701"; +in +{ + config = mkMerge [ + { + boot.bootspec.enable = true; + boot.initrd = { + kernelModules = [ ]; + systemd.enable = true; + }; + + boot.lanzaboote = { + enable = true; + pkiBundle = "/var/lib/sbctl"; + }; + + boot.loader.efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "efi"; + }; + + boot.loader.systemd-boot = { + enable = lib.mkForce false; + xbootldrMountPoint = "/boot"; + }; + } + ]; +} diff --git a/modules/nixos/environment.nix b/modules/nixos/environment.nix new file mode 100644 index 0000000..bf4c650 --- /dev/null +++ b/modules/nixos/environment.nix @@ -0,0 +1,54 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) mkIf mkMerge; +in +{ + config = mkMerge [ + { + environment.sessionVariables = { + EDITOR = "${pkgs.vim}/bin/vim"; + PAGER = "${pkgs.less}/bin/less"; + }; + + environment.systemPackages = with pkgs; [ + alacritty + brave + firefox + foliate + fuzzel + loupe + mpv + adwaita-icon-theme + ddcutil + gsettings-desktop-schemas + libva-utils + loupe + sbctl + vdpauinfo + ]; + } + + (mkIf config.programs.niri.enable { + environment.sessionVariables = { + NIXOS_OZONE_WL = "1"; + }; + }) + + (mkIf config.programs._1password.enable { + environment.etc = { + "1password/custom_allowed_browsers" = { + text = '' + firefox + brave + ''; + mode = "0755"; + }; + }; + }) + ]; +} diff --git a/modules/nixos/filesystems.nix b/modules/nixos/filesystems.nix new file mode 100644 index 0000000..8f7f5b8 --- /dev/null +++ b/modules/nixos/filesystems.nix @@ -0,0 +1,94 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) + mkMerge + mkOption + optionalAttrs + types + ; + + boot = "cb03cf78-715e-4030-ba82-189ff8897eaf"; + esp = "4E4C-1139"; + luks = "0cf52ea1-16d1-4dec-a69a-bdac82bbcf25"; + cryptroot = "6fb9ce3c-c870-4eb7-8199-6536ff898701"; +in +{ + config = mkMerge [ + { + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/${boot}"; + fsType = "ext4"; + }; + + fileSystems."/efi" = { + device = "/dev/disk/by-uuid/${esp}"; + fsType = "vfat"; + options = [ + "fmask=0137" + "dmask=0027" + ]; + }; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/${cryptroot}"; + fsType = "btrfs"; + options = [ "subvol=@root" ]; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-uuid/${cryptroot}"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/${cryptroot}"; + fsType = "btrfs"; + options = [ "subvol=@nix" ]; + }; + + fileSystems."/var/cache" = { + device = "/dev/disk/by-uuid/${cryptroot}"; + fsType = "btrfs"; + options = [ "subvol=@var_cache" ]; + }; + + fileSystems."/var/log" = { + device = "/dev/disk/by-uuid/${cryptroot}"; + fsType = "btrfs"; + options = [ "subvol=@var_log" ]; + }; + + fileSystems."/var/spool" = { + device = "/dev/disk/by-uuid/${cryptroot}"; + fsType = "btrfs"; + options = [ "subvol=@var_spool" ]; + }; + + fileSystems."/var/tmp" = { + device = "/dev/disk/by-uuid/${cryptroot}"; + fsType = "btrfs"; + options = [ "subvol=@var_tmp" ]; + }; + + fileSystems."/var/lib/machines" = { + device = "/dev/disk/by-uuid/${cryptroot}"; + fsType = "btrfs"; + options = [ "subvol=@var_lib_machines" ]; + }; + + fileSystems."/var/lib/portables" = { + device = "/dev/disk/by-uuid/${cryptroot}"; + fsType = "btrfs"; + options = [ "subvol=@var_lib_portables" ]; + }; + + swapDevices = [ ]; + } + ]; +} diff --git a/modules/nixos/fonts.nix b/modules/nixos/fonts.nix new file mode 100644 index 0000000..7ec8c60 --- /dev/null +++ b/modules/nixos/fonts.nix @@ -0,0 +1,37 @@ +{ lib, pkgs, ... }: +let + inherit (lib) mkMerge; +in +{ + config = mkMerge [ + { + fonts.fontconfig = { + enable = true; + antialias = true; + hinting = { + enable = true; + style = "slight"; + }; + subpixel = { + rgba = "rgb"; + lcdfilter = "default"; + }; + defaultFonts = { + serif = [ + "SF Pro" + "DejaVu Serif" + ]; + sansSerif = [ + "SF Pro" + "DejaVu Sans" + ]; + monospace = [ + "Iosevka Cavalier" + "DejaVu Sans Mono" + ]; + emoji = [ "Noto Color Emoji" ]; + }; + }; + } + ]; +} diff --git a/modules/nixos/hardware.nix b/modules/nixos/hardware.nix new file mode 100644 index 0000000..26bdb57 --- /dev/null +++ b/modules/nixos/hardware.nix @@ -0,0 +1,27 @@ +{ + config, + lib, + modulesPath, + pkgs, + ... +}: +let + inherit (lib) mkDefault mkMerge; +in +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + config = mkMerge [ + { + hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware; + + hardware.bluetooth = { + settings = { + General.Experimental = true; + }; + }; + } + ]; +} diff --git a/modules/nixos/networking.nix b/modules/nixos/networking.nix new file mode 100644 index 0000000..049d464 --- /dev/null +++ b/modules/nixos/networking.nix @@ -0,0 +1,37 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) mkDefault mkMerge optionalString; +in +{ + config = mkMerge [ + { + networking.dhcpcd = { + enable = config.networking.wireless.iwd.enable; + extraConfig = '' + ${optionalString config.services.resolved.enable "nohook resolv.conf"} + ''; + }; + + networking.hostName = "${config.machine.hostName}"; + networking.resolvconf.enable = !config.services.resolved.enable; + + networking.useDHCP = mkDefault true; + networking.wireless.iwd = { + settings = { + General = { + EnableNetworkConfiguration = !config.services.resolved.enable; + }; + Network = { + EnableIPv6 = true; + NameResolvingService = "systemd"; + }; + }; + }; + } + ]; +} diff --git a/modules/nixos/programs.nix b/modules/nixos/programs.nix new file mode 100644 index 0000000..df971c2 --- /dev/null +++ b/modules/nixos/programs.nix @@ -0,0 +1,47 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) + mkForce + mkIf + mkMerge + optionalAttrs + ; +in +{ + config = mkMerge [ + { + programs.dconf.enable = config.programs.niri.enable; + + programs.firefox = { + enable = true; + nativeMessagingHosts.packages = with pkgs; [ vdhcoapp ]; + }; + + programs.niri.enable = true; + + programs.regreet = { + enable = config.programs.niri.enable; + font.name = "SF Pro"; + font.size = 16; + font.package = pkgs.apple-fonts.sf-pro; + settings = { + GTK = { + font_name = mkForce "SF Pro 16"; + }; + }; + }; + } + + (mkIf config.programs._1password.enable { + programs._1password-gui = { + enable = true; + polkitPolicyOwners = [ "pml" ]; + }; + }) + ]; +} diff --git a/modules/nixos/security.nix b/modules/nixos/security.nix new file mode 100644 index 0000000..ccb7b55 --- /dev/null +++ b/modules/nixos/security.nix @@ -0,0 +1,17 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) mkMerge; +in +{ + config = mkMerge [ + { + security.polkit.enable = config.programs.niri.enable; + security.rtkit.enable = config.services.pipewire.enable; + } + ]; +} diff --git a/modules/nixos/services.nix b/modules/nixos/services.nix new file mode 100644 index 0000000..4a984f8 --- /dev/null +++ b/modules/nixos/services.nix @@ -0,0 +1,39 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) mkMerge optionalAttrs; +in +{ + config = mkMerge [ + { + services.avahi.enable = true; + services.openssh.enable = true; + + services.pipewire = { + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; + + services.resolved = { + enable = true; + dnssec = "true"; + domains = [ "~." ]; + fallbackDns = [ + "9.9.9.9#dns.quad9.net" + "149.112.112.112#dns.quad9.net" + "2620:fe::fe#dns.quad9.net" + "2620:fe::9#dns.quad9.net" + ]; + extraConfig = '' + DNSOverTLS=yes + ''; + }; + } + ]; +} diff --git a/modules/nixos/system.nix b/modules/nixos/system.nix new file mode 100644 index 0000000..be90d4a --- /dev/null +++ b/modules/nixos/system.nix @@ -0,0 +1,20 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) mkIf mkMerge; +in +{ + config = mkMerge [ + (mkIf config.services.hardware.openrgb.enable { + system.activationScripts.openrgbOff = '' + mkdir -p /var/lib/OpenRGB + cp ${../../config/openrgb/off.orp} /var/lib/OpenRGB/off.orp + chmod 0644 /var/lib/OpenRGB/off.orp + ''; + }) + ]; +} diff --git a/profiles/darwin/desktop.nix b/profiles/darwin/desktop.nix deleted file mode 100644 index 49fe369..0000000 --- a/profiles/darwin/desktop.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ ... }: - -{ - imports = [ - ../minimal.nix - ]; - - homebrew = { - enable = true; - - casks = [ - "1password" - "1password-cli" - "adguard" - "brave-browser" - ]; - }; - - programs.zsh = { - enable = true; - enableGlobalCompInit = false; - shellInit = '' - if [ -e "/opt/homebrew/bin/brew" ]; then - eval "$(/opt/homebrew/bin/brew shellenv)" - fi - ''; - }; -} diff --git a/profiles/linux/desktop.nix b/profiles/linux/desktop.nix deleted file mode 100644 index 33e9aed..0000000 --- a/profiles/linux/desktop.nix +++ /dev/null @@ -1,151 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) mkForce mkIf; -in -{ - imports = [ - ./minimal.nix - ]; - - environment = { - sessionVariables = { - NIXOS_OZONE_WL = "1"; - }; - - systemPackages = with pkgs; [ - adwaita-icon-theme - ddcutil - gsettings-desktop-schemas - libva-utils - loupe - sbctl - vdpauinfo - ]; - }; - - environment.etc = mkIf config.programs._1password-gui.enable { - "1password/custom_allowed_browsers" = { - text = '' - firefox - brave - ''; - mode = "0755"; - }; - }; - - fonts.fontconfig = { - enable = true; - antialias = true; - hinting = { - enable = true; - style = "slight"; - }; - subpixel = { - rgba = "rgb"; - lcdfilter = "default"; - }; - defaultFonts = { - serif = [ - "SF Pro" - "DejaVu Serif" - ]; - sansSerif = [ - "SF Pro" - "DejaVu Sans" - ]; - monospace = [ - "Iosevka Cavalier" - "DejaVu Sans Mono" - ]; - emoji = [ "Noto Color Emoji" ]; - }; - }; - - hardware.bluetooth = mkIf config.hardware.bluetooth.enable { - settings = { - General.Experimental = true; - }; - }; - - networking.wireless.iwd = { - enable = true; - settings = { - General = { - EnableNetworkConfiguration = false; # Let dhcpcd handle this - }; - Network = { - EnableIPv6 = true; - NameResolvingService = "systemd"; - }; - }; - }; - - networking.dhcpcd = { - enable = true; - extraConfig = '' - nohook resolv.conf # Don't let dhcpcd manage resolv.conf - ''; - }; - - networking.resolvconf.enable = !config.services.resolved.enable; - - programs._1password-gui = mkIf config.programs._1password.enable { - enable = true; - polkitPolicyOwners = [ "pml" ]; - }; - - programs.dconf.enable = config.programs.niri.enable; - programs.niri.enable = true; - - programs.regreet = { - enable = true; - font.name = "SF Pro"; - font.size = 16; - font.package = pkgs.apple-fonts.sf-pro; - settings = { - GTK = { - font_name = mkForce "SF Pro 16"; - }; - }; - }; - - programs.zsh.enable = true; - - security.polkit.enable = config.programs.niri.enable; - security.rtkit.enable = config.services.pipewire.enable; - - services.pipewire = mkIf config.services.pipewire.enable { - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - - services.resolved = { - enable = true; - dnssec = "true"; - domains = [ "~." ]; - fallbackDns = [ - "9.9.9.9#dns.quad9.net" - "149.112.112.112#dns.quad9.net" - "2620:fe::fe#dns.quad9.net" - "2620:fe::9#dns.quad9.net" - ]; - extraConfig = '' - DNSOverTLS=yes - ''; - }; - - system.activationScripts.openrgbOff = - mkIf (config.services.hardware.openrgb.startupProfile == "off") - '' - mkdir -p /var/lib/OpenRGB - cp ${../../config/openrgb/off.orp} /var/lib/OpenRGB/off.orp - chmod 0644 /var/lib/OpenRGB/off.orp - ''; -} diff --git a/profiles/linux/minimal.nix b/profiles/linux/minimal.nix deleted file mode 100644 index 08797cb..0000000 --- a/profiles/linux/minimal.nix +++ /dev/null @@ -1,129 +0,0 @@ -{ - config, - lib, - pkgs, - modulesPath, - ... -}: -let - inherit (lib) mkDefault; - - inherit (config.machine.filesystem.uuid) - boot - esp - luks - cryptroot - ; -in -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ../minimal.nix - ]; - - boot.bootspec.enable = true; - boot.initrd = { - kernelModules = [ ]; - luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luks}"; - systemd.enable = true; - }; - - boot.lanzaboote = { - enable = true; - pkiBundle = "/var/lib/sbctl"; - }; - - boot.loader.efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "efi"; - }; - - boot.loader.systemd-boot = { - enable = lib.mkForce false; - xbootldrMountPoint = "/boot"; - }; - - environment.sessionVariables = { - EDITOR = "${pkgs.vim}/bin/vim"; - PAGER = "${pkgs.less}/bin/less"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/${boot}"; - fsType = "ext4"; - }; - - fileSystems."/efi" = { - device = "/dev/disk/by-uuid/${esp}"; - fsType = "vfat"; - options = [ - "fmask=0137" - "dmask=0027" - ]; - }; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@root" ]; - }; - - fileSystems."/home" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; - - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@nix" ]; - }; - - fileSystems."/var/cache" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_cache" ]; - }; - - fileSystems."/var/log" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_log" ]; - }; - - fileSystems."/var/spool" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_spool" ]; - }; - - fileSystems."/var/tmp" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_tmp" ]; - }; - - fileSystems."/var/lib/machines" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_lib_machines" ]; - }; - - fileSystems."/var/lib/portables" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_lib_portables" ]; - }; - - networking.useDHCP = mkDefault true; - - services.avahi.enable = true; - services.openssh.enable = true; - - swapDevices = [ ]; - - hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware; - - nixpkgs.hostPlatform = mkDefault "x86_64-linux"; -} diff --git a/profiles/minimal.nix b/profiles/minimal.nix deleted file mode 100644 index 1622c48..0000000 --- a/profiles/minimal.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) mkDefault; -in -{ - environment.pathsToLink = [ "/share/zsh" ]; - - environment.systemPackages = with pkgs; [ - curl - git - vim - wget - ]; - - networking.hostName = "${config.machine.hostName}"; - - nix.package = pkgs.lixPackageSets.stable.lix; - - nix.settings = { - experimental-features = [ - "nix-command" - "flakes" - ]; - }; - - nixpkgs.overlays = [ - (import ../overlays) - ]; -}