diff --git a/README.md b/README.md index 9f2e2c9..a6e80b8 100644 --- a/README.md +++ b/README.md @@ -10,10 +10,4 @@ sudo nixos-install --root /mnt --flake .#hermes ```bash nix run nix-darwin/release-* -- switch --flake .#mercure -``` - -# TODO -1. Create a configuration path for the directory `config` -2. Create `mkSystem` that: - 1. Inject `options.machine` - 2. Auto-import the related configurations \ No newline at end of file +``` \ No newline at end of file diff --git a/flake.lock b/flake.lock index 68fbab4..8585b0e 100644 --- a/flake.lock +++ b/flake.lock @@ -53,27 +53,6 @@ "type": "github" } }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1766553861, - "narHash": "sha256-ZbnG01yA3O8Yr1vUm3+NQ2qk9iRhS5bloAnuXHHy7+c=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "0999ed8f965bbbd991437ad9c5ed3434cecbc30e", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-25.11", - "repo": "home-manager", - "type": "github" - } - }, "lanzaboote": { "inputs": { "crane": "crane", @@ -160,7 +139,6 @@ }, "root": { "inputs": { - "home-manager": "home-manager", "lanzaboote": "lanzaboote", "nix-darwin": "nix-darwin", "nixpkgs": "nixpkgs" diff --git a/flake.nix b/flake.nix index 9addcce..de6ddf8 100644 --- a/flake.nix +++ b/flake.nix @@ -1,129 +1,82 @@ { + inputs = { + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.11"; + + nix-darwin.url = "github:nix-darwin/nix-darwin?ref=nix-darwin-25.11"; + nix-darwin.inputs.nixpkgs.follows = "nixpkgs"; + + lanzaboote.url = "github:nix-community/lanzaboote?ref=master"; + lanzaboote.inputs.nixpkgs.follows = "nixpkgs"; + }; + outputs = { self, nixpkgs, ... }@inputs: let - lib = import ./lib { inherit nixpkgs; }; + supportedSystems = [ + "x86_64-linux" + "aarch64-darwin" + ]; - inherit (lib) forEachSupportedSystem pkgsFor; - - systems = - let - inherit (inputs) - home-manager - lanzaboote - nix-darwin - nixpkgs - ; - inherit (nixpkgs.lib) - flatten - hasSuffix - mkAliasOptionModule - strings - mkOption - types - ; - - systemFn = - system: - if hasSuffix "darwin" system then - nix-darwin.lib.darwinSystem - else if hasSuffix "linux" system then - nixpkgs.lib.nixosSystem - else - throw "System: ${system} not supported."; - - homeModule = - system: - if hasSuffix "darwin" system then - home-manager.darwinModules.home-manager - else if hasSuffix "linux" system then - home-manager.nixosModules.home-manager - else - throw "System: ${system} not supported."; - - in - { - mkSystem = - system: - { - machine ? { }, - modules ? [ ], - specialArgs ? { }, - }: - systemFn system { - inherit specialArgs; - - modules = flatten ( - modules - ++ [ - ( - if hasSuffix "darwin" system then - home-manager.darwinModules.home-manager - else if hasSuffix "linux" system then - [ - lanzaboote.nixosModules.lanzaboote - ] - else - throw "System: ${system} not supported." - ) - - { nixpkgs.hostPlatform = "${system}"; } - - { - options.machine = { - mainUser = mkOption { - type = types.str; - description = "The main user of the machine"; - }; - - hostName = mkOption { - type = types.str; - description = "The name of the machine"; - }; - }; - } - { config.machine = machine; } - - ./modules/common/environment.nix - ./modules/common/nix.nix - ./modules/common/nixpkgs.nix - ./modules/common/programs.nix - - ./machines/${machine.hostName}.nix - ] - ); - }; + lib = import ./lib { inherit (inputs.nixpkgs) lib; }; + pkgsFor = + system: + import inputs.nixpkgs { + inherit system; + config.allowUnfree = true; }; + + forEachSupportedSystem = + f: + inputs.nixpkgs.lib.genAttrs supportedSystems ( + system: + f { + inherit system; + pkgs = pkgsFor system; + } + ); in { - nixosConfigurations."persephone" = systems.mkSystem "x86_64-linux" { - machine = { - hostName = "persephone"; - mainUser = "pml"; - }; + nixosConfigurations."persephone" = nixpkgs.lib.nixosSystem { modules = [ - ./modules/nixos/boot.nix - ./modules/nixos/environment.nix - ./modules/nixos/filesystems.nix - ./modules/nixos/fonts.nix - ./modules/nixos/hardware.nix - ./modules/nixos/networking.nix - ./modules/nixos/programs.nix - ./modules/nixos/security.nix - ./modules/nixos/services.nix - ./modules/nixos/system.nix + inputs.lanzaboote.nixosModules.lanzaboote + ./machines/persephone.nix + ( + { lib, ... }: + { + options.machines = { + fs = { + bootUUID = lib.mkOption { + type = lib.types.str; + description = "The UUID of the XBOOTLDR partition."; + default = "9c2d7380-571d-4bc5-9ad2-e4888ce351be"; + }; + efiUUID = lib.mkOption { + type = lib.types.str; + description = "The UUID of the ESP."; + default = "71E7-7A63"; + }; + luuksUUID = lib.mkOption { + type = lib.types.str; + description = "The UUID of the encrypted root partition."; + default = "b0ace3a0-64f0-461e-a604-7f6788384d12"; + }; + cryptrootUUID = lib.mkOption { + type = lib.types.str; + description = "The UUID of the decrypted root partition."; + default = "769362f6-43d4-4b83-a12c-d006c9bd6613"; + }; + }; + }; + } + ) ]; }; - darwinConfigurations."hermes" = systems.mkSystem "aarch64-darwin" { - machine = { - hostName = "hermes"; - mainUser = "pml"; - }; + darwinConfigurations."hermes" = inputs.nix-darwin.lib.darwinSystem { modules = [ - ./modules/darwin/homebrew.nix - ./modules/darwin/programs.nix - ]; + { system.configurationRevision = self.rev or self.dirtyRev or null; } + ./machines/hermes.nix + ]; }; devShells = forEachSupportedSystem ( @@ -140,17 +93,4 @@ formatter = forEachSupportedSystem ({ pkgs, ... }: pkgs.nixfmt-rfc-style); }; - - inputs = { - nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.11"; - - nix-darwin.url = "github:nix-darwin/nix-darwin?ref=nix-darwin-25.11"; - nix-darwin.inputs.nixpkgs.follows = "nixpkgs"; - - home-manager.url = "github:nix-community/home-manager?ref=release-25.11"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; - - lanzaboote.url = "github:nix-community/lanzaboote?ref=master"; - lanzaboote.inputs.nixpkgs.follows = "nixpkgs"; - }; } diff --git a/lib/default.nix b/lib/default.nix index 0df675e..3350e55 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,33 +1,3 @@ -{ - nixpkgs, - supportedSystems ? [ - "x86_64-linux" - "aarch64-darwin" - ], - ... -}: -let - inherit (nixpkgs.lib) genAttrs; - - forEachSupportedSystem = - f: - genAttrs supportedSystems ( - system: - f { - inherit system; - pkgs = pkgsFor system; - } - ); - - pkgsFor = - system: - import nixpkgs { - inherit system; - config.allowUnfree = true; - }; - -in -nixpkgs.lib -// { - inherit forEachSupportedSystem pkgsFor; -} +{ lib, ... }: { + + } diff --git a/machines/hermes.nix b/machines/hermes.nix index 7a20466..7290392 100644 --- a/machines/hermes.nix +++ b/machines/hermes.nix @@ -1,6 +1,11 @@ { config, pkgs, ... }: { + imports = [ + ../profiles/minimal.nix + ../profiles/desktop.darwin.nix + ]; + environment.darwinConfig = "/Users/${config.system.primaryUser}/Development/systems"; system.primaryUser = "pml"; diff --git a/machines/hermes/default.nix b/machines/hermes/default.nix new file mode 100644 index 0000000..918d775 --- /dev/null +++ b/machines/hermes/default.nix @@ -0,0 +1,13 @@ +{ self, pkgs, ... }: + +{ + environment.systemPackages = [ + pkgs.vim + ]; + + nix.settings.experimental-features = "nix-command flakes"; + + system.stateVersion = 6; + + nixpkgs.hostPlatform = "aarch64-darwin"; +} diff --git a/machines/persephone.nix b/machines/persephone.nix index c638620..188f7a0 100644 --- a/machines/persephone.nix +++ b/machines/persephone.nix @@ -2,60 +2,41 @@ config, lib, pkgs, + modulesPath, ... }: -let - boot = "cb03cf78-715e-4030-ba82-189ff8897eaf"; - esp = "4E4C-1139"; - luks = "0cf52ea1-16d1-4dec-a69a-bdac82bbcf25"; - cryptroot = "6fb9ce3c-c870-4eb7-8199-6536ff898701"; -in + { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ./persephone/hardware.nix + ./persephone/networking.nix + ../profiles/minimal.linux.nix + ../profiles/desktop.linux.nix + ]; + boot = { - blacklistedKernelModules = [ - "spd5118" - ]; extraModulePackages = [ ]; - kernelModules = [ - "i2c-dev" - "kvm-intel" - ]; + kernelModules = [ "kvm-intel" ]; kernelPackages = pkgs.linuxPackages_6_17; kernelParams = [ "i915.enable_guc=3" ]; }; - - boot.initrd = { - availableKernelModules = [ - "xhci_pci" - "thunderbolt" - "nvme" - "ahci" - "usbhid" - "sd_mod" - ]; - luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luks}"; - - }; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "thunderbolt" + "nvme" + "ahci" + "usbhid" + "sd_mod" + ]; console = { keyMap = "us"; font = "${pkgs.terminus_font}/share/consolefonts/ter-v28b.psf.gz"; }; - + i18n.defaultLocale = "en_US.UTF-8"; - fileSystems."/".device = "/dev/disk/by-uuid/${cryptroot}"; - fileSystems."/boot".device = "/dev/disk/by-uuid/${boot}"; - fileSystems."/efi".device = "/dev/disk/by-uuid/${esp}"; - fileSystems."/home".device = "/dev/disk/by-uuid/${cryptroot}"; - fileSystems."/nix".device = "/dev/disk/by-uuid/${cryptroot}"; - fileSystems."/var/cache".device = "/dev/disk/by-uuid/${cryptroot}"; - fileSystems."/var/lib/machines".device = "/dev/disk/by-uuid/${cryptroot}"; - fileSystems."/var/lib/portables".device = "/dev/disk/by-uuid/${cryptroot}"; - fileSystems."/var/log".device = "/dev/disk/by-uuid/${cryptroot}"; - fileSystems."/var/spool".device = "/dev/disk/by-uuid/${cryptroot}"; - fileSystems."/var/tmp".device = "/dev/disk/by-uuid/${cryptroot}"; - hardware.enableRedistributableFirmware = true; hardware.bluetooth.enable = true; @@ -67,8 +48,6 @@ in ]; }; - hardware.i2c.enable = true; - hardware.nvidia = { package = config.boot.kernelPackages.nvidiaPackages.stable; open = true; @@ -130,27 +109,23 @@ in VDPAU_DRIVER = "va_gl"; }; - environment.systemPackages = with pkgs; [ - i2c-tools - lm_sensors - ]; - - networking.wireless.iwd.enable = true; - nix.settings = { substituters = [ "https://cache.nixos-cuda.org" ]; trusted-public-keys = [ "cache.nixos-cuda.org:74DUi4Ye579gUqzH4ziL9IyiJBlDpMRn9MBN8oNan9M=" ]; }; + nixpkgs.config.allowUnfreePredicate = + pkg: + builtins.elem (lib.getName pkg) [ + "1password" + "1password-cli" + "nvidia-x11" + "nvidia-settings" + ]; + programs._1password.enable = true; - services.hardware.openrgb = { - enable = true; - startupProfile = "off"; - }; - services.pipewire.enable = true; - services.udev.packages = [ pkgs.openrgb ]; services.xserver.videoDrivers = [ "modesetting" @@ -166,6 +141,16 @@ in "i2c" "wheel" ]; + packages = with pkgs; [ + (vscode-with-extensions.override { + vscode = vscodium; + vscodeExtensions = with vscode-extensions; [ + jnoortheen.nix-ide + mkhl.direnv + yzhang.markdown-all-in-one + ]; + }) + ]; }; # DO NOT EDIT diff --git a/machines/persephone/hardware.nix b/machines/persephone/hardware.nix new file mode 100644 index 0000000..31c60b0 --- /dev/null +++ b/machines/persephone/hardware.nix @@ -0,0 +1,34 @@ +{ pkgs, ... }: + +{ + # I2C + environment.systemPackages = with pkgs; [ + i2c-tools + lm_sensors + ]; + + boot.kernelModules = [ "i2c-dev" ]; + boot.blacklistedKernelModules = [ + # The spd5118 driver is in conflict with openrgb by holding onto I2C adresses when using Kingston Fury DRAM. + # On boot, I need to access those i2c regions in other to poweroff the RGB lighting. + # Then, I manually enable the kernel module in any script. + # It's possible to let this module disabled, but I lose the ability to get temperature values for the DIMMs. + # https://gitlab.com/CalcProgrammer1/OpenRGB/-/merge_requests/2557 + "spd5118" + ]; + + hardware.i2c.enable = true; + + # OpenRGB + services.udev.packages = [ pkgs.openrgb ]; + services.hardware.openrgb = { + enable = true; + startupProfile = "off"; + }; + + system.activationScripts.openrgbOff = '' + mkdir -p /var/lib/OpenRGB + cp ${./off.orp} /var/lib/OpenRGB/off.orp + chmod 0644 /var/lib/OpenRGB/off.orp + ''; +} diff --git a/machines/persephone/networking.nix b/machines/persephone/networking.nix new file mode 100644 index 0000000..263f66b --- /dev/null +++ b/machines/persephone/networking.nix @@ -0,0 +1,51 @@ +{ lib, ... }: + +{ + + networking.hostName = "persephone"; + + networking.useDHCP = lib.mkDefault true; + + networking.wireless.iwd = { + enable = true; + settings = { + General = { + EnableNetworkConfiguration = false; # Let dhcpcd handle this + }; + Network = { + EnableIPv6 = true; + NameResolvingService = "systemd"; + }; + }; + }; + + networking.dhcpcd = { + enable = true; + extraConfig = '' + nohook resolv.conf # Don't let dhcpcd manage resolv.conf + ''; + }; + + networking.resolvconf.enable = false; + + services.avahi.enable = true; + + services.resolved = { + enable = true; + + dnssec = "true"; + domains = [ "~." ]; + fallbackDns = [ + "9.9.9.9#dns.quad9.net" + "149.112.112.112#dns.quad9.net" + "2620:fe::fe#dns.quad9.net" + "2620:fe::9#dns.quad9.net" + ]; + + extraConfig = '' + DNSOverTLS=yes + ''; + }; + + services.openssh.enable = true; +} diff --git a/config/openrgb/off.orp b/machines/persephone/off.orp similarity index 100% rename from config/openrgb/off.orp rename to machines/persephone/off.orp diff --git a/machines/persephone/remove_systemd_service.patch b/machines/persephone/remove_systemd_service.patch new file mode 100644 index 0000000..bc9fbdf --- /dev/null +++ b/machines/persephone/remove_systemd_service.patch @@ -0,0 +1,17 @@ +diff --git a/OpenRGB.pro b/OpenRGB.pro +index df7082b6..0022e5fa 100644 +--- a/OpenRGB.pro ++++ b/OpenRGB.pro +@@ -588,9 +588,9 @@ contains(QMAKE_PLATFORM, linux) { + icon.files+=qt/org.openrgb.OpenRGB.png + metainfo.path=$$PREFIX/share/metainfo/ + metainfo.files+=qt/org.openrgb.OpenRGB.metainfo.xml +- systemd_service.path=/etc/systemd/system +- systemd_service.files+=qt/openrgb.service +- INSTALLS += target desktop icon metainfo udev_rules systemd_service ++ # systemd_service.path=/etc/systemd/system ++ # systemd_service.files+=qt/openrgb.service ++ INSTALLS += target desktop icon metainfo udev_rules # systemd_service + } + + #-----------------------------------------------------------------------------------------------# diff --git a/modules/common/environment.nix b/modules/common/environment.nix deleted file mode 100644 index 5eaa263..0000000 --- a/modules/common/environment.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) - getName - mkIf - mkMerge - optionalAttrs - ; - - cfg = config; -in -{ - config = mkMerge [ - { - environment.systemPackages = with pkgs; [ - chezmoi - direnv - git - curl - vim - wget - ]; - - users.users."${config.machine.mainUser}".packages = with pkgs; [ - (vscode-with-extensions.override { - vscode = vscodium; - vscodeExtensions = with vscode-extensions; [ - bbenoist.nix - jnoortheen.nix-ide - mkhl.direnv - ms-azuretools.vscode-docker - ms-python.python - ms-vscode-remote.remote-ssh - yzhang.markdown-all-in-one - ]; - }) - ]; - } - - (mkIf cfg.programs.zsh.enable { - environment.pathsToLink = [ "/share/zsh" ]; - }) - ]; -} diff --git a/modules/common/nix.nix b/modules/common/nix.nix deleted file mode 100644 index 2152dd9..0000000 --- a/modules/common/nix.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) getName mkMerge; -in -{ - config = mkMerge [ - { - nix = { - package = pkgs.lixPackageSets.stable.lix; - settings = { - experimental-features = [ - "nix-command" - "flakes" - ]; - }; - }; - } - ]; -} diff --git a/modules/common/nixpkgs.nix b/modules/common/nixpkgs.nix deleted file mode 100644 index b39820f..0000000 --- a/modules/common/nixpkgs.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) getName mkMerge optionalAttrs; -in -{ - config = mkMerge [ - { - nixpkgs.config.allowUnfreePredicate = - pkg: - builtins.elem (getName pkg) [ - "1password-cli" - "1password" - "nvidia-settings" - "nvidia-x11" - "obsidian" - "vscode-extension-ms-vscode-remote-remote-ssh" - ]; - - } - - (optionalAttrs (builtins.pathExists ../../overlays) { - nixpkgs.overlays = [ - (import ../../overlays) - ]; - }) - ]; -} diff --git a/modules/common/programs.nix b/modules/common/programs.nix deleted file mode 100644 index 84a3051..0000000 --- a/modules/common/programs.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) getName mkMerge; -in -{ - config = mkMerge [ - { - programs.zsh.enable = true; - } - ]; -} diff --git a/modules/darwin/homebrew.nix b/modules/darwin/homebrew.nix deleted file mode 100644 index 8ef53c5..0000000 --- a/modules/darwin/homebrew.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ lib, pkgs, ... }: -let - inherit (lib) getName mkMerge; -in -{ - config = mkMerge [ - { - homebrew = { - enable = true; - - casks = [ - "1password-cli" - "1password" - "adguard" - "alacritty" - "brave-browser" - "figma" - "firefox" - ]; - }; - } - ]; -} diff --git a/modules/darwin/programs.nix b/modules/darwin/programs.nix deleted file mode 100644 index 85dc430..0000000 --- a/modules/darwin/programs.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) getName mkMerge; -in -{ - config = mkMerge [ - { - programs.zsh = { - shellInit = '' - if [ -e "/opt/homebrew/bin/brew" ]; then - eval "$(/opt/homebrew/bin/brew shellenv)" - fi - ''; - }; - } - ]; -} diff --git a/modules/machine.nix b/modules/machine.nix deleted file mode 100644 index 12e9e32..0000000 --- a/modules/machine.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) - mkAliasOptionModule - mkOption - types - ; -in -{ - options.machine = { - mainUser = mkOption { - type = types.str; - description = "The main user of the machine"; - }; - - hostName = mkOption { - type = types.str; - description = "The name of the machine"; - }; - - filesystem.uuid = { - boot = mkOption { - type = types.nullOr types.str; - description = "The UUID of the XBOOTLDR partition."; - default = null; - }; - - esp = mkOption { - type = types.nullOr types.str; - description = "The UUID of the ESP."; - default = null; - }; - - luks = mkOption { - type = types.nullOr types.str; - description = "The UUID of the encrypted root partition."; - default = null; - }; - - cryptroot = mkOption { - type = types.nullOr types.str; - description = "The UUID of the decrypted root partition."; - default = null; - }; - }; - }; - - config = lib.mkIf pkgs.stdenv.hostPlatform.isLinux { - assertions = [ - { - assertion = config.machine.filesystem.uuid.boot != null; - message = "machine.filesystem.uuid.boot must be set on Linux systems"; - } - { - assertion = config.machine.filesystem.uuid.esp != null; - message = "machine.filesystem.uuid.esp must be set on Linux systems"; - } - { - assertion = config.machine.filesystem.uuid.luks != null; - message = "machine.filesystem.uuid.luks must be set on Linux systems"; - } - { - assertion = config.machine.filesystem.uuid.cryptroot != null; - message = "machine.filesystem.cryptroot.esp must be set on Linux systems"; - } - ]; - }; -} diff --git a/modules/nixos/boot.nix b/modules/nixos/boot.nix deleted file mode 100644 index 1c44dbe..0000000 --- a/modules/nixos/boot.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) mkMerge; - - boot = "cb03cf78-715e-4030-ba82-189ff8897eaf"; - esp = "4E4C-1139"; - luks = "0cf52ea1-16d1-4dec-a69a-bdac82bbcf25"; - cryptroot = "6fb9ce3c-c870-4eb7-8199-6536ff898701"; -in -{ - config = mkMerge [ - { - boot.bootspec.enable = true; - boot.initrd = { - kernelModules = [ ]; - systemd.enable = true; - }; - - boot.lanzaboote = { - enable = true; - pkiBundle = "/var/lib/sbctl"; - }; - - boot.loader.efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "efi"; - }; - - boot.loader.systemd-boot = { - enable = lib.mkForce false; - xbootldrMountPoint = "/boot"; - }; - } - ]; -} diff --git a/modules/nixos/environment.nix b/modules/nixos/environment.nix deleted file mode 100644 index bf4c650..0000000 --- a/modules/nixos/environment.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) mkIf mkMerge; -in -{ - config = mkMerge [ - { - environment.sessionVariables = { - EDITOR = "${pkgs.vim}/bin/vim"; - PAGER = "${pkgs.less}/bin/less"; - }; - - environment.systemPackages = with pkgs; [ - alacritty - brave - firefox - foliate - fuzzel - loupe - mpv - adwaita-icon-theme - ddcutil - gsettings-desktop-schemas - libva-utils - loupe - sbctl - vdpauinfo - ]; - } - - (mkIf config.programs.niri.enable { - environment.sessionVariables = { - NIXOS_OZONE_WL = "1"; - }; - }) - - (mkIf config.programs._1password.enable { - environment.etc = { - "1password/custom_allowed_browsers" = { - text = '' - firefox - brave - ''; - mode = "0755"; - }; - }; - }) - ]; -} diff --git a/modules/nixos/filesystems.nix b/modules/nixos/filesystems.nix deleted file mode 100644 index 8f7f5b8..0000000 --- a/modules/nixos/filesystems.nix +++ /dev/null @@ -1,94 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) - mkMerge - mkOption - optionalAttrs - types - ; - - boot = "cb03cf78-715e-4030-ba82-189ff8897eaf"; - esp = "4E4C-1139"; - luks = "0cf52ea1-16d1-4dec-a69a-bdac82bbcf25"; - cryptroot = "6fb9ce3c-c870-4eb7-8199-6536ff898701"; -in -{ - config = mkMerge [ - { - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/${boot}"; - fsType = "ext4"; - }; - - fileSystems."/efi" = { - device = "/dev/disk/by-uuid/${esp}"; - fsType = "vfat"; - options = [ - "fmask=0137" - "dmask=0027" - ]; - }; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@root" ]; - }; - - fileSystems."/home" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; - - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@nix" ]; - }; - - fileSystems."/var/cache" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_cache" ]; - }; - - fileSystems."/var/log" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_log" ]; - }; - - fileSystems."/var/spool" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_spool" ]; - }; - - fileSystems."/var/tmp" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_tmp" ]; - }; - - fileSystems."/var/lib/machines" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_lib_machines" ]; - }; - - fileSystems."/var/lib/portables" = { - device = "/dev/disk/by-uuid/${cryptroot}"; - fsType = "btrfs"; - options = [ "subvol=@var_lib_portables" ]; - }; - - swapDevices = [ ]; - } - ]; -} diff --git a/modules/nixos/fonts.nix b/modules/nixos/fonts.nix deleted file mode 100644 index 7ec8c60..0000000 --- a/modules/nixos/fonts.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ lib, pkgs, ... }: -let - inherit (lib) mkMerge; -in -{ - config = mkMerge [ - { - fonts.fontconfig = { - enable = true; - antialias = true; - hinting = { - enable = true; - style = "slight"; - }; - subpixel = { - rgba = "rgb"; - lcdfilter = "default"; - }; - defaultFonts = { - serif = [ - "SF Pro" - "DejaVu Serif" - ]; - sansSerif = [ - "SF Pro" - "DejaVu Sans" - ]; - monospace = [ - "Iosevka Cavalier" - "DejaVu Sans Mono" - ]; - emoji = [ "Noto Color Emoji" ]; - }; - }; - } - ]; -} diff --git a/modules/nixos/hardware.nix b/modules/nixos/hardware.nix deleted file mode 100644 index 26bdb57..0000000 --- a/modules/nixos/hardware.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ - config, - lib, - modulesPath, - pkgs, - ... -}: -let - inherit (lib) mkDefault mkMerge; -in -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - config = mkMerge [ - { - hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware; - - hardware.bluetooth = { - settings = { - General.Experimental = true; - }; - }; - } - ]; -} diff --git a/modules/nixos/networking.nix b/modules/nixos/networking.nix deleted file mode 100644 index 049d464..0000000 --- a/modules/nixos/networking.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) mkDefault mkMerge optionalString; -in -{ - config = mkMerge [ - { - networking.dhcpcd = { - enable = config.networking.wireless.iwd.enable; - extraConfig = '' - ${optionalString config.services.resolved.enable "nohook resolv.conf"} - ''; - }; - - networking.hostName = "${config.machine.hostName}"; - networking.resolvconf.enable = !config.services.resolved.enable; - - networking.useDHCP = mkDefault true; - networking.wireless.iwd = { - settings = { - General = { - EnableNetworkConfiguration = !config.services.resolved.enable; - }; - Network = { - EnableIPv6 = true; - NameResolvingService = "systemd"; - }; - }; - }; - } - ]; -} diff --git a/modules/nixos/programs.nix b/modules/nixos/programs.nix deleted file mode 100644 index df971c2..0000000 --- a/modules/nixos/programs.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) - mkForce - mkIf - mkMerge - optionalAttrs - ; -in -{ - config = mkMerge [ - { - programs.dconf.enable = config.programs.niri.enable; - - programs.firefox = { - enable = true; - nativeMessagingHosts.packages = with pkgs; [ vdhcoapp ]; - }; - - programs.niri.enable = true; - - programs.regreet = { - enable = config.programs.niri.enable; - font.name = "SF Pro"; - font.size = 16; - font.package = pkgs.apple-fonts.sf-pro; - settings = { - GTK = { - font_name = mkForce "SF Pro 16"; - }; - }; - }; - } - - (mkIf config.programs._1password.enable { - programs._1password-gui = { - enable = true; - polkitPolicyOwners = [ "pml" ]; - }; - }) - ]; -} diff --git a/modules/nixos/security.nix b/modules/nixos/security.nix deleted file mode 100644 index ccb7b55..0000000 --- a/modules/nixos/security.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) mkMerge; -in -{ - config = mkMerge [ - { - security.polkit.enable = config.programs.niri.enable; - security.rtkit.enable = config.services.pipewire.enable; - } - ]; -} diff --git a/modules/nixos/services.nix b/modules/nixos/services.nix deleted file mode 100644 index 4a984f8..0000000 --- a/modules/nixos/services.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) mkMerge optionalAttrs; -in -{ - config = mkMerge [ - { - services.avahi.enable = true; - services.openssh.enable = true; - - services.pipewire = { - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - - services.resolved = { - enable = true; - dnssec = "true"; - domains = [ "~." ]; - fallbackDns = [ - "9.9.9.9#dns.quad9.net" - "149.112.112.112#dns.quad9.net" - "2620:fe::fe#dns.quad9.net" - "2620:fe::9#dns.quad9.net" - ]; - extraConfig = '' - DNSOverTLS=yes - ''; - }; - } - ]; -} diff --git a/modules/nixos/system.nix b/modules/nixos/system.nix deleted file mode 100644 index be90d4a..0000000 --- a/modules/nixos/system.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - inherit (lib) mkIf mkMerge; -in -{ - config = mkMerge [ - (mkIf config.services.hardware.openrgb.enable { - system.activationScripts.openrgbOff = '' - mkdir -p /var/lib/OpenRGB - cp ${../../config/openrgb/off.orp} /var/lib/OpenRGB/off.orp - chmod 0644 /var/lib/OpenRGB/off.orp - ''; - }) - ]; -} diff --git a/profiles/desktop.darwin.nix b/profiles/desktop.darwin.nix new file mode 100644 index 0000000..1ea63d5 --- /dev/null +++ b/profiles/desktop.darwin.nix @@ -0,0 +1,5 @@ +{ ... }: + +{ + +} \ No newline at end of file diff --git a/profiles/desktop.linux.nix b/profiles/desktop.linux.nix new file mode 100644 index 0000000..50cabd3 --- /dev/null +++ b/profiles/desktop.linux.nix @@ -0,0 +1,104 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) mkForce mkIf; + + sessionVariables = { + NIXOS_OZONE_WL = "1"; + }; + + systemPackages = with pkgs; [ + adwaita-icon-theme + ddcutil + gsettings-desktop-schemas + libva-utils + sbctl + vdpauinfo + ]; +in +{ + environment = { + inherit sessionVariables systemPackages; + }; + + fonts.fontconfig = { + enable = true; + antialias = true; + hinting = { + enable = true; + style = "slight"; + }; + subpixel = { + rgba = "rgb"; + lcdfilter = "default"; + }; + defaultFonts = { + serif = [ + "SF Pro" + "DejaVu Serif" + ]; + sansSerif = [ + "SF Pro" + "DejaVu Sans" + ]; + monospace = [ + "Iosevka Cavalier" + "DejaVu Sans Mono" + ]; + emoji = [ "Noto Color Emoji" ]; + }; + }; + + hardware.bluetooth = mkIf config.hardware.bluetooth.enable { + settings = { + General.Experimental = true; + }; + }; + + programs.dconf.enable = config.programs.niri.enable; + security.polkit.enable = config.programs.niri.enable; + + programs._1password-gui = mkIf config.programs._1password.enable { + enable = true; + polkitPolicyOwners = [ "pml" ]; + }; + + environment.etc = mkIf config.programs._1password-gui.enable { + "1password/custom_allowed_browsers" = { + text = '' + firefox + brave + ''; + mode = "0755"; + }; + }; + + programs.niri.enable = true; + + programs.regreet = { + enable = true; + font.name = "SF Pro"; + font.size = 16; + font.package = pkgs.apple-fonts.sf-pro; + settings = { + GTK = { + font_name = mkForce "SF Pro 16"; + }; + }; + }; + + programs.zsh.enable = true; + + security.rtkit.enable = config.services.pipewire.enable; + + services.pipewire = mkIf config.services.pipewire.enable { + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; +} diff --git a/profiles/minimal.linux.nix b/profiles/minimal.linux.nix new file mode 100644 index 0000000..acf51eb --- /dev/null +++ b/profiles/minimal.linux.nix @@ -0,0 +1,107 @@ +{ config, lib, ... }: +let + bootUUID = config.machines.fs.bootUUID; + efiUUID = config.machines.fs.efiUUID; + luuksUUID = config.machines.fs.luuksUUID; + cryptrootUUID = config.machines.fs.cryptrootUUID; +in +{ + imports = [ ./minimal.nix ]; + + boot.bootspec.enable = true; + boot.initrd = { + kernelModules = [ ]; + systemd.enable = true; + }; + + boot.lanzaboote = { + enable = true; + pkiBundle = "/var/lib/sbctl"; + }; + + boot.loader.efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "efi"; + }; + + boot.loader.systemd-boot = { + enable = lib.mkForce false; + xbootldrMountPoint = "/boot"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/${bootUUID}"; + fsType = "ext4"; + }; + + fileSystems."/efi" = { + device = "/dev/disk/by-uuid/${efiUUID}"; + fsType = "vfat"; + options = [ + "fmask=0137" + "dmask=0027" + ]; + }; + + boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luuksUUID}"; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/${cryptrootUUID}"; + fsType = "btrfs"; + options = [ "subvol=@root" ]; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-uuid/${cryptrootUUID}"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/${cryptrootUUID}"; + fsType = "btrfs"; + options = [ "subvol=@nix" ]; + }; + + fileSystems."/var/cache" = { + device = "/dev/disk/by-uuid/${cryptrootUUID}"; + fsType = "btrfs"; + options = [ "subvol=@var_cache" ]; + }; + + fileSystems."/var/log" = { + device = "/dev/disk/by-uuid/${cryptrootUUID}"; + fsType = "btrfs"; + options = [ "subvol=@var_log" ]; + }; + + fileSystems."/var/spool" = { + device = "/dev/disk/by-uuid/${cryptrootUUID}"; + fsType = "btrfs"; + options = [ "subvol=@var_spool" ]; + }; + + fileSystems."/var/tmp" = { + device = "/dev/disk/by-uuid/${cryptrootUUID}"; + fsType = "btrfs"; + options = [ "subvol=@var_tmp" ]; + }; + + fileSystems."/var/lib/machines" = { + device = "/dev/disk/by-uuid/${cryptrootUUID}"; + fsType = "btrfs"; + options = [ "subvol=@var_lib_machines" ]; + }; + + fileSystems."/var/lib/portables" = { + device = "/dev/disk/by-uuid/${cryptrootUUID}"; + fsType = "btrfs"; + options = [ "subvol=@var_lib_portables" ]; + }; + + swapDevices = [ ]; + + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/profiles/minimal.nix b/profiles/minimal.nix new file mode 100644 index 0000000..0a68c4c --- /dev/null +++ b/profiles/minimal.nix @@ -0,0 +1,23 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ + curl + git + vim + wget + ]; + + nix.package = pkgs.lixPackageSets.stable.lix; + + nix.settings = { + experimental-features = [ + "nix-command" + "flakes" + ]; + }; + + nixpkgs.overlays = [ + (import ../overlays) + ]; +}