diff options
Diffstat (limited to 'modules/nixos/sils')
31 files changed, 0 insertions, 1047 deletions
diff --git a/modules/nixos/sils/apparmor.nix b/modules/nixos/sils/apparmor.nix deleted file mode 100644 index 69cec21..0000000 --- a/modules/nixos/sils/apparmor.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.apparmor; -in { - options.sils.apparmor.enable = lib.mkEnableOption "apparmor"; - config = lib.mkIf cfg.enable { - security.apparmor = { - enable = true; - }; - }; -} diff --git a/modules/nixos/sils/basesystem.nix b/modules/nixos/sils/basesystem.nix deleted file mode 100644 index 0e9f6de..0000000 --- a/modules/nixos/sils/basesystem.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ - config, - lib, - pkgs, - modulesPath, - ... -}: let - cfg = config.sils.basesystem; -in { - options.sils.basesystem.enable = lib.mkEnableOption "basesystem"; - - config = lib.mkIf cfg.enable { - networking.hostName = config.sils.meta.hostname; - - boot = { - initrd = { - systemd.enable = true; - availableKernelModules = ["xhci_pci" "nvme" "rtsx_pci_sdmmc"]; - kernelModules = []; - }; - kernelModules = ["kvm-intel"]; - extraModulePackages = []; - kernelPackages = pkgs.linuxPackages_latest; - }; - - system.stateVersion = "23.05"; - - i18n.defaultLocale = "en_US.UTF-8"; - - time.timeZone = "Europe/Berlin"; - - nixpkgs.hostPlatform = config.sils.meta.system; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware = { - cpu.intel.updateMicrocode = true; - enableRedistributableFirmware = true; - }; - - services.xserver.xkb = { - layout = "de"; - options = "grp:win_space_toggle"; - }; - console = { - font = "Lat2-Terminus16"; - keyMap = "de"; - }; - }; -} diff --git a/modules/nixos/sils/bluetooth.nix b/modules/nixos/sils/bluetooth.nix deleted file mode 100644 index 2d67717..0000000 --- a/modules/nixos/sils/bluetooth.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.bluetooth; -in { - options.sils.bluetooth.enable = lib.mkEnableOption "bluetooth"; - config = lib.mkIf cfg.enable { - hardware.bluetooth.enable = true; - }; -} diff --git a/modules/nixos/sils/bootloader.nix b/modules/nixos/sils/bootloader.nix deleted file mode 100644 index fc0e0f3..0000000 --- a/modules/nixos/sils/bootloader.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - config, - lib, - ... -}: let - btl = config.sils.bootloader; -in { - options.sils.bootloader = lib.mkOption { - type = lib.types.enum ["lanzaboote" "grub"]; - default = "lanzaboote"; - description = "Which bootloader to use."; - }; - config.boot = - if btl == "lanzaboote" - then { - lanzaboote = { - enable = true; - configurationLimit = 10; - pkiBundle = "/etc/secureboot"; - settings = { - editor = false; - }; - }; - } - else if btl == "grub" - then { - loader.grub.enable = true; - } - else {}; -} diff --git a/modules/nixos/sils/default.nix b/modules/nixos/sils/default.nix deleted file mode 100644 index db27868..0000000 --- a/modules/nixos/sils/default.nix +++ /dev/null @@ -1,33 +0,0 @@ -{...}: { - imports = [ - ./apparmor.nix - ./basesystem.nix - ./bluetooth.nix - ./bootloader.nix - ./disks.nix - ./docker.nix - ./environment.nix - ./firejail.nix - ./font.nix - ./fprintd.nix - ./gnome.nix - ./graphics.nix - ./hyprland.nix - ./impermanence.nix - ./meta.nix - ./networking.nix - ./nix.nix - ./pamconfig.nix - ./plasma.nix - ./plymouth.nix - ./printing.nix - ./roles.nix - ./sound.nix - ./steam.nix - ./sudo.nix - ./sway.nix - ./theming - ./tailscale.nix - ./tor.nix - ]; -} diff --git a/modules/nixos/sils/disks.nix b/modules/nixos/sils/disks.nix deleted file mode 100644 index bf0e2b0..0000000 --- a/modules/nixos/sils/disks.nix +++ /dev/null @@ -1,132 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.sils.disks; - defaultMountOptions = [ - "noatime" # should have some performance upsides, and I don't use it anyways - "lazytime" # make time changes in memory - ]; -in { - options.sils.disks = { - enable = lib.mkEnableOption "disk setup with disko"; - - disk = lib.mkOption { - type = lib.types.path; - example = lib.literalExpression "/dev/disk/by-uuid/0442cb6d-f13a-4635-b487-fa76189774c5"; - description = "The disk used for installing the OS."; - }; - - #swap = { - # uuid = lib.mkOption { - # type = lib.types.str; - # example = lib.literalExpression "d1d20ae7-3d8a-44da-86da-677dbbb10c89"; - # description = "The uuid of the swapfile"; - # }; - # resumeOffset = lib.mkOption { - # type = lib.types.str; - # example = lib.literalExpression "134324224"; - # description = "The resume offset of the swapfile"; - # }; - #}; - }; - - config = lib.mkIf cfg.enable { - disko.devices = { - disk = { - main = { - device = cfg.disk; - content = { - type = "gpt"; - partitions = { - root = { - size = "100%"; - name = "root"; - content = { - type = "luks"; - name = "cryptroot"; - extraOpenArgs = ["--allow-discards"]; - content = { - type = "btrfs"; - extraArgs = ["-f" "--label nixos"]; # Override existing partitions - subvolumes = { - "root" = { - mountpoint = "/"; - mountOptions = defaultMountOptions; - }; - "nix" = { - mountpoint = "/nix"; - mountOptions = defaultMountOptions; - }; - "persistent-storage" = { - mountpoint = "/srv"; - mountOptions = defaultMountOptions; - }; - "persistent-storage@snapshots" = { - mountpoint = "/srv/snapshots"; - mountOptions = defaultMountOptions; - }; - "swap" = { - mountpoint = "/swap"; - mountOptions = defaultMountOptions; - }; - "home" = { - mountpoint = "/home"; - mountOptions = defaultMountOptions; - }; - }; - }; - }; - }; - MBR = { - type = "EF02"; - size = "1M"; - priority = 1; - }; - boot = { - type = "EF00"; - size = "4096M"; - name = "boot"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = ["umask=0077"]; - }; - }; - }; - }; - }; - }; - nodev = { - "/tmp" = { - fsType = "tmpfs"; - mountOptions = ["defaults" "size=30G" "mode=755"]; - }; - }; - }; - fileSystems = { - "/srv" = { - neededForBoot = true; - }; - "/swap" = { - neededForBoot = true; - }; - }; - swapDevices = [ - #{ - # device = "/swap/swapfile"; - # priority = 1; # lower than zramSwap, just in case - # # size = 2048; # TODO: can nixos create a btrfs swapfile correctly? - #} - ]; - boot = { - kernelParams = [ - #"resume_offset=${cfg.swap.resumeOffset}" - ]; - #resumeDevice = "/dev/disk/by-uuid/${cfg.swap.uuid}"; - }; - }; -} diff --git a/modules/nixos/sils/docker.nix b/modules/nixos/sils/docker.nix deleted file mode 100644 index 131b857..0000000 --- a/modules/nixos/sils/docker.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.docker; -in { - options.sils.docker.enable = lib.mkEnableOption "docker"; - config = lib.mkIf cfg.enable { - virtualisation.docker = { - enable = true; - storageDriver = "btrfs"; - }; - users.users.jaki.extraGroups = ["docker"]; - environment.persistence."/srv".directories = [ - { - directory = "/var/lib/docker"; - user = "docker"; - group = "docker"; - mode = "0755"; - } - ]; - }; -} diff --git a/modules/nixos/sils/environment.nix b/modules/nixos/sils/environment.nix deleted file mode 100644 index 0ffa422..0000000 --- a/modules/nixos/sils/environment.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.environment; -in { - options.sils.environment.enable = lib.mkEnableOption "custom env vars"; - config = lib.mkIf cfg.enable { - environment = { - sessionVariables = { - XDG_CACHE_HOME = "\${HOME}/.cache"; - XDG_CONFIG_HOME = "\${HOME}/.config"; - XDG_BIN_HOME = "\${HOME}/.local/bin"; - XDG_DATA_HOME = "\${HOME}/.local/share"; - XDG_STATE_HOME = "\${HOME}/.local/state"; - ZDOTDIR = "\${HOME}/.config/zsh"; - CARGO_HOME = "\${HOME}/.local/share/cargo"; - ANDROID_HOME = "\${HOME}/.local/share/android"; - ANSIBLE_HOME = "\${HOME}/.local/share/ansible"; - #_JAVA_OPTIONS = '-Djava.util.prefs.userRoot="\${XDG_CONFIG_HOME}/java"'; - WINEPREFIX = "\${HOME}/.local/share/wine"; - GRADLE_USER_HOME = "\${HOME}/.local/share/gradle"; - GTK2_RC_FILES = "\${HOME}/.config/gtk-2.0/gtkrc"; - EDITOR = "nvim"; - GOPATH = "\${HOME}/.local/share/go"; - XCOMPOSECACHE = "\${HOME}/.cache/X11/xcompose"; - CDPATH = ".:\${HOME}:\${HOME}/repos/:\${HOME}/srv"; - NIXOS_OZONE_WL = "1"; # wayland for electron apps - - #PYTHONSTARTUP="/etc/python/pythonrc"; - - PATH = [ - "\${XDG_BIN_HOME}" - ]; - }; - etc.crypttab = { - enable = true; - text = '' - storage UUID=f4ba9aae-e34f-4a72-98ab-88787f7c1986 none tpm2-device=auto,noauto - ''; - }; - }; - }; -} diff --git a/modules/nixos/sils/firejail.nix b/modules/nixos/sils/firejail.nix deleted file mode 100644 index 5886918..0000000 --- a/modules/nixos/sils/firejail.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.sils.firejail; -in { - options.sils.firejail.enable = lib.mkEnableOption "firejail"; - config = lib.mkIf cfg.enable { - sils.apparmor.enable = true; - programs.firejail = { - enable = true; - wrappedBinaries = { - firefox = { - executable = "${lib.getExe pkgs.firefox}"; # config.home-manager.users.jaki.programs.firefox.package}"; - profile = "${pkgs.firejail}/etc/firejail/firefox.profile"; - }; - }; - }; - - home-manager.users.jaki.programs.firefox.package = null; - }; -} diff --git a/modules/nixos/sils/font.nix b/modules/nixos/sils/font.nix deleted file mode 100644 index e079c99..0000000 --- a/modules/nixos/sils/font.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.sils.font; -in { - options.sils.font.enable = lib.mkEnableOption "font config"; - config = lib.mkIf cfg.enable { - fonts = { - packages = with pkgs; [ - nerd-fonts.fira-code - nerd-fonts.droid-sans-mono - nerd-fonts.lilex - nerd-fonts.symbols-only - ]; - fontconfig = { - defaultFonts = { - serif = ["Lilex"]; - sansSerif = ["Droid Sans Mono"]; - monospace = ["FiraCode"]; - }; - }; - fontDir.enable = true; - }; - }; -} diff --git a/modules/nixos/sils/fprintd.nix b/modules/nixos/sils/fprintd.nix deleted file mode 100644 index dd5c1cc..0000000 --- a/modules/nixos/sils/fprintd.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.sils.fingerprint; -in { - options.sils.fingerprint.enable = lib.mkEnableOption "fingerprint auth"; - config = lib.mkIf cfg.enable { - services.fprintd = { - enable = true; - tod = { - enable = true; - driver = pkgs.libfprint-2-tod1-vfs0090; - }; - }; - }; -} diff --git a/modules/nixos/sils/gnome.nix b/modules/nixos/sils/gnome.nix deleted file mode 100644 index 7b798d9..0000000 --- a/modules/nixos/sils/gnome.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.gnome; -in { - options.sils.gnome.enable = lib.mkEnableOption "The Gnome DE"; - config = lib.mkIf cfg.enable { - services = { - xserver.enable = true; - displayManager.gdm.enable = true; - desktopManager.gnome.enable = true; - tlp.enable = lib.mkForce false; - greetd.enable = lib.mkForce false; - gnome.gnome-keyring.enable = lib.mkForce false; - }; - }; -} diff --git a/modules/nixos/sils/graphics.nix b/modules/nixos/sils/graphics.nix deleted file mode 100644 index 77f58d8..0000000 --- a/modules/nixos/sils/graphics.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - lib, - config, - ... -}: let - cfg = config.sils.graphics; -in { - options.sils.graphics.enable = lib.mkEnableOption "graphics"; - config = lib.mkIf cfg.enable { - hardware.graphics.enable = true; - }; -} diff --git a/modules/nixos/sils/hyprland.nix b/modules/nixos/sils/hyprland.nix deleted file mode 100644 index 73ba9c2..0000000 --- a/modules/nixos/sils/hyprland.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.hyprland; -in { - options.sils.hyprland.enable = lib.mkEnableOption "hyprland"; - config = lib.mkIf cfg.enable { - programs.hyprland = { - enable = true; - xwayland.enable = true; - }; - }; -} diff --git a/modules/nixos/sils/impermanence.nix b/modules/nixos/sils/impermanence.nix deleted file mode 100644 index cf67a91..0000000 --- a/modules/nixos/sils/impermanence.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.impermanence; -in { - options.sils.impermanence.enable = lib.mkEnableOption "impermanence to persist directories"; - config = lib.mkIf cfg.enable { - environment.persistence."/srv".directories = [ - { - directory = "/var/lib/bluetooth"; - user = "root"; - group = "root"; - mode = "0700"; - } - { - directory = "/root"; - user = "root"; - group = "root"; - mode = "0700"; - } - { - directory = "/var/lib/waydroid"; - user = "root"; - group = "root"; - mode = "0700"; - } - { - directory = "/var/lib/nixos"; - user = "root"; - group = "root"; - mode = "0755"; - } - { - directory = "/var/log"; - user = "root"; - group = "root"; - mode = "0755"; - } - ]; - }; -} diff --git a/modules/nixos/sils/meta.nix b/modules/nixos/sils/meta.nix deleted file mode 100644 index 57ef081..0000000 --- a/modules/nixos/sils/meta.nix +++ /dev/null @@ -1,31 +0,0 @@ -{lib, ...}: let - nullable = type: lib.types.nullOr type; -in { - options.sils.meta = { - bootPart = lib.mkOption { - type = nullable lib.types.str; - default = null; - }; - bootstrapSystem = lib.mkEnableOption; - globalDataDir = lib.mkOption { - type = nullable lib.types.str; - default = null; - }; - hostname = lib.mkOption { - type = nullable lib.types.str; - default = null; - }; - mainDisk = lib.mkOption { - type = nullable lib.types.str; - default = null; - }; - rootPart = lib.mkOption { - type = nullable lib.types.str; - default = null; - }; - system = lib.mkOption { - type = nullable lib.types.str; - default = null; - }; - }; -} diff --git a/modules/nixos/sils/networking.nix b/modules/nixos/sils/networking.nix deleted file mode 100644 index 9ec34ab..0000000 --- a/modules/nixos/sils/networking.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: let - cfg = config.sils.networking; -in { - options.sils.networking.enable = lib.mkEnableOption "networking"; - config = lib.mkIf cfg.enable { - services.resolved.enable = true; - networking = { - enableIPv6 = false; - useNetworkd = false; - #useDHCP = true; - networkmanager = { - enable = true; - plugins = with pkgs; [ - networkmanager-openvpn - ]; - }; - nftables.enable = true; - firewall = { - enable = true; - }; - #nameservers = ["2620:fe::fe" "2620:fe::9" "9.9.9.9" "149.112.112.112"]; - #wireless = { - # enable = false; # TODO: Reenable - # environmentFile = config.age.secrets.wireless.path; - # networks = { - # # Important: Never forget the second '@'! - # "@SSID_N0@".psk = "@PSK_N0@"; - # "@SSID_N1@".psk = "@PSK_N1@"; - # "@SSID_N2@" = { - # hidden = true; - # psk = "@PSK_N2@"; - # }; - # "@SSID_N3@".psk = "@PSK_N3@"; - # "@SSID_N4@" = { - # auth = '' - # proto=RSN - # key_mgmt=WPA-EAP - # pairwise=CCMP - # auth_alg=OPEN - # eap=PEAP - # identity="@IDENTITY_N4@" - # password="@PSK_N4@" - # ca_cert="${self}/files/DNSX-CA.pem" - # ''; - # }; - # "@SSID_N5@".psk = "@PSK_N5@"; - # "GPN-Open".auth = '' - # key_mgmt=OWE - # ''; - # }; - # userControlled = { - # enable = true; - # group = "wheel"; # TODO: Change this? - # }; - #}; - }; - }; -} diff --git a/modules/nixos/sils/nix.nix b/modules/nixos/sils/nix.nix deleted file mode 100644 index 9d73fcd..0000000 --- a/modules/nixos/sils/nix.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ - self, - config, - nixpkgs, - lib, - ... -}: let - cfg = config.sils.nix-config; -in { - options.sils.nix-config = { - enable = lib.mkEnableOption "nix config"; - remoteBuild = lib.mkEnableOption "remote builds"; - }; - config = { - nix = { - registry = { - nixpkgs.flake = self.inputs.nixpkgs; - n.flake = self.inputs.nixpkgs; - self.flake = self; - s.flake = self; - }; - channel.enable = false; - distributedBuilds = cfg.remoteBuild; - buildMachines = [ - { - hostName = "server1.vhack.eu"; - protocol = "ssh-ng"; - system = "x86_64-linux"; - supportedFeatures = ["big-parallel"]; - } - ]; - gc = { - automatic = true; - dates = "daily"; - options = "--delete-older-than 3"; - }; - settings = { - auto-optimise-store = true; - commit-lockfile-summary = "flake.lock: update"; - experimental-features = ["nix-command" "flakes"]; - substituters = [ - "https://cache.garnix.io" - "https://hyprland.cachix.org" - ]; - trusted-public-keys = [ - "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" - "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" - ]; - }; - }; - home-manager.users.root.home = { - #lib.mkIf cfg.remoteBuild { TODO Why does this fail? - username = "root"; - homeDirectory = "/root"; - stateVersion = "23.05"; - file.".ssh/config" = { - text = '' - Host server1.vhack.eu - IdentitiesOnly yes - IdentityFIle ${config.age.secrets.nixremote.path} - User nixremote - ''; - }; - }; - }; -} diff --git a/modules/nixos/sils/pamconfig.nix b/modules/nixos/sils/pamconfig.nix deleted file mode 100644 index 4e9f3eb..0000000 --- a/modules/nixos/sils/pamconfig.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.pamconfig; -in { - options.sils.pamconfig.enable = lib.mkEnableOption "custom pamconfig"; - config = lib.mkIf cfg.enable { - security.pam = { - services = { - swaylock = {}; - sudo = { - u2fAuth = true; - }; - login = { - u2fAuth = true; - }; - }; - u2f = { - enable = true; - settings = { - cue = true; - authFile = config.age.secrets.pamu2f-mappings.path; - }; - }; - }; - }; -} diff --git a/modules/nixos/sils/plasma.nix b/modules/nixos/sils/plasma.nix deleted file mode 100644 index f196447..0000000 --- a/modules/nixos/sils/plasma.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.sils.plasma; -in { - options.sils.plasma.enable = lib.mkEnableOption "KDE Plasma"; - config = lib.mkIf cfg.enable { - services = { - greetd.enable = lib.mkForce false; - tlp.enable = lib.mkForce false; - displayManager.sddm = { - enable = true; - settings.General.DisplayServer = "wayland"; - wayland.enable = true; - }; - desktopManager.plasma6 = { - enable = true; - }; - }; - environment.plasma6.excludePackages = with pkgs.kdePackages; [ - kwallet - kwallet-pam - kwalletmanager - ]; - }; -} diff --git a/modules/nixos/sils/plymouth.nix b/modules/nixos/sils/plymouth.nix deleted file mode 100644 index 8e39220..0000000 --- a/modules/nixos/sils/plymouth.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.plymouth; -in { - options.sils.plymouth.enable = lib.mkEnableOption "Enable Plymouth"; - config = lib.mkIf cfg.enable { - boot.plymouth.enable = true; - }; -} diff --git a/modules/nixos/sils/printing.nix b/modules/nixos/sils/printing.nix deleted file mode 100644 index 44b2a10..0000000 --- a/modules/nixos/sils/printing.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.sils.printing; -in { - options.sils.printing.enable = lib.mkEnableOption "printing configuration"; - config = lib.mkIf cfg.enable { - services = { - printing = { - enable = true; - cups-pdf.enable = true; - startWhenNeeded = true; - webInterface = true; - stateless = true; - drivers = with pkgs; [epson-escpr epson-escpr2 hplip]; - }; - avahi = { - enable = true; - nssmdns4 = true; - nssmdns6 = true; - openFirewall = true; - }; - }; - - hardware.printers = { - ensureDefaultPrinter = "EPSON_ET-2720_Series"; - ensurePrinters = [ - { - name = "EPSON_ET-2720_Series"; - description = "EPSON ET-2720 Series"; - model = "epson-inkjet-printer-escpr/Epson-ET-2720_Series-epson-escpr-en.ppd"; - location = "Home Network"; - deviceUri = "dnssd://EPSON%20ET-2720%20Series._ipp._tcp.local/?uuid=cfe92100-67c4-11d4-a45f-e0bb9edcdbb9"; - ppdOptions = { - PageSize = "A4"; - }; - } - ]; - }; - }; -} diff --git a/modules/nixos/sils/roles.nix b/modules/nixos/sils/roles.nix deleted file mode 100644 index 52bfb54..0000000 --- a/modules/nixos/sils/roles.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ - config, - lib, - ... -}: let - roleCmp = string: config.role.sils == string; -in { - config.sils = - if roleCmp "laptop" - then { - apparmor.enable = lib.mkDefault true; - basesystem.enable = lib.mkDefault true; - bluetooth.enable = lib.mkDefault true; - bootloader = lib.mkDefault "lanzaboote"; - disks.enable = lib.mkDefault true; - gnome.enable = lib.mkDefault true; - graphics.enable = lib.mkDefault true; - environment.enable = lib.mkDefault true; - firejail.enable = false; - font.enable = lib.mkDefault true; - hyprland.enable = lib.mkDefault true; - impermanence.enable = lib.mkDefault true; - networking.enable = lib.mkDefault true; - nix-config.enable = lib.mkDefault true; - pamconfig.enable = lib.mkDefault true; - plasma.enable = lib.mkDefault false; - plymouth.enable = lib.mkDefault true; - printing.enable = lib.mkDefault true; - sound.enable = lib.mkDefault true; - steam.enable = lib.mkDefault true; - sway.enable = lib.mkDefault false; - theming.enable = lib.mkDefault true; - tailscale = { - enable = lib.mkDefault false; - role = "client"; - }; - tor.enable = lib.mkDefault true; - } - else if roleCmp "laptop-light" - then { - apparmor.enable = lib.mkDefault true; - basesystem.enable = lib.mkDefault true; - bluetooth.enable = lib.mkDefault true; - bootloader = lib.mkDefault "lanzaboote"; - disks.enable = lib.mkDefault true; - graphics.enable = lib.mkDefault true; - environment.enable = lib.mkDefault true; - firejail.enable = false; - font.enable = lib.mkDefault true; - hyprland.enable = lib.mkDefault true; - impermanence.enable = lib.mkDefault true; - networking.enable = lib.mkDefault true; - nix-config.enable = lib.mkDefault true; - pamconfig.enable = lib.mkDefault true; - plymouth.enable = lib.mkDefault false; - printing.enable = lib.mkDefault true; - sound.enable = lib.mkDefault true; - sway.enable = lib.mkDefault false; - theming.enable = lib.mkDefault true; - } - else if roleCmp "vm" - then {} - else if roleCmp "workstation" - then { - apparmor.enable = lib.mkDefault true; - basesystem.enable = lib.mkDefault true; - bluetooth.enable = lib.mkDefault true; - bootloader = lib.mkDefault "lanzaboote"; - disks.enable = lib.mkDefault true; - graphics.enable = lib.mkDefault true; - environment.enable = lib.mkDefault true; - firejail.enable = false; - font.enable = lib.mkDefault true; - hyprland.enable = lib.mkDefault true; - impermanence.enable = lib.mkDefault true; - networking.enable = lib.mkDefault true; - nix-config.enable = lib.mkDefault true; - pamconfig.enable = lib.mkDefault true; - plymouth.enable = lib.mkDefault false; - printing.enable = lib.mkDefault true; - sound.enable = lib.mkDefault true; - sway.enable = lib.mkDefault false; - theming.enable = lib.mkDefault true; - } - else {}; -} diff --git a/modules/nixos/sils/sound.nix b/modules/nixos/sils/sound.nix deleted file mode 100644 index 3ad26fb..0000000 --- a/modules/nixos/sils/sound.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.sound; -in { - options.sils.sound.enable = lib.mkEnableOption "sound config"; - config = lib.mkIf cfg.enable { - services.pipewire = { - enable = true; - alsa = { - enable = true; - support32Bit = true; - }; - pulse.enable = true; - jack.enable = true; - }; - }; -} diff --git a/modules/nixos/sils/steam.nix b/modules/nixos/sils/steam.nix deleted file mode 100644 index 3c834a6..0000000 --- a/modules/nixos/sils/steam.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.steam; -in { - options.sils.steam.enable = lib.mkEnableOption "Steam"; - config = lib.mkIf cfg.enable { - nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.getName pkg) [ - "steam" - "steam-unwrapped" - ]; - programs.steam = { - enable = true; - }; - }; -} diff --git a/modules/nixos/sils/sudo.nix b/modules/nixos/sils/sudo.nix deleted file mode 100644 index 2ad117f..0000000 --- a/modules/nixos/sils/sudo.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - config, - lib, - ... -}: let - persistentLecture = !config.sils.sudo.persistentLecture.disable; -in { - options.sils.sudo.persistentLecture.disable = lib.mkEnableOption "sudo lecture after every boot"; - config = { - security.sudo = { - enable = true; - }; - environment.persistence.${config.sils.meta.globalDataDir}.files = lib.mkIf persistentLecture [ - { - file = "/var/db/sudo/lectured/${builtins.toString config.users.users.jaki.uid}"; - parentDirectory = { - user = "root"; - group = config.users.users.jaki.group; - mode = "0600"; - }; - } - ]; - }; -} diff --git a/modules/nixos/sils/sway.nix b/modules/nixos/sils/sway.nix deleted file mode 100644 index 4aac2f4..0000000 --- a/modules/nixos/sils/sway.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.sway; -in { - options.sils.sway.enable = lib.mkEnableOption "sway"; - config = lib.mkIf cfg.enable { - programs.sway = { - enable = true; - package = null; - }; - }; -} diff --git a/modules/nixos/sils/tailscale.nix b/modules/nixos/sils/tailscale.nix deleted file mode 100644 index e1f49a4..0000000 --- a/modules/nixos/sils/tailscale.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ - config, - lib, - ... -}: let - cfg = config.sils.tailscale; -in { - options.sils.tailscale = { - enable = lib.mkEnableOption "Tailscale"; - openFirewall = true; - role = lib.mkOption { - type = lib.types.enum [ - "client" - "server" - ]; - }; - }; - config = lib.mkIf cfg.enable { - services.tailscale = { - enable = true; - authKeyFile = config.age.secrets.tailscale.path; - useRoutingFeatures = cfg.role; - extraDaemonFlags = [ - "--no-logs-no-support" - ]; - extraSetFlags = [ - "--accept-routes" - ]; - }; - networking.firewall = { - trustedInterfaces = ["tailscale0"]; - allowedUDPPorts = [config.services.tailscale.port]; - checkReversePath = "loose"; - }; - systemd = { - services.tailscaled.serviceConfig.Environment = [ - "TS_DEBUG_FIREWALL_MODE=nftables" - ]; - network.wait-online.enable = false; - }; - boot.initrd.systemd.network.wait-online.enable = false; - - environment.persistence."/srv".directories = [ - { - directory = "/var/lib/tailscale"; - user = "root"; - group = "root"; - mode = "0700"; - } - ]; - }; -} diff --git a/modules/nixos/sils/theming/default.nix b/modules/nixos/sils/theming/default.nix deleted file mode 100644 index 2d5d2fd..0000000 --- a/modules/nixos/sils/theming/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.sils.theming; -in { - options.sils.theming.enable = lib.mkEnableOption "theming"; - config = lib.mkIf cfg.enable { - stylix = { - enable = true; - base16Scheme = "${pkgs.base16-schemes}/share/themes/ayu-dark.yaml"; - image = ../../../../files/wallpaper.jpg; - polarity = "dark"; - }; - }; -} diff --git a/modules/nixos/sils/theming/tokyo-night-dark.yaml b/modules/nixos/sils/theming/tokyo-night-dark.yaml deleted file mode 100644 index ec29944..0000000 --- a/modules/nixos/sils/theming/tokyo-night-dark.yaml +++ /dev/null @@ -1,18 +0,0 @@ -scheme: "Tokyo Night Dark" -author: "Michaƫl Ball" -base00: "1A1B26" -base01: "16161E" -base02: "2F3549" -base03: "444B6A" -base04: "787C99" -base05: "A9B1D6" -base06: "CBCCD1" -base07: "D5D6DB" -base08: "C0CAF5" -base09: "A9B1D6" -base0A: "0DB9D7" -base0B: "9ECE6A" -base0C: "B4F9F8" -base0D: "2AC3DE" -base0E: "BB9AF7" -base0F: "F7768E" diff --git a/modules/nixos/sils/tor.nix b/modules/nixos/sils/tor.nix deleted file mode 100644 index 01fdc1f..0000000 --- a/modules/nixos/sils/tor.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: let - cfg = config.sils.tor; -in { - options.sils.tor.enable = lib.mkEnableOption "tor"; - config = lib.mkIf cfg.enable { - services = { - tor = { - enable = true; - torsocks.enable = true; - client.enable = true; - }; - snowflake-proxy = { - enable = true; - capacity = 5; - }; - }; - }; -} |