Merge networking.nix and cleanup

2025-12-24 16:56:09 +01:00 · 2025-12-24 16:56:09 +01:00 · abd055702b
commit abd055702b
parent 7c553dbf9a
5 changed files with 97 additions and 91 deletions
--- a/machines/persephone.nix
+++ b/machines/persephone.nix
@ -2,14 +2,11 @@
  config,
  lib,
  pkgs,
  modulesPath,
  ...
 }:
 {
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
    ./persephone/networking.nix
    ../profiles/minimal.linux.nix
    ../profiles/desktop.linux.nix
  ];
@ -122,6 +119,8 @@
    lm_sensors
  ];
  networking.wireless.iwd.enable = true;
  nix.settings = {
    substituters = [ "https://cache.nixos-cuda.org" ];
    trusted-public-keys = [ "cache.nixos-cuda.org:74DUi4Ye579gUqzH4ziL9IyiJBlDpMRn9MBN8oNan9M=" ];
--- a/machines/persephone/networking.nix
+++ b/machines/persephone/networking.nix
@ -1,51 +0,0 @@
 { lib, ... }:
 {
  networking.hostName = "persephone";
  networking.useDHCP = lib.mkDefault true;
  networking.wireless.iwd = {
    enable = true;
    settings = {
      General = {
        EnableNetworkConfiguration = false; # Let dhcpcd handle this
      };
      Network = {
        EnableIPv6 = true;
        NameResolvingService = "systemd";
      };
    };
  };
  networking.dhcpcd = {
    enable = true;
    extraConfig = ''
      nohook resolv.conf  # Don't let dhcpcd manage resolv.conf
    '';
  };
  networking.resolvconf.enable = false;
  services.avahi.enable = true;
  services.resolved = {
    enable = true;
    dnssec = "true";
    domains = [ "~." ];
    fallbackDns = [
      "9.9.9.9#dns.quad9.net"
      "149.112.112.112#dns.quad9.net"
      "2620:fe::fe#dns.quad9.net"
      "2620:fe::9#dns.quad9.net"
    ];
    extraConfig = ''
      DNSOverTLS=yes
    '';
  };
  services.openssh.enable = true;
 }
--- a/profiles/desktop.linux.nix
+++ b/profiles/desktop.linux.nix
@ -6,7 +6,9 @@
 }:
 let
  inherit (lib) mkForce mkIf;
-
+in
 {
  environment = {
    sessionVariables = {
      NIXOS_OZONE_WL = "1";
    };
@ -19,10 +21,16 @@ let
      sbctl
      vdpauinfo
    ];
-in
+  };
-{
+
-  environment = {
+  environment.etc = mkIf config.programs._1password-gui.enable {
-    inherit sessionVariables systemPackages;
+    "1password/custom_allowed_browsers" = {
      text = ''
        firefox
        brave
      '';
      mode = "0755";
    };
  };
  fonts.fontconfig = {
@ -59,24 +67,34 @@ in
    };
  };
-  programs.dconf.enable = config.programs.niri.enable;
+  networking.wireless.iwd = {
-  security.polkit.enable = config.programs.niri.enable;
+    enable = true;
    settings = {
      General = {
        EnableNetworkConfiguration = false; # Let dhcpcd handle this
      };
      Network = {
        EnableIPv6 = true;
        NameResolvingService = "systemd";
      };
    };
  };
  networking.dhcpcd = {
    enable = true;
    extraConfig = ''
      nohook resolv.conf  # Don't let dhcpcd manage resolv.conf
    '';
  };
  networking.resolvconf.enable = !config.services.resolved.enable;
  programs._1password-gui = mkIf config.programs._1password.enable {
    enable = true;
    polkitPolicyOwners = [ "pml" ];
  };
-  environment.etc = mkIf config.programs._1password-gui.enable {
+  programs.dconf.enable = config.programs.niri.enable;
    "1password/custom_allowed_browsers" = {
      text = ''
        firefox
        brave
      '';
      mode = "0755";
    };
  };
  programs.niri.enable = true;
  programs.regreet = {
@ -93,6 +111,7 @@ in
  programs.zsh.enable = true;
  security.polkit.enable = config.programs.niri.enable;
  security.rtkit.enable = config.services.pipewire.enable;
  services.pipewire = mkIf config.services.pipewire.enable {
@ -102,8 +121,24 @@ in
    jack.enable = true;
  };
  services.resolved = {
    enable = true;
    dnssec = "true";
    domains = [ "~." ];
    fallbackDns = [
      "9.9.9.9#dns.quad9.net"
      "149.112.112.112#dns.quad9.net"
      "2620:fe::fe#dns.quad9.net"
      "2620:fe::9#dns.quad9.net"
    ];
    extraConfig = ''
      DNSOverTLS=yes
    '';
  };
  system.activationScripts.openrgbOff =
-    mkIf (config.services.hardware.openrgb.startupProfile == "off") ''
+    mkIf (config.services.hardware.openrgb.startupProfile == "off")
      ''
        mkdir -p /var/lib/OpenRGB
        cp ${../config/openrgb/off.orp} /var/lib/OpenRGB/off.orp
        chmod 0644 /var/lib/OpenRGB/off.orp
--- a/profiles/minimal.linux.nix
+++ b/profiles/minimal.linux.nix
@ -1,4 +1,10 @@
-{ config, lib, pkgs, ... }:
+{
  config,
  lib,
  pkgs,
  modulesPath,
  ...
 }:
 let
  bootUUID = config.machine.fs.bootUUID;
  efiUUID = config.machine.fs.efiUUID;
@ -6,11 +12,15 @@ let
  cryptrootUUID = config.machine.fs.cryptrootUUID;
 in
 {
-  imports = [ ./minimal.nix ];
+  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
    ./minimal.nix
  ];
  boot.bootspec.enable = true;
  boot.initrd = {
    kernelModules = [ ];
    luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luuksUUID}";
    systemd.enable = true;
  };
@ -43,8 +53,6 @@ in
    ];
  };
  boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luuksUUID}";
  environment.sessionVariables = {
    EDITOR = "${pkgs.vim}/bin/vim";
    PAGER = "${pkgs.less}/bin/less";
@ -104,6 +112,9 @@ in
    options = [ "subvol=@var_lib_portables" ];
  };
  services.avahi.enable = true;
  services.openssh.enable = true;
  swapDevices = [ ];
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
--- a/profiles/minimal.nix
+++ b/profiles/minimal.nix
@ -1,5 +1,12 @@
-{ pkgs, ... }:
+{
-
+  config,
  lib,
  pkgs,
  ...
 }:
 let
  inherit (lib) mkDefault;
 in
 {
  environment.systemPackages = with pkgs; [
    curl
@ -8,6 +15,11 @@
    wget
  ];
  networking = {
    hostName = "${config.machine.hostName}";
    useDHCP = mkDefault true;
  };
  nix.package = pkgs.lixPackageSets.stable.lix;
  nix.settings = {