phundrak/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: phundrak:238cf3f7958fd19df4972bb004769b0700ab6399
Branches Tags
phundrak:main phundrak:feature/elcafe
...
compare: phundrak:22e21be60a54e83c2ccbb933bab21359dfc83c19
Branches Tags
phundrak:main phundrak:feature/elcafe

38 Commits
238cf3f795 ... 22e21be60a

Author SHA1 Message Date
Lucien Cartier-Tilet
22e21be60a feat(elcafe): add new server configuration 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
4658b8392e fix: change invalid types.string to types.str 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
e65c27a81f feat: more AI-related tools 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
7eccc1a627 feat(qemu): improve QEMU configuration 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
7e9b84d0ea chore: update flakes to latest version 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
5b2582afdd style: formatting fixes 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
7d198f1996 feat(jujutsu): compatibility with jj-vc.el in Emacs 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
2e84738c9f feat(AMDGPU): better config for my AMD GPU and using AI with it 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
a76bf52727 feat(hyprland): add commented out screen resolutions for Moonlight 
Add a screen resolution for when logging in remotely from Moonlight,
namely from my Thinkpad x220 and my FydeTab Duo.
 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
1f811718c8 fix(docker): better configuration handling, add back podman-compose 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
c07c872c91 feat(user/packages): remove broken Gimp packages, add Gmic 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
8b3864084f feat(languagetool): add languagetool service to marpa 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
30e3fa2b08 chore: upgrade flake lockfile 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
dbb5973c46 feat(hyprland): replace wpaperd with hyprpaper 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
ffa6af675d feat(tailscale): make tailscale togglable, defaults to enabled 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
075ece2829 feat(packages): remove Modrintth and KiCad 
They take a long time compiling on my laptop, so I’ll install them
through flatpak instead.
 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
349cbfa263 feat(waydroid): add waydroid configuration 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
f3f390aae4 feat(qemu): add qemu configuration 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
73ed248c12 refactor(docker podman): better docker and podman configuration 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
24f42ee146 chore: update flakes 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
c0ad5ed316 style(home/tilo): better format file 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
ca4d08e799 feat(jujutsu): better jujutsu configuration 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
5affe511ce feat(sunshine): customise apps available in Sunshine 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
975a92eaae feat(networking): enable tailscale 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
28c430568d chore: update flakes 2025-11-05 05:01:58 +01:00
Lucien Cartier-Tilet
3737a61fa5 feat(sound): add noisetorch when sound is enabled 2025-11-05 05:01:57 +01:00
Lucien Cartier-Tilet
0c8e2c702d fix(marpa): fix location of dotfiles 2025-11-05 05:01:57 +01:00
Lucien Cartier-Tilet
2a12de6682 feat(secrets): update private SSH config 2025-11-05 05:01:57 +01:00
Lucien Cartier-Tilet
ca8496b606 feat(packages): remove Modrinth 
Tired of compiling it every time I update my laptop, I’ll install it
with Flatpak instead.
 2025-11-05 05:01:57 +01:00
Lucien Cartier-Tilet
ec5c8ff820 fix(gampo): correctly set dotfiles location 2025-11-05 05:01:57 +01:00
Lucien Cartier-Tilet
4f78af4181 feat(tilo): add jellyfin configuration 2025-11-05 05:01:52 +01:00
Lucien Cartier-Tilet
21a2587c13 feat(tilo): add calibre configuration 2025-11-05 05:01:13 +01:00
Lucien Cartier-Tilet
a786c3bd99 feat(tilo): add Plex configuration for Tilo 2025-11-05 05:01:11 +01:00
Lucien Cartier-Tilet
50ebd68e57 fix: correct values for host Tilo 2025-11-05 05:01:12 +01:00
Lucien Cartier-Tilet
4f3b94d5f3 docs: update README to reflect refactor 2025-11-05 05:01:11 +01:00
Lucien Cartier-Tilet
d200079cdb chore: refactor user modules 2025-11-05 05:01:10 +01:00
Lucien Cartier-Tilet
af1a606c1a chore: refactor system modules 2025-11-05 05:01:08 +01:00
Lucien Cartier-Tilet
d054442c28 feat(jujutsu): update my config with new aliases 2025-11-05 05:01:09 +01:00
162 changed files with 2265 additions and 1464 deletions
Expand all files Collapse all files

1
.envrc
View File

@@ -1,3 +1,4 @@
# -*- mode: sh; -*-
if ! has nix_direnv_version || ! nix_direnv_version 2.2.1; then
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.2.1/direnvrc" "sha256-zelF0vLbEl5uaqrfIzbgNzJWGmLzCmYAkInj/LNxvKs="
fi

31
README.md
View File

@@ -4,14 +4,12 @@ Personal NixOS configuration for my machines, using Nix Flakes for reproducible
## Repository Structure
- **flake.nix**: Main entry point for the Nix Flake, defining NixOS and home-manager configurations
- **hosts/**: Host-specific NixOS configurations
- **modules/**: Custom NixOS modules reusable across different hosts
- **programs/**: System-level programs shared across hosts
- **secrets/**: Encrypted secrets managed with sops-nix
- **system/**: Common system-level configurations shared across hosts
- **users/phundrak/**: Home-manager configuration for my user
- **users/modules/**: Custom user modules reusable across configurations
- **flake.nix**: Main entry point for the Nix Flake, defining NixOS and home-manager configurations.
- **hosts/**: Contains the host-specific NixOS configurations.
- **system/**: Holds system-wide configuration modules that can be shared across different hosts. This includes things like boot settings, desktop environments, hardware configurations, networking, packages, security, and system services.
- **users/**: Manages user-specific configurations. It's split into `modules` for reusable home-manager configurations and `phundrak` for my personal configuration.
- **keys/**: Public keys for various machines.
- **secrets/**: Encrypted secrets managed with `sops-nix`.
## Usage
@@ -51,24 +49,9 @@ nh home switch
Format Nix files (using Alejandra):
```bash
nix fmt
nix fmt .
```
## Development
For development, a devShell is provided with linting tools and git hooks:
```bash
nix develop
```
This will set up an environment with:
- alejandra (formatting)
- commitizen (commit messages)
- deadnix (dead code detection)
- statix (linting)
- Other useful git hooks
## Contributing
Feel free to fork this repository and make your own changes. If you have any improvements or suggestions, please open an issue or submit a pull request.

147
flake.lock generated
View File

@@ -6,7 +6,8 @@
"devenv"
],
"flake-compat": [
"devenv"
"devenv",
"flake-compat"
],
"git-hooks": [
"devenv",
@@ -18,11 +19,11 @@
]
},
"locked": {
"lastModified": 1748883665,
"narHash": "sha256-R0W7uAg+BLoHjMRMQ8+oiSbTq8nkGz5RDpQ+ZfxxP3A=",
"lastModified": 1760971495,
"narHash": "sha256-IwnNtbNVrlZIHh7h4Wz6VP0Furxg9Hh0ycighvL5cZc=",
"owner": "cachix",
"repo": "cachix",
"rev": "f707778d902af4d62d8dd92c269f8e70de09acbe",
"rev": "c5bfd933d1033672f51a863c47303fc0e093c2d2",
"type": "github"
},
"original": {
@@ -32,10 +33,32 @@
"type": "github"
}
},
"claude-desktop": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1761825061,
"narHash": "sha256-AeRQZKr8+1XQer+WmbwtQaQBy05UDgeNNE7YZjNLuS0=",
"owner": "k3d3",
"repo": "claude-desktop-linux-flake",
"rev": "791cd93cfe216ad06ab740f0fdc142119b1d6ec2",
"type": "github"
},
"original": {
"owner": "k3d3",
"repo": "claude-desktop-linux-flake",
"type": "github"
}
},
"devenv": {
"inputs": {
"cachix": "cachix",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"nix": "nix",
"nixpkgs": [
@@ -43,11 +66,11 @@
]
},
"locked": {
"lastModified": 1753300020,
"narHash": "sha256-jRO3ELwG+FfYDBTDDhBJNjGuJjB4IgziuB1JWoz6l1A=",
"lastModified": 1761922975,
"narHash": "sha256-j4EB5ku/gDm7h7W7A+k70RYj5nUiW/l9wQtXMJUD2hg=",
"owner": "cachix",
"repo": "devenv",
"rev": "90266818017f7a6885edc75eb4a13b68862675ea",
"rev": "c9f0b47815a4895fadac87812de8a4de27e0ace1",
"type": "github"
},
"original": {
@@ -59,11 +82,11 @@
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"lastModified": 1761588595,
"narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
"type": "github"
},
"original": {
@@ -76,16 +99,15 @@
"inputs": {
"nixpkgs-lib": [
"devenv",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"lastModified": 1760948891,
"narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04",
"type": "github"
},
"original": {
@@ -112,6 +134,24 @@
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": [
@@ -125,11 +165,11 @@
]
},
"locked": {
"lastModified": 1750779888,
"narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
"lastModified": 1760663237,
"narHash": "sha256-BflA6U4AM1bzuRMR8QqzPXqh8sWVCNDzOdsxXEguJIc=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
"rev": "ca5b894d3e3e151ffc1db040b6ce4dcc75d31c37",
"type": "github"
},
"original": {
@@ -167,11 +207,11 @@
]
},
"locked": {
"lastModified": 1753373145,
"narHash": "sha256-UhuUj46dobD/POOdVNxKvAvP3luI2T0MZPm2IXl266Y=",
"lastModified": 1761878381,
"narHash": "sha256-lCRaipHgszaFZ1Cs8fdGJguVycCisBAf2HEFgip5+xU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "64796151f79e6f3834bfc55f07c5487708bb5b3f",
"rev": "4ac96eb21c101a3e5b77ba105febc5641a8959aa",
"type": "github"
},
"original": {
@@ -186,7 +226,10 @@
"devenv",
"flake-compat"
],
"flake-parts": "flake-parts",
"flake-parts": [
"devenv",
"flake-parts"
],
"git-hooks-nix": [
"devenv",
"git-hooks"
@@ -203,16 +246,16 @@
]
},
"locked": {
"lastModified": 1752773918,
"narHash": "sha256-dOi/M6yNeuJlj88exI+7k154z+hAhFcuB8tZktiW7rg=",
"lastModified": 1761648602,
"narHash": "sha256-H97KSB/luq/aGobKRuHahOvT1r7C03BgB6D5HBZsbN8=",
"owner": "cachix",
"repo": "nix",
"rev": "031c3cf42d2e9391eee373507d8c12e0f9606779",
"rev": "3e5644da6830ef65f0a2f7ec22830c46285bfff6",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "devenv-2.30",
"ref": "devenv-2.30.6",
"repo": "nix",
"type": "github"
}
@@ -224,11 +267,11 @@
]
},
"locked": {
"lastModified": 1752985182,
"narHash": "sha256-sX8Neff8lp3TCHai6QmgLr5AD8MdsQQX3b52C1DVXR8=",
"lastModified": 1761451000,
"narHash": "sha256-qBJL6xEIjqYq9zOcG2vf2nPTeVBppNJzvO0LuQWMwMo=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "fafdcb505ba605157ff7a7eeea452bc6d6cbc23c",
"rev": "ed6b293161b378a7368cda38659eb8d3d9a0dac4",
"type": "github"
},
"original": {
@@ -239,11 +282,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1753250450,
"narHash": "sha256-i+CQV2rPmP8wHxj0aq4siYyohHwVlsh40kV89f3nw1s=",
"lastModified": 1761907660,
"narHash": "sha256-kJ8lIZsiPOmbkJypG+B5sReDXSD1KGu2VEPNqhRa/ew=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "fc02ee70efb805d3b2865908a13ddd4474557ecf",
"rev": "2fb006b87f04c4d3bdf08cfdbc7fab9c13d94a15",
"type": "github"
},
"original": {
@@ -255,7 +298,7 @@
},
"pumo-system-info": {
"inputs": {
"flake-utils": "flake-utils",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
],
@@ -282,21 +325,22 @@
]
},
"locked": {
"lastModified": 1753335654,
"narHash": "sha256-XpegouCfuzYNECDpH0+J3UEdearlYhRkRgOZ97l16E8=",
"lastModified": 1761897390,
"narHash": "sha256-er4gYrIoThYLjlsOMTysoRfn67d1Gci+ZpqDrtQxrA0=",
"ref": "refs/heads/master",
"rev": "f90bef2d994c88f075dbc2fcd81140e160351328",
"revCount": 654,
"rev": "fc704e6b5d445899a1565955268c91942a4f263f",
"revCount": 700,
"type": "git",
"url": "https://git.outfoxxed.me/outfoxxed/quickshell"
"url": "https://git.outfoxxed.me/quickshell/quickshell"
},
"original": {
"type": "git",
"url": "https://git.outfoxxed.me/outfoxxed/quickshell"
"url": "https://git.outfoxxed.me/quickshell/quickshell"
}
},
"root": {
"inputs": {
"claude-desktop": "claude-desktop",
"devenv": "devenv",
"home-manager": "home-manager",
"nix-index-database": "nix-index-database",
@@ -335,11 +379,11 @@
]
},
"locked": {
"lastModified": 1752544651,
"narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=",
"lastModified": 1760998189,
"narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "2c8def626f54708a9c38a5861866660395bb3461",
"rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3",
"type": "github"
},
"original": {
@@ -363,6 +407,21 @@
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"zen-browser": {
"inputs": {
"nixpkgs": [
@@ -370,11 +429,11 @@
]
},
"locked": {
"lastModified": 1752725859,
"narHash": "sha256-kjpmc7Y164ajPdscAZLFQTtzXP5sEE2dR30NuHe5lQY=",
"lastModified": 1761883599,
"narHash": "sha256-ntnfAAqSuXI/+uqXAWUjbY5arB7sRK9cpgFbHbCZgK8=",
"owner": "youwen5",
"repo": "zen-browser-flake",
"rev": "2276ddce91a949e0819d9e8c4b171c40ce770390",
"rev": "5355c0dc6857a2aa34b126fb4a93a454ed702f52",
"type": "github"
},
"original": {

75
flake.nix
View File

@@ -3,27 +3,29 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
devenv = {
url = "github:cachix/devenv";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-index-database = {
url = "github:nix-community/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
devenv = {
url = "github:cachix/devenv";
inputs.nixpkgs.follows = "nixpkgs";
};
pumo-system-info = {
url = "git+https://labs.phundrak.com/phundrak/pumo-system-info";
inputs.nixpkgs.follows = "nixpkgs";
};
quickshell = {
url = "git+https://git.outfoxxed.me/outfoxxed/quickshell";
url = "git+https://git.outfoxxed.me/quickshell/quickshell";
inputs.nixpkgs.follows = "nixpkgs";
};
@@ -32,6 +34,11 @@
inputs.nixpkgs.follows = "nixpkgs";
};
claude-desktop = {
url = "github:k3d3/claude-desktop-linux-flake";
inputs.nixpkgs.follows = "nixpkgs";
};
zen-browser = {
url = "github:youwen5/zen-browser-flake";
inputs.nixpkgs.follows = "nixpkgs";
@@ -81,77 +88,73 @@
];
};
homeConfigurations = {
homeConfigurations = let
extraSpecialArgs = {inherit inputs outputs system;};
pkgs = nixpkgs.legacyPackages.x86_64-linux;
in {
"phundrak@alys" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = {
inherit inputs outputs;
home-conf = "minimal";
};
inherit extraSpecialArgs pkgs;
modules = [
./users/phundrak/alys.nix
./users/phundrak/host/alys.nix
inputs.sops-nix.homeManagerModules.sops
];
};
"phundrak@marpa" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = {
inherit inputs outputs;
home-conf = "fullHome";
};
inherit extraSpecialArgs pkgs;
modules = [
./users/phundrak/marpa.nix
./users/phundrak/host/marpa.nix
inputs.sops-nix.homeManagerModules.sops
];
};
"phundrak@gampo" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = {
inherit inputs outputs;
home-conf = "fullHome";
};
inherit extraSpecialArgs pkgs;
modules = [
./users/phundrak/gampo.nix
./users/phundrak/host/gampo.nix
inputs.sops-nix.homeManagerModules.sops
];
};
"phundrak@tilo" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = {
inherit inputs outputs;
home-conf = "minimal";
};
inherit extraSpecialArgs pkgs;
modules = [
./users/phundrak/tilo.nix
./users/phundrak/host/tilo.nix
inputs.sops-nix.homeManagerModules.sops
];
};
};
nixosConfigurations = {
nixosConfigurations = let
specialArgs = {inherit inputs outputs;};
in {
alys = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs;};
inherit specialArgs;
modules = [
./hosts/alys/configuration.nix
inputs.sops-nix.nixosModules.sops
];
};
elcafe = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/elcafe/configuration.nix
inputs.sops-nix.nixosModules.sops
];
};
gampo = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs;};
inherit specialArgs;
modules = [
./hosts/gampo/configuration.nix
inputs.sops-nix.nixosModules.sops
];
};
marpa = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs;};
inherit specialArgs;
modules = [
./hosts/marpa/configuration.nix
inputs.sops-nix.nixosModules.sops
];
};
tilo = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs;};
inherit specialArgs;
modules = [
./hosts/tilo/configuration.nix
inputs.sops-nix.nixosModules.sops

67
hosts/alys/configuration.nix
View File

@@ -1,64 +1,41 @@
{
pkgs,
inputs,
...
}: {
{inputs, ...}: {
imports = [
./hardware-configuration.nix
./host.nix
inputs.home-manager.nixosModules.default
../../modules/locale.nix
../../modules/system.nix
../../modules/ssh.nix
../../modules/endlessh.nix
../../programs/nano.nix
../../system
];
zramSwap.enable = true;
# networking.domain = "phundrak.com";
system = {
amdgpu.enable = false;
mySystem = {
boot = {
kernel = {
hardened = true;
cpuVendor = "amd";
};
kernel.hardened = true;
systemd-boot = false;
zfs.enable = false;
zram = {
enable = true;
memoryMax = 512;
};
};
dev.docker.enable = true;
networking = {
hostname = "alys";
domain = "phundrak.com";
id = "41157110";
firewall.openPorts = [
22
];
};
sound.enable = false;
packages.nix = {
gc.automatic = true;
trusted-users = ["root" "phundrak"];
};
services = {
endlessh.enable = true;
ssh = {
enable = true;
allowedUsers = ["phundrak"];
passwordAuthentication = false;
};
};
users = {
root.disablePassword = true;
phundrak = true;
phundrak.enable = true;
};
};
modules = {
ssh = {
enable = true;
allowedUsers = ["phundrak"];
passwordAuthentication = false;
};
endlessh.enable = false;
};
nixpkgs.config.allowUnfree = true;
environment.systemPackages = [pkgs.openssl];
# networking.hostName = "alys";
# users.users.root.openssh.authorizedKeys.keys = [
# "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+b7BE/gHrHVkqNVfHtp2r4OCUDdohst8hb3Bz5tYtx3gvXJQCB1rFc2hgQJf8FsVyQbidS64lnhU1rUIEbFhv7itT5FGGUnfJEYs64W30wKsnPSb5WXdFXzrNi8za48i2oNl9JA9Fj9k6isyvkTup89hB+ELbXIcfz3bM93WaAt2dIgKijXaAMAAA+tHhgWvlrHlvGlU9/KxY3ZOQSoEboPXd7TDyOf1672eAibYyb5h1HIewYZ+xv1X4dxx/c9Arh4K0s8scuB7XTQQkEbRUEYKD2YXKN83Z09jfMlMYuBAKKO8zU4CM2KTbL7kEVgNc/ArY+uCAakmC5+eS7LxMuOt86+Bi4gXTJ6o6dbfUbCGiq751ni8pg44YSfwYiI05vvZ08eIyNkowumD+X4GRW4tu0I3qK8TI7exeEeoQIwlSfLXlYHEdNB8Q3feLyhHMRkxXgUskbXwWIBexLzJyY40tyqQplZWbYGrUEmjxZ7FWmaV+o8ZjnU2GfJ8JoWyCnEYfRc6Z2ILdXNDRzZ9qYOwefMHtuaYaYYximL+zdVVrm4EZuOetmaJ6zblk4ebU3GZjYykB8DmCDFDZO9koKwzPazLKQl0OWzmQqgxVNg7Mg1NZbuRQgVAhKPelnqejaXbf2/IHAYBn5LDR1Jew5+srlstM9XuYG2whEOx84w== Lucien Cartier-Tilet <lucien@phundrak.com>"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILw9oiK8tZ5Vpz82RaRLpITU8qeJrT2hjvudGEDQu2QW lucien@phundrak.com"
# ];
system.stateVersion = "23.11";
}

3
hosts/alys/host.nix
View File

@@ -1,3 +0,0 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [neofetch vim emacs];
}

74
hosts/elcafe/configuration.nix Normal file
View File

@@ -0,0 +1,74 @@
{
inputs,
config,
...
}: {
imports = [
./hardware-configuration.nix
inputs.home-manager.nixosModules.default
../../system
];
sops.secrets = {
"elcafe/traefik/env".restartUnits = ["traefik.service"];
"elcafe/traefik/dynamic".restartUnits = ["traefik.service"];
};
mySystem = {
boot = {
kernel = {
hardened = true;
cpuVendor = "intel";
};
zfs = {
enable = true;
pools = ["tank"];
};
};
dev.docker = {
enable = true;
extraDaemonSettings.data-root = "/tank/docker/";
};
misc.keymap = "fr";
networking = {
hostname = "elcafe";
id = "501c7fb9";
};
packages.nix = {
gc.automatic = true;
trusted-users = [
"root"
"phundrak"
];
};
services = {
endlessh.enable = true;
plex = {
enable = true;
dataDir = "/tank/web/plex-config";
};
ssh = {
enable = true;
allowedUsers = ["phundrak"];
passwordAuthentication = false;
};
traefik = {
enable = true;
envFiles = [config.sops.secrets."elcafe/traefik/env".path];
dynConf = config.sops.secrets."elcafe/traefik/dynamic".path;
};
};
users = {
root.disablePassword = true;
phundrak.enable = true;
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
}

42
hosts/elcafe/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,42 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = ["ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "usb_storage" "sd_mod" "sr_mod"];
kernelModules = [];
};
kernelModules = ["kvm-intel"];
extraModulePackages = [];
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/d2e703f7-90e0-43e7-9872-ce036f201c4b";
fsType = "ext4";
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.eno2.useDHCP = lib.mkDefault true;
# networking.interfaces.eno3.useDHCP = lib.mkDefault true;
# networking.interfaces.eno4.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

94
hosts/gampo/configuration.nix
View File

@@ -7,55 +7,71 @@
imports = [
inputs.sops-nix.nixosModules.sops
./hardware-configuration.nix
./services
../../modules/opentablet.nix
../../modules/sops.nix
../../modules/system.nix
../../programs/flatpak.nix
../../programs/hyprland.nix
../../programs/steam.nix
../../system
];
mySystem = {
boot = {
plymouth.enable = true;
kernel = {
cpuVendor = "intel";
package = pkgs.linuxPackages;
modules = ["i915"];
};
systemd-boot = true;
};
desktop = {
hyprland.enable = true;
xserver = {
enable = true;
de = "gnome";
};
};
dev.docker = {
enable = true;
podman.enable = true;
autoprune.enable = true;
};
hardware = {
bluetooth.enable = true;
corne.allowHidAccess = true;
ibmTrackpoint.disable = true;
opentablet.enable = true;
sound.enable = true;
};
misc.keymap = "fr-bepo";
networking = {
hostname = "gampo";
id = "0630b33f";
hostFiles = [config.sops.secrets.extraHosts.path];
};
packages = {
appimage.enable = true;
flatpak.enable = true;
nix = {
nix-ld.enable = true;
trusted-users = ["root" "phundrak"];
};
};
programs.steam.enable = true;
services = {
fwupd.enable = true;
ssh.enable = true;
};
users = {
root.disablePassword = true;
phundrak.enable = true;
};
};
sops.secrets.extraHosts = {
inherit (config.users.users.root) group;
owner = config.users.users.phundrak.name;
mode = "0440";
};
boot.initrd.kernelModules = ["i915"];
system = {
boot.plymouth.enable = true;
docker = {
enable = true;
autoprune.enable = true;
podman.enable = true;
};
networking = {
hostname = "gampo";
id = "0630b33f";
hostFiles = [config.sops.secrets.extraHosts.path];
};
sound.enable = true;
};
modules = {
appimage.enable = true;
hyprland.enable = true;
};
security.rtkit.enable = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
curl
openssl
wget
];
nix.settings.trusted-users = ["root" "phundrak"];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database
# versions on your system were taken. Its perfectly fine and

15
hosts/gampo/services/default.nix
View File

@@ -1,15 +0,0 @@
{
imports = [
./gnome.nix
];
services = {
# Enable CUPS to print documents.
printing.enable = true;
openssh.enable = true;
fwupd.enable = true;
udev.extraRules = ''
ATTRS{name}=="*TPPS/2 IBM TrackPoint", ENV{ID_INPUT}="", ENV{ID_INPUT_MOUSE}="", ENV{ID_INPUT_POINTINGSTICK}=""
'';
};
}

11
hosts/gampo/services/gnome.nix
View File

@@ -1,11 +0,0 @@
{
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
xkb = {
layout = "fr";
variant = "bepo";
};
};
}

124
hosts/marpa/configuration.nix
View File

@@ -1,42 +1,52 @@
{
config,
pkgs,
inputs,
...
}: {
imports = [
inputs.sops-nix.nixosModules.sops
./system/hardware-configuration.nix
./services
../../modules/opentablet.nix
../../modules/sops.nix
../../modules/system.nix
../../programs/flatpak.nix
../../programs/hyprland.nix
../../programs/steam.nix
./hardware-configuration.nix
../../system
];
sops.secrets.extraHosts = {
inherit (config.users.users.root) group;
owner = config.users.users.phundrak.name;
mode = "0440";
};
security.polkit.enable = true;
fileSystems."/games" = {
device = "/dev/disk/by-uuid/77d32db8-2e85-4593-b6b8-55d4f9d14e1a";
fsType = "ext4";
};
system = {
amdgpu.enable = true;
boot.plymouth.enable = true;
docker = {
enable = true;
podman.enable = true;
autoprune.enable = true;
mySystem = {
boot = {
extraModprobeConfig = ''
options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1
'';
plymouth.enable = true;
kernel.cpuVendor = "amd";
systemd-boot = true;
};
desktop = {
hyprland.enable = true;
niri.enable = true;
waydroid.enable = true;
xserver = {
enable = true;
de = "gnome";
};
};
dev = {
docker = {
enable = true;
podman.enable = true;
autoprune.enable = true;
};
qemu.enable = true;
};
hardware = {
amdgpu.enable = true;
bluetooth.enable = true;
corne.allowHidAccess = true;
opentablet.enable = true;
sound = {
enable = true;
jack = true;
scarlett.enable = true;
};
};
misc.keymap = "fr-bepo";
networking = {
hostname = "marpa";
id = "7EA4A111";
@@ -49,34 +59,46 @@
}
];
};
sound = {
enable = true;
jack = true;
packages = {
appimage.enable = true;
flatpak.enable = true;
nix = {
nix-ld.enable = true;
trusted-users = ["root" "phundrak"];
};
};
programs.steam.enable = true;
services = {
fwupd.enable = true;
printing.enable = true;
ssh.enable = true;
sunshine = {
enable = true;
autostart = true;
};
languagetool.enable = true;
};
users = {
root.disablePassword = true;
phundrak.enable = true;
};
};
modules = {
appimage.enable = true;
hyprland.enable = true;
sops.secrets.extraHosts = {
inherit (config.users.users.root) group;
owner = config.users.users.phundrak.name;
mode = "0440";
};
security.rtkit.enable = true;
security = {
polkit.enable = true;
rtkit.enable = true;
};
nix.settings.trusted-users = ["root" "phundrak"];
environment.systemPackages = with pkgs; [
clinfo # AMD
curl
openssl
wget
alsa-scarlett-gui
];
boot.extraModprobeConfig = ''
options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1
'';
programs.nix-ld.enable = true;
fileSystems."/games" = {
device = "/dev/disk/by-uuid/77d32db8-2e85-4593-b6b8-55d4f9d14e1a";
fsType = "ext4";
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions

0
hosts/marpa/system/hardware-configuration.nix → hosts/marpa/hardware-configuration.nix
View File

43
hosts/marpa/services/default.nix
View File

@@ -1,25 +1,24 @@
{
imports = [
./logind.nix
../../../modules/ssh.nix
../../../modules/sunshine.nix
../../../modules/xserver.nix
];
# imports = [
# ./logind.nix
# ../../../system
# ];
# imports = [
# ./logind.nix
# ../../../modules/ssh.nix
# ../../../modules/sunshine.nix
# ];
modules = {
sunshine = {
enable = true;
autostart = true;
};
xserver = {
amdgpu.enable = true;
de = "gnome";
};
};
services = {
blueman.enable = true;
fwupd.enable = true;
printing.enable = true;
openssh.enable = true;
};
# modules = {
# sunshine = {
# enable = true;
# autostart = true;
# };
# };
# services = {
# blueman.enable = true;
# fwupd.enable = true;
# printing.enable = true;
# openssh.enable = true;
# };
}

60
hosts/tilo/configuration.nix
View File

@@ -1,24 +1,15 @@
# Edit this configuration file to define what should be installed on your
# system. Help is available in the configuration.nix(5) man page and in
# the NixOS manual (accessible by running nixos-help).
{
pkgs,
inputs,
...
}: {
{inputs, ...}: {
imports = [
./hardware-configuration.nix
inputs.home-manager.nixosModules.default
../../modules/locale.nix
../../modules/system.nix
../../modules/ssh.nix
../../modules/endlessh.nix
../../programs/nano.nix
../../system
./services
];
system = {
amdgpu.enable = false;
mySystem = {
boot = {
kernel = {
hardened = true;
@@ -29,46 +20,43 @@
pools = ["tank"];
};
};
docker.enable = true;
dev.docker.enable = true;
misc.keymap = "fr-bepo";
networking = {
hostname = "tilo";
id = "7110b33f";
firewall = {
openPorts = [
22 # SSH
80 # HTTP
443 # HTTPS
2222 # endlessh
25565 # Minecraft
];
extraCommands = ''
iptables -I INPUT 1 -i 172.16.0.0/12 -p tcp -d 172.17.0.1 -j ACCEPT
iptables -I INPUT 1 -i 172.16.0.0/12 -p tcp -d 172.17.0.1 -j ACCEPT
'';
};
};
nix.gc.automatic = true;
sound.enable = false;
packages.nix = {
gc.automatic = true;
trusted-users = ["root" "phundrak"];
};
services = {
calibre.enable = true;
endlessh.enable = true;
jellyfin.enable = true;
plex = {
enable = true;
dataDir = "/tank/web/stacks/plex/plex-config";
};
ssh = {
enable = true;
allowedUsers = ["phundrak"];
passwordAuthentication = false;
};
};
users = {
root.disablePassword = true;
phundrak = true;
phundrak.enable = true;
};
console.keyMap = "fr-bepo";
};
modules = {
ssh = {
enable = true;
allowedUsers = ["phundrak"];
passwordAuthentication = false;
};
endlessh.enable = true;
};
nixpkgs.config.allowUnfree = true;
environment.systemPackages = [pkgs.openssl];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave

2
modules/keys/id_alys.pub → keys/id_alys.pub
View File

@@ -1 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTv1lb6d99O84jeh6GdjPm8Gnt/HncSRhGhmoTq7BMK lucien@phundrak.com
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTv1lb6d99O84jeh6GdjPm8Gnt/HncSRhGhmoTq7BMK lucien@phundrak.com

0
modules/keys/id_gampo.pub → keys/id_gampo.pub
View File

0
modules/keys/id_marpa.pub → keys/id_marpa.pub
View File

0
modules/keys/id_opn4.pub → keys/id_opn4.pub
View File

0
modules/keys/id_tilo.pub → keys/id_tilo.pub
View File

17
modules/amdgpu.nix
View File

@@ -1,17 +0,0 @@
{
pkgs,
lib,
config,
...
}:
with lib; let
cfg = config.modules.amdgpu;
in {
options.modules.amdgpu.enable = mkEnableOption "Enables an AMD GPU configuration";
config = mkIf cfg.enable {
systemd.tmpfiles.rules = [
"L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}"
];
hardware.graphics.extraPackages = with pkgs; [rocmPackages.clr.icd];
};
}

6
modules/opentablet.nix
View File

@@ -1,6 +0,0 @@
{
hardware.opentabletdriver = {
enable = true;
daemon.enable = true;
};
}

22
modules/sunshine.nix
View File

@@ -1,22 +0,0 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.modules.sunshine;
in {
options.modules.sunshine = {
enable = mkEnableOption "Enables moonlight";
autostart = mkEnableOption "Enables autostart";
};
config.services.sunshine = mkIf cfg.enable {
enable = true;
autoStart = cfg.autostart;
capSysAdmin = true;
openFirewall = true;
settings = {
sunshine_name = "marpa";
};
};
}

183
modules/system.nix
View File

@@ -1,183 +0,0 @@
{
pkgs,
lib,
config,
...
}:
with lib; let
cfg = config.system;
in {
imports = [
./amdgpu.nix
./appimage.nix
./boot.nix
./locale.nix
./networking.nix
./nix.nix
./plymouth.nix
./sound.nix
./users.nix
./dev/docker.nix
];
options.system = with types; {
amdgpu.enable = mkEnableOption "Enables AMD GPU support";
boot = {
kernel = {
package = mkOption {
type = raw;
default = pkgs.linuxPackages_zen;
};
modules = mkOption {
type = listOf str;
default = [];
};
cpuVendor = mkOption {
description = "Intel or AMD?";
type = enum ["intel" "amd"];
default = "amd";
};
v4l2loopback = mkOption {
description = "Enables v4l2loopback";
type = bool;
default = true;
};
hardened = mkEnableOption "Enables hardened Linux kernel";
};
systemd-boot = mkOption {
type = types.bool;
default = true;
description = "Does the system use systemd-boot?";
};
plymouth.enable = mkEnableOption "Enables Plymouth";
zfs = {
enable = mkEnableOption "Enables ZFS";
pools = mkOption {
type = listOf str;
default = [];
};
};
};
docker = {
enable = mkEnableOption "Enable Docker";
podman.enable = mkEnableOption "Enable Podman rather than Docker";
nvidia.enable = mkEnableOption "Activate Nvidia support";
autoprune.enable = mkEnableOption "Enable autoprune";
};
networking = {
hostname = mkOption {
type = str;
example = "gampo";
};
id = mkOption {
type = str;
example = "deadb33f";
};
domain = mkOption {
type = nullOr str;
example = "phundrak.com";
default = null;
};
hostFiles = mkOption {
type = listOf path;
example = [/path/to/hostFile];
default = [];
};
firewall = {
openPorts = mkOption {
type = listOf int;
example = [22 80 443];
default = [];
};
openPortRanges = mkOption {
type = listOf (attrsOf port);
default = [];
example = [
{
from = 8080;
to = 8082;
}
];
description = ''
A range of TCP and UDP ports on which incoming connections are
accepted.
'';
};
extraCommands = mkOption {
type = nullOr lines;
example = "iptables -A INPUTS -p icmp -j ACCEPT";
default = null;
};
};
};
nix = {
disableSandbox = mkOption {
type = bool;
default = false;
};
gc = {
automatic = mkOption {
type = bool;
default = true;
};
dates = mkOption {
type = str;
default = "Monday 01:00 UTC";
};
options = mkOption {
type = str;
default = "--delete-older-than 30d";
};
};
};
sound = {
enable = mkEnableOption "Whether to enable sounds with Pipewire";
alsa = mkOption {
type = bool;
example = true;
default = true;
description = "Whether to enable ALSA support with Pipewire";
};
jack = mkOption {
type = bool;
example = true;
default = false;
description = "Whether to enable JACK support with Pipewire";
};
package = mkOption {
type = package;
example = pkgs.pulseaudio;
default = pkgs.pulseaudioFull;
description = "Which base package to use for PulseAudio";
};
};
users = {
root.disablePassword = mkEnableOption "Disables root password";
phundrak = mkOption {
type = bool;
default = true;
};
};
timezone = mkOption {
type = str;
default = "Europe/Paris";
};
console.keyMap = mkOption {
type = str;
default = "fr";
};
};
config = {
boot.tmp.cleanOnBoot = true;
time.timeZone = cfg.timezone;
console.keyMap = cfg.console.keyMap;
modules = {
boot = {
inherit (cfg) amdgpu;
inherit (cfg.boot) kernel systemd-boot plymouth zfs;
};
inherit (cfg) sound users networking docker amdgpu;
};
};
}

3
programs/flatpak.nix
View File

@@ -1,3 +0,0 @@
{
services.flatpak.enable = true;
}

21
programs/steam.nix
View File

@@ -1,21 +0,0 @@
{pkgs, ...}: {
programs = {
steam = {
enable = true;
protontricks.enable = true;
remotePlay.openFirewall = true;
localNetworkGameTransfers.openFirewall = true;
gamescopeSession.enable = true;
extraCompatPackages = [pkgs.proton-ge-bin];
};
gamescope = {
enable = true;
capSysNice = true;
args = [
"--rt"
"--expose-wayland"
];
};
};
hardware.steam-hardware.enable = true;
}

14
secrets/secrets.yaml
View File

@@ -1,10 +1,14 @@
extraHosts: ENC[AES256_GCM,data:nuEU+Tlj9BBEO/459B7u74WEdlDmvn3coWkk3JG5uqWXR1G4tk6H8EvQAY/xAuqcM01T4psaeqQTxZA+U626zMQ++vOsYwI8cch8m0xIkKKJ3Ztyqeip8egK2xPywdJp69Z5XhweF3RlxPBTroMcCoqHG0rFQmPuwaWrM/DJ6HQBGqKA3wmaYXAC4OLFVGNzLNLfWD85PAxK1YTJnClaerFdwsxm9tq+HNg7zEnOUVyQjm2l16MKkV1kybddNFc6SKHmm2e/XYNQ85eRm1ALq1v1WRPLaa87MsPLM6svwNy5hEMX+AQKfGBL4hLUKOw+yPktfSnGhj8uDO6IUTjySzkgdYIu37E8ozN8CZ2m+5wYDjf1NU34/yUo2p3RZISuy52qEhGE0jsIeDiC6KMPs6/dHKpxbkRVhe7ZWpZvee7dhWyAkW4lk+MA1p3OklCBdTn8JcrAlVcKf0n1+XyK5ua0q5ja6UKg1Q5Y1LGFPInt+styJ65HdvqBcdLiG7DCQYHGpWGIeSNglbAKPMCeBCablN/2gLLYOK08RXwwSAj1V5lCXAKoc3FfnX73ELRelzLwE2MNJZCn0DqnqP0vOnzXM9ftWVODCjcIEmLUX+CL7hBNLrWcp+Q3ALQcSZsAVejpP8Iajo85R/Hc+2OtqfXijoJNacaMgKCX/5ZWOFEwNUdto3xSRQXu2Ck//F4F/0Ez6yqOFux1byjdyHDbGGdFz02DTZUkOtsPVssyqz1nEHepDQM0EmAAxAR6D8hHOnZGesfqbS+5Xd3+KlfxyFC2mHDxK4WZPCHTAEsenWEiQTGfaOT+1bpbimRfUcqiRXukSUeHY2cKf/reNw0MT7t5n1mvidihP3sJuc573ViUlG+Ts8ctyZ/+tKU2aCMz3wevPzZNiIVqXsB2lC8c,iv:MnbM30XhdQFOPmc4x/a7YaDmnCDCFHS2Nm8plh+raSo=,tag:SpHUqyeSVdtf8uk4SyjmOA==,type:str]
elcafe:
traefik:
env: ENC[AES256_GCM,data:Mfm4Wt/7UWrpWGGa/rmC1wY6QtI2G/a6cbZiNjZz1gOTrREehFBZxH5JJ9ZgsxCMSuh/XCQa/75cPg==,iv:nrtTmtdFfTrCYzxFHDVMuaDdoa8SDi+pn4kghP4r9xE=,tag:gjlv8ohv1aDx2PB1rwx6fQ==,type:str]
dynamic: ENC[AES256_GCM,data:AYUojopOSi2kZ4ORxs4KrWHgqXZTMVtShb7T2iQ4JDyrlrIWCTpynt8/El9uoDaSryTgqxM8z3g4DIe5nrovh7pcFGVm/QYXfsfAx4kIm//7CwL9UISiyERirJo053Ilut0/lAdw3rlqa9aBYC2fS6AlrHN1ZFzqBttTeyykvZe0qmiW4hPNZ3axXW66juXwe9cxm24bE9bJZuuV9RYbafQ2Om76p/92E42hu6twWaUz/n6QgwaE2ymCekroKaq8+Umohj1XL6UdEEcLSnmc1qRblshhhSssNEtzbKERujt2SH/ppf/LLoohp8v4VbSpVOkx+6fqvyKWvbi2RU3C7eusee+gnBe2mGxGj34Q35iU4RM6dEwwmvzfmCAYy+27SlNVffI8yo8JXACp1aLxqBxLDDU7LokoSUb62/w/mX3NlzYf5a6NeIrHzoh+qHmEXUq63+gsNJaiJPp6DxtAKByg23t1LxSpFhxW7LaYIjh+KjaYZgNYTFR1BerqDu2pyzIrzZQTdtCveX3eiEZ3p9SJxfiuBVKlfQ2FpvJ9JPl9ACTFK6AI4s61ZgiNEeXzqQwo9zt8QrruiixdxPaclOfrBrFxq1mWGBGGXaAryiuZjo4G0KlNVvg/s5YiecYi8prQxXVozti7YI0sGJdGVjDiHwXfnUn+eQD2YBrOH9FlRwO3Vd/yd+42Xf06Hv7IbbYMogcu5y9ZbiXWesVd/TgB+Hu2oWkWxBU3sn6i3rMiZ0z+V/74xCwmfElugGCQ97ga6tQ92UbSBbteoiXpZiH7Z7Wja39rWKPyypH1h71Sccy1rSWrcEVHLC9swtLcB4dzt2JvVdXQ37pmEElfusY0yEb/y0W20vxNArDy035gCXdhUyP65NfrlhcAXoiKQaayL3NO81vBLP+X9+zgKsAV/eINPzM3gsF12QJaaQSL6CIlIF7qdwX8GZwoIg60rE2ogR0XxLcN9CGdMMuILpB9UsSOoPNwgMZd3KIwEB2LJabLKtUwuyKuA0iF6ZwHSghpnkxAIkIGFsbIxslvgCLkVihoSR97lhFpOJbC6n8u408wLD6qxoS6IRAXbIbErkyNyrt9PvbwSiHyWRjF8APCZD2WuQ22GmfBK0t6lM2hF8q7vRKN+SFOvLpql6NFT4n8/Odfr7i+4JqJahRH33RnDqYtRiqgqSSZtq3DOn1aYCivfEMKZrVxP+c6COqpPELDpjBfGWjLhqE/rV48N9x7UZNQKflBlMtaGnB1uEcVuMuZfTRFYQLqYs2p8f5vVXXWF7vSP9mBSHB3oz0seEfLd65y2hppF3J/8F/+QlAyGDrAZFhCYYMRE4eY2dy2cxLNP2M9tGVZMXQSNfys5cDnkYZzvofK7b2scgC9HcCUmBKv8ZxoSa4qyIOzH9XJupY4rlemlJbJQ9paXgAiiTdvLPcncVVnlCPRbEngCDKvoplVnzH9Hd6mIgRCZLyyIeAR8FwikGuZEuQETWanbe4S60KdMpofGM/ysz6eD67q9iVKL1zHCDtpzYQAhKurFUfgcxNOXnWYi8MWdRY9CAvIUJgRgg+IHOV76Nl8ljV6wpgn0qFR0IoQPblI3W8zJ4UASSgvUkf0meR9KLN3pA1D/AnYxi+Zblcz6SuXqBBARkXfW84iJOVanbNxyZpJDEnio6cJmNXX8VJxP0zqlA80FpcMNAvNOYsKx5yEwx3MEAlP7lLU35xgMx/BOgErf9f8XfbxINXPH0an+xQqAm99gbaKamflNQqpXXV+1ViWVWlx7xwqSUq0qy7A2sjs6prZRTR1sTt4i7MONEaRN65zgaPtL8zbO3BCbUecUdzCTmBy/XVnfa2krF8dN4LjBs6/ZswW/KYqc8TU6udiCb6Y1H9kXKsg3l9/5+ftcFB/YC6LzS9ynpOYhw12BJtjEuIuwiKa5J/UTp3IULQDZ2rCKBL09GT1/DGwB5AU8Dc9E9X2OOvWowme/eyYiiX9q+B9yLMYxP6rTsq7vJ8cjwnNRCz8UJbVzTlM9MwntUnyqv1L8E8xD438m0P+soqOc99NwXsuM/aJ6ndctfFNwHYfuau7BJrMRPfjc65yMiayfCxUJmnAsp309ODNS9D6VZkf/l5cBzbd+9xsnK/WA8I7f9bTZgi2/HSNOdEAlwBfRZXrLQAbeixG4qNmRqtOjILYkSkb13Ug/Yx+IFlMIgTxiZzXMduxbloNQU4VqEVY6Qrogu4qlaCWsqICX0SabXFZXUFUHgwswkNqV0G8977QSFTyYkMNr7FZTuFegYjzZZHaOtCJ/2FAJFX/e76rWcoz8GK7lsEqvQnCrqDfGtaSDF0LcJojKXEFg2E6rwENuMumdDJzkHj5dFzGdsf2ogeHqB2+sKpaHAgVjWzfk8CevSKnPDR/6UMhNoi2luW+xbV/DmDLJ5GzO6uGdcSmaQsFcNuFsuQZkC/q3zTf/TqbfH/V/eXR6YS0Etn73/xwVh9b59KazNb7JJ+rXahVHP3aUWocpu7/92Qwh/Odf3qGBJ/KT4a2VWYfBXLq6N0H8g1SI/aRJIAe3JCq2j+ln1PRegcqmwFqJpwp3TebdJEroCZU63Cl6vXm0XHm75MVXz7kYXBnOWeYv63oVyCvRc/yoOTBsCYPiyRxaoLXHUI2e0zCrbSAmAmb5WOUqxq4dJKGZXYYzHlR+aAjBbqmLFyCm92DW0sWlXPBhEeXysOK6IP8NEHatdyCnkpiHsQZyuBITw==,iv:Ooq6tK6nMGuRFJ1ElGCJhOMQVyMNtGBSguQVFSm71fA=,tag:iJviKci+i3tif+sH8UxRZg==,type:str]
extraHosts: ENC[AES256_GCM,data:YRHvHINgAQv4z+8awMzHY1uZS/K9qSaFsk8G5J2zF5P5YOt4x62eefXgmhWeKZzJI5AIi0312iMQl5qGv+lAkP+VC7j/h1rh7peBDEBU6LvcMgFU2XqxidM/CoKfMkJF8+/4bb+3r1LC/rEeXITTUQsOmoacdyCeKe5yxLaHyic/FaZIJq13wCg/QQSLfenc2Db0Pbxv5/cbRILhKT+ssElVipA40aZpgL7QmD542vObSEa6K4fZd0rawF/nOyibfpPN7Ak8DrYvfygNMw/QAGKY2XosxC86tjxhrIBHRakqmWpV+smoUO6XBFjU2sbwalafYVFdrvYL9BVAPtMZ25Sc5QMm87RCHqzqYdQHKs8C3JpVBHWnyL+0e5DNQrFrml0/FD5nFYsT6zDKVb/rN3YmxvTvKl7FpPKpv3Kke9WG+HnPs90hPy8Jpmg52vLMhaybx6dpJxzcF+ctBSI3J78hfweOCGvNGshCKpME1dujMPctH/kfYcm2j/ixKLjl0ZSbYeI9+l9oURBDwKzmKjAqhwnjuo3sL++ZsRU5Ue1zz9gsxS40R9eYevbq7JiQPX331pY2du1SRoKOxvPpXsDqe+CY5pW2RgPszjEIuDxyoveZolXg/zjlk0Ic/cOxrbflp7bTfQCQqEC7YJ5tRmtctk2lRGQkOFIg9Tn8ReifFxfhDrPFzc8X5vZgH73aqZSd/OkVybI3vEILV5uas0fPL7AHAKnBmeDV3mBNvF8aoZhD5CG8iRd1otta/3AQ660QV8IDoauq8fySC8Kee5B3kG75sqHvwF4Gu6CpSChXkjpiIqVmW0PntJueVHifuGJYkvhkX/CTHK7xm1HhtANnGrk6cr2APjWk1vpOaCmjFNqKTOV9d1HjaNWYTz4AZ+Uq2Za3UzN3oZCtZb96,iv:Z64+4oR/AfSgA7oZ/NPDLOtcmcXO5B4OQIGjOEK1Pf4=,tag:0I/1gXnBH7u6HTbQUz5Fpw==,type:str]
mopidy:
spotify: ENC[AES256_GCM,data:SaDT0iSWhsgVOi1s+Nzbr0Mur3t2Zd9z/KIUshGWtbPfkXXIoiJeJFtoZIz5NL/t5FooYsNfU1mGYgDeVYSD4BPibW8hiCYrX6L6OX+Q6ZEWXXx/1eBEs2/q0BrWGvy7frcurq/Px4R3ax0dXJe/YKbpAtU7+bQl,iv:F2zT+uMVBMnSEZqgcRmV8/fc3G/g2fKDuHuBzkyBRN0=,tag:CD8fuOQfe6QCrj4BUh0/xw==,type:str]
bandcamp: ENC[AES256_GCM,data:diEx2fbkOR1oUav81jU5bNt/KNmbOaVzLV+G3zBUVXE7nEQpZNqVom0rgNrEVDGzH3u/IaA5eqG5ce9lE0BomeY8Z4MWI1xujhX5KsXdv21aw4UwsNgyLPuWhkN2POUMfCJlvekc/TFfFvJHyysx8aKxeI4dsg==,iv:cxx0cVkjOPG+hMD8JctJHdcICJt7ozpfRBVSCDBo6Ro=,tag:JRjwwvieGaGZJ+k56HWFaw==,type:str]
emailPassword: ENC[AES256_GCM,data:LALAvyuNN9bfa8D6ZK1YiFXRfxLOBi9kXA0N0Kr7h18eAI4hWQ==,iv:WtidILFfWCMKylax52JP+X57GfZyYlxJtiwrC6SADik=,tag:NvOrsL3fbmxQZp06GZhUZA==,type:str]
ssh:
hosts: ENC[AES256_GCM,data:X/MrxeaqJnggoL9X8Y0+15A52FoihVRFp4vBZNr/QlJAKRn0B1eH6LI4wVzNokMbPUGlmYEElShy38ce+7EehL5HJcbwpEquvgQpLN2lZ4FhMLbW7yN3Q8DdZKqv4RNsm8vjuJPGwHGEVOhdvvnyM6IVpvLvMuH7MLJg4hLSArBzX7N0i5qg8piWI3pHqoPV4yO7kysSSF7D13HXen3fX+dbpBno/n0U+Xq8gcFyUKAqN6h65frkH2pyQcxIrCYcsFoJcU2jIzUY94xCSZZT7ocItzKD5YtVRki6F4Gh0/QgFeFcCn20Z0w8B7WvkjcR98FE+i5D9128uv2iiKEyeNaB4hc14dFCG4iZWW1KcSUojBnXHpFj22aByJaxjcFVg5BIVyde8L4hEinztWjNwbRzi1d9b34qeARcEzDQ3fwSNL/XFrlTvNZp565y/rPBLceksELewpWyX4Te3fuNOOw7hQqX3cjbGfw/FNuBVI/jnkEC+acGi23HnwmnDz87KCGZ738OAQ78F5awuoHnHhePvj0bUe3DTdW9Uj8amnaq1IeIu/BBcutewgez7ZHWamIWiOuVaZUISD6wrYk4pe5KqAZieUdotxbx7eihpw0ozEzQaNU3WBwQ8YxIyEnzcnsAihXCcgbm1/8FzWxghN3elA48UqVwaa4ZHK01l8+jD5yGjuCTCcpmSkVZBg8XrH7VWm+pZMCt3FRus3vFWq/iLsapIu6YSWG+mCYCjEK5hhbZs7ELxpdIzCw6Hiqm+P4nWVwA0ddbtSA7Rhu33CTKzdc0/KIQN78U0P+AsV0tVy7oLboIEZhpsj6XXYwQv5q9d0eJw/hibsqHdRb144Zn0hJDqxe/R+vCDk2iC3OYx5pG4oFbBG8V487QC67TG4Q+ztGCL8+W8+ZoVjK+atfA2LVHVWobFWNmqAE9CbVu8cbW3BhAtWrBZGgUMW5noFi64U411QEPS88odXtaqhUoN77rMhYCtVBxSSkGMWvwY2VZn6UvY8NZTExD5rJmDU9rRHmCNHq4WaAjxUg1rzwd4VO9CDnCf2gSeF466blpf2JEky8=,iv:0laLebvzVUMrKT30Jx/HaRS426PsWD3oFTesV4tnnDg=,tag:DApK5SSAriLib00FTz+jcg==,type:str]
hosts: ENC[AES256_GCM,data:j7+Ua5G8dePL5GO+Tf8+hnoJsSfKo2z4I0OcVfSyJ3dc6yyYZVho8iG9bqPAqVR5d7SJr391zCLMJp/jRDpDFLkzQB54udVKI8ob0C2w2xBznPZJsC7qZMptQ+n4IHO1ZROSi/vBadCUfEWKNO9e8gsroBYmliy/31M5IlA85Vx6q4Zx0qIFylfIhBDto3jD2DRcbjWP8NvjJcY7YLrN2sv8RR7QqX1q+0ZxpgFhg+W+a5Dz8JBVsPEdjNJqFAKAmUGKXf4bpEIS5lLUxxZweizEiWgo4nYJgA0kqVYEOiErOPgtpnBKiJlR+fLGuVwdGxVOUMvttZtyIgHc4CWgOJ0h67h4eVii+zeLn0GPJl3i2g5bjOArHKLfkKGduqii4n/1p9VvVTAOn5dj0/NtD2JNJF9kUDr1nMyMa1xA35gzv1vp/U55L6ZU/BRpBPzka6i8nGnCkDVdoUG0DKhN9ooXRpUS9L+W1iz480fzb6i/tfmlhx7Ms1T9VybYFkGLNkxnsrt5Oc24o0XD5/A1j8bJgNWo6aWSA748ZWtN0mXDzB5sH4TVtaZAGlyU9r/x5oCuWPN2qhZ8d2i7g5rceZW5ang/uyXNt8Le5cKvLw3Rhf4BTFhQ6+VJ4/SpdfnLZ17djjbwZO1DT5Nb0RUObcilcwbmUwqvmLbcrdmsfQMOcetRwFpIdoX6MjkRiC1WZ4cz8bMU7ArnK/n15dsIdaiiUfuOJAiBYut1PaJBoZDe8pXzOE6U1s57sejUf1T7NHp2epyevCAYuVG71dAFLn1oLM+FWXuBm6ogFLujoFh7XCVVqdf6j348/ekzBxDIemzS4G1+zflG3AteLWcslGVTNmx0rb3GlSHGNVNZoeHvYAHIIEyWpY4Yd01R8RhjrFXQo9comnpoQXSlFDvuUGTxuUpsariAof4wKLdpqj8Dc4ZaDvd1pAGVh7RBqR4rn4kClbWUVcSFy7QWs9T5Sw0fU/bLL76N6x9Y44P5NQLAJvZ0z8rhIPl0u8OwIhhEwkhWdFLSulk/N7+DVqrRpj7bB5hB8jZWspsl44IdiZWY3UPs7zs=,iv:3q4FYxDWPGyMqeKoSTRxSPvqZXzwg/NeHZh70d38HYM=,tag:jA8/5yi74/mOuu/b83WEeg==,type:str]
sops:
age:
- recipient: age1ajemtm502nn2n4q7v4j8meyd5mxtcqngkkedxq2pqzuwu78zp93qnw8q48
@@ -61,7 +65,7 @@ sops:
QmJKNDJUY0RSakhwNWlkOVpib0trc1kK0tQxD9I82pjfs54eruu+IjzVUmcVBCPw
9mp1xKiYRRMXt3YQn6MPiyuuX3l3UB5MH0RJMNtRq0D961rs+iiS5A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-06T19:20:04Z"
mac: ENC[AES256_GCM,data:59Mu6RlGEXV7BsNsX0yIr/zUgl9gvk77o2moF4D7GgPwllSVFLRB8Y3LvE7+NXLIjLj19nrK6b99CiH08NmWhSBO37+xXU/eYQ/W2wIEVIxfmhVcF9ePIZPwVuegLZ707S8jZDOcYzPOQuURe9hhbxJJPgHzzPzYoh7yushYUME=,iv:h6DCciUZtRMZFGB7PMfg4xnOWxyKQS/vfnOG1tqVfrI=,tag:q65pnHbLcUG+Gxo7K3Ca1w==,type:str]
lastmodified: "2025-11-02T00:42:02Z"
mac: ENC[AES256_GCM,data:0rYURFETR06JRNY/vE89jEI+dovFNxsjSOalf1Id3H+yzl4UYdsHN1T3mD1EfssFwCloBxOo+188RkUe7JlNV7hC+tvO3nBrDNuqjzFBQu/IHEz+nTI3mwB7ZsywubvFMG65dohM8H9hB2bUXSSqtEUpFEiz7Ugn2BfGyex4BbI=,iv:vFJk6mz60d6CzSetd+bNvxTEWfGBPaBS4sYj/AiYbq4=,tag:2nHBGQ5P3mxLyzllvstBqg==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2
version: 3.11.0

14
modules/boot.nix → system/boot/boot.nix
View File

@@ -5,10 +5,16 @@
...
}:
with lib; let
cfg = config.modules.boot;
cfg = config.mySystem.boot;
in {
options.modules.boot = {
amdgpu.enable = mkEnableOption "Enables an AMD GPU configuration";
options.mySystem.boot = {
extraModprobeConfig = mkOption {
type = types.lines;
default = "";
example = ''
options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1
'';
};
kernel = {
package = mkOption {
type = types.raw;
@@ -45,7 +51,7 @@ in {
};
config.boot = {
initrd.kernelModules = lists.optional cfg.amdgpu.enable "amdgpu";
initrd.kernelModules = lists.optional config.mySystem.hardware.amdgpu.enable "amdgpu";
loader = {
systemd-boot.enable = cfg.systemd-boot;
efi.canTouchEfiVariables = cfg.systemd-boot;

7
system/boot/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{
imports = [
./boot.nix
./plymouth.nix
./zram.nix
];
}

4
modules/plymouth.nix → system/boot/plymouth.nix
View File

@@ -5,9 +5,9 @@
...
}:
with lib; let
cfg = config.modules.boot.plymouth;
cfg = config.mySystem.boot.plymouth;
in {
options.modules.boot.plymouth.enable = mkEnableOption "Enables Plymouth at system boot";
options.mySystem.boot.plymouth.enable = mkEnableOption "Enables Plymouth at system boot";
config.boot = mkIf cfg.enable {
plymouth = {
inherit (cfg) enable;

21
system/boot/zram.nix Normal file
View File

@@ -0,0 +1,21 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.boot.zram;
in {
options.mySystem.boot.zram = {
enable = mkEnableOption "Enable ZRAM";
memoryMax = mkOption {
type = types.int;
example = "512";
description = "Maximum size allocated to ZRAM in MiB";
};
};
config.zramSwap = mkIf cfg.enable {
inherit (cfg) enable;
memoryMax = cfg.memoryMax * 1024 * 1024;
};
}

40
system/default.nix Normal file
View File

@@ -0,0 +1,40 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.misc;
in {
imports = [
./boot
./desktop
./dev
./hardware
./i18n
./network
./packages
./security
./services
./users
];
options.mySystem.misc = {
timezone = mkOption {
type = types.str;
default = "Europe/Paris";
};
keymap = mkOption {
type = types.str;
default = "fr";
example = "fr-bepo";
description = "Keymap to use in the TTY console";
};
};
config = {
boot.tmp.cleanOnBoot = true;
time.timeZone = cfg.timezone;
console.keyMap = cfg.keymap;
};
}

8
system/desktop/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{
imports = [
./hyprland.nix
./niri.nix
./waydroid.nix
./xserver.nix
];
}

4
programs/hyprland.nix → system/desktop/hyprland.nix
View File

@@ -4,9 +4,9 @@
...
}:
with lib; let
cfg = config.modules.hyprland;
cfg = config.mySystem.desktop.hyprland;
in {
options.modules.hyprland.enable = mkEnableOption "Enables Hyprland";
options.mySystem.desktop.hyprland.enable = mkEnableOption "Enables Hyprland";
config.programs.hyprland = mkIf cfg.enable {
inherit (cfg) enable;
withUWSM = true;

13
system/desktop/niri.nix Normal file
View File

@@ -0,0 +1,13 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.mySystem.desktop.niri;
in {
options.mySystem.desktop.niri.enable = mkEnableOption "Enables Niri";
config.programs.niri = mkIf cfg.enable {
inherit (cfg) enable;
};
}

15
system/desktop/waydroid.nix Normal file
View File

@@ -0,0 +1,15 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.mySystem.desktop.waydroid;
in {
options.mySystem.desktop.waydroid.enable = mkEnableOption "Enables Waydroid";
config = mkIf cfg.enable {
virtualisation.waydroid.enable = cfg.enable;
environment.systemPackages = [pkgs.waydroid-helper];
};
}

12
modules/xserver.nix → system/desktop/xserver.nix
View File

@@ -4,10 +4,10 @@
...
}:
with lib; let
cfg = config.modules.xserver;
cfg = config.mySystem.desktop.xserver;
in {
options.modules.xserver = {
amdgpu.enable = mkEnableOption "Enables AMD GPU support";
options.mySystem.desktop.xserver = {
enable = mkEnableOption "Enables xserver";
de = mkOption {
type = types.enum ["gnome" "kde"];
default = "gnome";
@@ -15,7 +15,7 @@ in {
description = "Which DE to enable";
};
};
config.services = {
config.services = mkIf cfg.enable {
displayManager = {
sddm.enable = mkIf (cfg.de == "kde") true;
gdm.enable = mkIf (cfg.de == "gnome") true;
@@ -34,8 +34,8 @@ in {
};
xserver = {
enable = true;
videoDrivers = lists.optional cfg.amdgpu.enable "amdgpu";
inherit (cfg) enable;
videoDrivers = lists.optional config.mySystem.hardware.amdgpu.enable "amdgpu";
xkb = {
layout = "fr";
variant = "bepo_afnor";

3
system/dev/default.nix Normal file
View File

@@ -0,0 +1,3 @@
{
imports = [./docker.nix ./qemu.nix];
}

20
modules/dev/docker.nix → system/dev/docker.nix
View File

@@ -1,21 +1,33 @@
{
lib,
config,
pkgs,
...
}:
with lib; let
cfg = config.modules.docker;
cfg = config.mySystem.dev.docker;
in {
options.modules.docker = {
options.mySystem.dev.docker = {
enable = mkEnableOption "Enable Docker";
extraDaemonSettings = mkOption {
type = types.nullOr (types.attrsOf types.str);
default = {};
example = {
data-root = "/custom/path";
};
};
podman.enable = mkEnableOption "Enable Podman rather than Docker";
nvidia.enable = mkEnableOption "Activate Nvidia support";
autoprune.enable = mkEnableOption "Enable autoprune";
};
config = {
virtualisation = {
docker = mkIf (cfg.enable && !cfg.podman.enable) {
environment.systemPackages = mkIf cfg.podman.enable [
pkgs.podman-desktop
pkgs.podman-compose
];
virtualisation = mkIf cfg.enable {
docker = mkIf (!cfg.podman.enable) {
enable = true;
enableNvidia = cfg.nvidia.enable;
autoPrune.enable = cfg.autoprune.enable;

33
system/dev/qemu.nix Normal file
View File

@@ -0,0 +1,33 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.mySystem.dev.qemu;
in {
options.mySystem.dev.qemu = {
enable = mkEnableOption "Enable QEMU";
users = mkOption {
type = types.listOf types.str;
default = ["phundrak"];
example = ["user1" "user2"];
};
};
config = mkIf cfg.enable {
programs.virt-manager.enable = true;
users.groups.libvirtd.members = cfg.users;
virtualisation = {
libvirtd.enable = true;
spiceUSBRedirection.enable = true;
};
environment.systemPackages = with pkgs; [
qemu
quickemu
swtpm
];
systemd.tmpfiles.rules = ["L+ /var/lib/qemu/firmware - - - - ${pkgs.qemu}/share/qemu/firmware"];
boot.binfmt.emulatedSystems = ["aarch64-linux"];
};
}

62
system/hardware/amdgpu.nix Normal file
View File

@@ -0,0 +1,62 @@
{
pkgs,
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.hardware.amdgpu;
in {
options.mySystem.hardware.amdgpu.enable = mkEnableOption "Enables an AMD GPU configuration";
config = mkIf cfg.enable {
hardware = {
graphics = {
enable = true;
enable32Bit = true;
extraPackages = with pkgs; [
mesa # Mesa drivers for AMD GPUs
rocmPackages.clr # common language runtime for ROCm
rocmPackages.clr.icd # ROCm ICD for OpenCL
rocmPackages.rocblas # ROCm BLAS library
rocmPackages.hipblas #
rocmPackages.rpp # High-performance computer vision library
nvtopPackages.amd # GPU utilization monitoring
];
};
amdgpu = {
initrd.enable = true;
opencl.enable = true;
};
};
environment.systemPackages = with pkgs; [
clinfo
amdgpu_top
nvtopPackages.amd
];
systemd = {
packages = with pkgs; [lact];
services.lactd.wantedBy = ["multi-user.target"];
tmpfiles.rules = let
rocmEnv = pkgs.symlinkJoin {
name = "rocm-combined";
paths = with pkgs.rocmPackages; [
clr
clr.icd
rocblas
hipblas
rpp
];
};
in [
"L+ /opt/rocm - - - - ${rocmEnv}"
];
};
environment.variables = {
ROCM_PATH = "/opt/rocm"; # Set ROCm path
HIP_VISIBLE_DEVICES = "1"; # Use only the eGPU (ID 1)
ROCM_VISIBLE_DEVICES = "1"; # Optional: ROCm equivalent for visibility
# LD_LIBRARY_PATH = "/opt/rocm/lib"; # Add ROCm libraries
HSA_OVERRIDE_GFX_VERSION = "10.3.0"; # Set GFX version override
};
};
}

14
system/hardware/bluetooth.nix Normal file
View File

@@ -0,0 +1,14 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.hardware.bluetooth;
in {
options.mySystem.hardware.bluetooth.enable = mkEnableOption "Enable bluetooth";
config = mkIf cfg.enable {
hardware.bluetooth.enable = cfg.enable;
services.blueman.enable = cfg.enable;
};
}

15
system/hardware/corne.nix Normal file
View File

@@ -0,0 +1,15 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.hardware.corne;
in {
options.mySystem.hardware.corne.allowHidAccess = mkEnableOption "Enable HID access to the corne keyboard";
config.services.udev = mkIf cfg.allowHidAccess {
extraRules = ''
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{serial}=="*vial:f64c2b3c*", MODE="0660", GROUP="users", TAG+="uaccess", TAG+="udev-acl"
'';
};
}

12
system/hardware/default.nix Normal file
View File

@@ -0,0 +1,12 @@
{lib, ...}:
{
imports = [
./amdgpu.nix
./bluetooth.nix
./corne.nix
./ibm-trackpoint.nix
./opentablet.nix
./sound.nix
];
hardware.enableRedistributableFirmware = lib.mkDefault true;
}

15
system/hardware/ibm-trackpoint.nix Normal file
View File

@@ -0,0 +1,15 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.hardware.ibmTrackpoint;
in {
options.mySystem.hardware.ibmTrackpoint.disable = mkEnableOption "Disable IBMs trackpoint on ThinkPad";
config.services.udev = mkIf cfg.disable {
extraRules = ''
ATTRS{name}=="*TPPS/2 IBM TrackPoint", ENV{ID_INPUT}="", ENV{ID_INPUT_MOUSE}="", ENV{ID_INPUT_POINTINGSTICK}=""
'';
};
}

14
system/hardware/opentablet.nix Normal file
View File

@@ -0,0 +1,14 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.hardware.opentablet;
in {
options.mySystem.hardware.opentablet.enable = mkEnableOption "Enables OpenTablet drivers";
config.hardware.opentabletdriver = mkIf cfg.enable {
inherit (cfg) enable;
daemon.enable = true;
};
}

23
modules/sound.nix → system/hardware/sound.nix
View File

@@ -5,10 +5,11 @@
...
}:
with lib; let
cfg = config.modules.sound;
cfg = config.mySystem.hardware.sound;
in {
options.modules.sound = {
options.mySystem.hardware.sound = {
enable = mkEnableOption "Whether to enable sounds with Pipewire";
scarlett.enable = mkEnableOption "Activate support for Scarlett sound card";
alsa = mkOption {
type = types.bool;
example = true;
@@ -29,12 +30,18 @@ in {
};
};
config.services.pipewire = mkIf cfg.enable {
enable = true;
alsa = mkIf cfg.alsa {
enable = mkDefault true;
support32Bit = mkDefault true;
config = {
environment.systemPackages = mkIf cfg.scarlett.enable [pkgs.alsa-scarlett-gui];
services.pipewire = mkIf cfg.enable {
enable = true;
alsa = mkIf cfg.alsa {
enable = mkDefault true;
support32Bit = mkDefault true;
};
jack.enable = mkDefault cfg.jack;
};
programs.noisetorch = mkIf cfg.enable {
inherit (cfg) enable;
};
jack.enable = mkDefault cfg.jack;
};
}

5
system/i18n/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{
imports = [
./locale.nix
];
}

0
modules/locale.nix → system/i18n/locale.nix
View File

6
system/network/default.nix Normal file
View File

@@ -0,0 +1,6 @@
{
imports = [
./networking.nix
./tailscale.nix
];
}

4
modules/networking.nix → system/network/networking.nix
View File

@@ -4,9 +4,9 @@
...
}:
with lib; let
cfg = config.modules.networking;
cfg = config.mySystem.networking;
in {
options.modules.networking = with types; {
options.mySystem.networking = with types; {
hostname = mkOption {
type = str;
example = "gampo";

16
system/network/tailscale.nix Normal file
View File

@@ -0,0 +1,16 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.network.tailscale;
in {
options.mySystem.network.tailscale = {
enable = mkOption {
type = types.bool;
default = true;
};
};
config.services.tailscale.enable = cfg.enable;
}

4
modules/appimage.nix → system/packages/appimage.nix
View File

@@ -4,9 +4,9 @@
...
}:
with lib; let
cfg = config.modules.appimage;
cfg = config.mySystem.packages.appimage;
in {
options.modules.appimage.enable = mkEnableOption "Enables AppImage support";
options.mySystem.packages.appimage.enable = mkEnableOption "Enables AppImage support";
config.programs.appimage = mkIf cfg.enable {
inherit (cfg) enable;
binfmt = true;

15
system/packages/default.nix Normal file
View File

@@ -0,0 +1,15 @@
{pkgs, ...}: {
imports = [
./appimage.nix
./flatpak.nix
./nano.nix
./nix.nix
./steam.nix
];
environment.systemPackages = with pkgs; [
curl
openssl
wget
];
}

22
system/packages/flatpak.nix Normal file
View File

@@ -0,0 +1,22 @@
{
pkgs,
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.packages.flatpak;
in {
options.mySystem.packages.flatpak = {
enable = mkEnableOption "Enable Flatpak support";
builder.enable = mkEnableOption "Enable Flatpak builder";
};
config = {
services.flatpak = mkIf cfg.enable {
inherit (cfg) enable;
};
environment.systemPackages = mkIf cfg.builder.enable [
pkgs.flatpak-buildR
];
};
}

0
programs/nano.nix → system/packages/nano.nix
View File

19
modules/nix.nix → system/packages/nix.nix
View File

@@ -4,10 +4,11 @@
...
}:
with lib; let
cfg = config.modules.nix;
cfg = config.mySystem.packages.nix;
in {
options.modules.nix = {
disableSandbox = mkEnableOption "Disables Nix sandbox";
options.mySystem.packages.nix = {
allowUnfree = mkEnableOption "Enable unfree packages";
disableSandbox = mkEnableOption "Disable Nix sandbox";
gc = {
automatic = mkOption {
type = types.bool;
@@ -22,17 +23,27 @@ in {
default = "--delete-older-than 30d";
};
};
nix-ld.enable = mkEnableOption "Enable unpatched binaries support";
trusted-users = mkOption {
type = types.listOf types.str;
example = ["alice" "bob"];
default = [];
};
};
config = {
nix = {
inherit (cfg) gc;
settings = {
inherit (cfg) trusted-users;
sandbox = cfg.disableSandbox;
experimental-features = ["nix-command" "flakes"];
auto-optimise-store = true;
};
inherit (cfg) gc;
};
nixpkgs.config.allowUnfree = true;
programs = {
inherit (cfg) nix-ld;
};
};
}

34
system/packages/steam.nix Normal file
View File

@@ -0,0 +1,34 @@
{
pkgs,
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.programs.steam;
in {
options.mySystem.programs.steam.enable = mkEnableOption "Enables Steam and Steam hardware";
config = mkIf cfg.enable {
programs = {
steam = {
inherit (cfg) enable;
protontricks.enable = true;
remotePlay.openFirewall = true;
localNetworkGameTransfers.openFirewall = true;
gamescopeSession.enable = true;
extraCompatPackages = [pkgs.proton-ge-bin];
};
gamescope = {
enable = true;
capSysNice = true;
args = [
"--rt"
"--expose-wayland"
];
};
};
hardware.steam-hardware = {
inherit (cfg) enable;
};
};
}

5
system/security/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{
imports = [
./sops.nix
];
}

2
modules/sops.nix → system/security/sops.nix
View File

@@ -1,6 +1,6 @@
{
sops = {
defaultSopsFile = ../secrets/secrets.yaml;
defaultSopsFile = ../../secrets/secrets.yaml;
defaultSopsFormat = "yaml";
age = {
# automatically import user SSH keys as age keys

38
system/services/calibre.nix Normal file
View File

@@ -0,0 +1,38 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.mySystem.services.calibre;
in {
options.mySystem.services.calibre = {
enable = mkEnableOption "Enable Calibre Web";
user = mkOption {
type = types.str;
default = "phundrak";
};
group = mkOption {
type = types.str;
default = "users";
};
dataDir = mkOption {
type = types.str;
example = "/tank/calibre/conf";
default = "/tank/calibre/conf";
};
library = mkOption {
type = types.str;
example = "/tank/calibre/library";
default = "/tank/calibre/library";
};
};
config.services.calibre-web = mkIf cfg.enable {
inherit (cfg) enable user dataDir group;
options = {
calibreLibrary = cfg.library;
enableBookConversion = true;
enableBookUploading = true;
};
};
}

14
system/services/default.nix Normal file
View File

@@ -0,0 +1,14 @@
{
imports = [
./calibre.nix
./endlessh.nix
./fwupd.nix
./jellyfin.nix
./languagetool.nix
./plex.nix
./printing.nix
./ssh.nix
./sunshine.nix
./traefik.nix
];
}

4
modules/endlessh.nix → system/services/endlessh.nix
View File

@@ -4,9 +4,9 @@
...
}:
with lib; let
cfg = config.modules.endlessh;
cfg = config.mySystem.services.endlessh;
in {
options.modules.endlessh = {
options.mySystem.services.endlessh = {
enable = mkEnableOption "Enables endlessh.";
port = mkOption {
type = types.port;

13
system/services/fwupd.nix Normal file
View File

@@ -0,0 +1,13 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.services.fwupd;
in {
options.mySystem.services.fwupd.enable = mkEnableOption "Enable fwupd";
config.services.fwupd = mkIf cfg.enable {
inherit (cfg) enable;
};
}

28
system/services/jellyfin.nix Normal file
View File

@@ -0,0 +1,28 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.mySystem.services.jellyfin;
in {
options.mySystem.services.jellyfin = {
enable = mkEnableOption "Enable Jellyfin";
dataDir = mkOption {
type = types.str;
default = "/tank/jellyfin/data";
example = "/tank/jellyfin/data";
};
user = mkOption {
type = types.str;
default = "phundrak";
};
group = mkOption {
type = types.str;
default = "users";
};
};
config.services.jellyfin = mkIf cfg.enable {
inherit (cfg) enable group user dataDir;
};
}

20
system/services/languagetool.nix Normal file
View File

@@ -0,0 +1,20 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.mySystem.services.languagetool;
in {
options.mySystem.services.languagetool = {
enable = mkEnableOption "Enables languagetool";
port = mkOption {
type = types.port;
default = 8081;
example = 80;
};
};
config.services.languagetool = mkIf cfg.enable {
inherit (cfg) enable port;
};
}

35
system/services/plex.nix Normal file
View File

@@ -0,0 +1,35 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.services.plex;
in {
options.mySystem.services.plex = {
enable = mkEnableOption "Enable Plex";
group = mkOption {
type = types.str;
default = "users";
example = "users";
description = "Group under which Plex runs";
};
dataDir = mkOption {
type = types.str;
example = "/tank/plex-config";
};
user = mkOption {
type = types.str;
default = "phundrak";
};
};
config = {
services.plex = mkIf cfg.enable {
inherit (cfg) enable user group dataDir;
openFirewall = cfg.enable;
};
boot.kernel.sysctl = {
"kernel.unprivileged_userns_clone" = 1;
};
};
}

13
system/services/printing.nix Normal file
View File

@@ -0,0 +1,13 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.mySystem.services.printing;
in {
options.mySystem.services.printing.enable = mkEnableOption "Enable printing with CUPS";
config.services.printing = mkIf cfg.enable {
inherit (cfg) enable;
};
}

6
modules/ssh.nix → system/services/ssh.nix
View File

@@ -4,9 +4,9 @@
...
}:
with lib; let
cfg = config.modules.ssh;
cfg = config.mySystem.services.ssh;
in {
options.modules.ssh = {
options.mySystem.services.ssh = {
enable = mkEnableOption "Enables OpenSSH";
allowedUsers = mkOption {
type = types.listOf types.str;
@@ -20,7 +20,7 @@ in {
};
};
config.services.openssh = mkIf cfg.enable {
enable = true;
inherit (cfg) enable;
settings = {
AllowUsers = cfg.allowedUsers;
PermitRootLogin = "no";

48
system/services/sunshine.nix Normal file
View File

@@ -0,0 +1,48 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.mySystem.services.sunshine;
in {
options.mySystem.services.sunshine = {
enable = mkEnableOption "Enables Sunshine";
autostart = mkEnableOption "Enables autostart";
};
config.services.sunshine = mkIf cfg.enable {
inherit (cfg) enable;
autoStart = cfg.autostart;
capSysAdmin = true;
openFirewall = true;
settings.sunshine_name = config.mySystem.networking.hostname;
applications.apps = [
{
name = "Desktop";
image-path = "desktop.png";
}
{
name = "Low Res Desktop";
image-path = "desktop.png";
}
{
name = "Steam Big Picture";
detached = ["setsid steam steam://open/bigpicture"];
prep-cmd = {
do = "";
undo = "setsid steam steam://close/bigpicture";
};
image-path = "steam.png";
}
{
name = "OpenTTD";
cmd = "openttd";
image-path = "/home/phundrak/.config/sunshine/covers/igdb_18074.png";
}
{
name = "OpenMW";
cmd = "openmw";
}
];
};
}

65
system/services/traefik.nix Normal file
View File

@@ -0,0 +1,65 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.mySystem.services.traefik;
in {
options.mySystem.services.traefik = {
enable = mkEnableOption "Enable Traefikse";
email = mkOption {
type = types.str;
default = "lucien@phundrak.com";
example = "admin@example.com";
};
envFiles = mkOption {
type = types.listOf types.path;
example = ["/run/secrets/traefik.env"];
default = [];
};
dynConf = mkOption {
type = types.path;
example = "/var/traefik/dynamic.yaml";
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [80 443];
services.traefik = {
inherit (cfg) enable;
environmentFiles = cfg.envFiles;
dynamicConfigFile = cfg.dynConf;
staticConfigOptions = {
log = {
level = "WARN";
filePath = "/var/log/traefik/traefik.log";
};
accessLog.filePath = "/var/log/traefik/access.log";
api.dashboard = true;
entryPoints = {
web = {
address = ":80";
http.redirections.entryPoint = {
to = "websecure";
scheme = "https";
};
};
websecure.address = ":443";
};
certificatesResolvers.cloudflare.acme = {
inherit (cfg) email;
storage = "/var/lib/traefik/acme.json";
dnsChallenge = {
provider = "cloudflare";
resolvers = ["1.1.1.1:53" "1.0.0.1:53"];
propagation.delayBeforeChecks = 60;
};
};
providers.docker = {
endpoint = "unix:///var/run/docker.sock";
exposedByDefault = false;
};
};
};
};
}

5
system/users/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{
imports = [
./phundrak.nix
];
}

13
modules/users.nix → system/users/phundrak.nix
View File

@@ -5,14 +5,11 @@
...
}:
with lib; let
cfg = config.modules.users;
cfg = config.mySystem.users;
in {
options.modules.users = {
options.mySystem.users = {
root.disablePassword = mkEnableOption "Disables root password";
phundrak = mkOption {
type = types.bool;
default = true;
};
phundrak.enable = mkEnableOption "Enables users phundrak";
};
config = {
@@ -21,12 +18,12 @@ in {
hashedPassword = mkIf cfg.root.disablePassword "*";
shell = pkgs.zsh;
};
phundrak = {
phundrak = mkIf cfg.phundrak.enable {
isNormalUser = true;
description = "Lucien Cartier-Tilet";
extraGroups = ["networkmanager" "wheel" "docker" "dialout" "podman"];
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = lib.filesystem.listFilesRecursive ./keys;
openssh.authorizedKeys.keyFiles = lib.filesystem.listFilesRecursive ../../keys;
};
};
programs.zsh.enable = true;

5
users/modules/bat.nix → users/modules/cli/bat.nix
View File

@@ -5,9 +5,9 @@
...
}:
with lib; let
cfg = config.modules.bat;
cfg = config.home.cli.bat;
in {
options.modules.bat.extras = mkEnableOption "Enables extra packages for bat.";
options.home.cli.bat.extras = mkEnableOption "Enables extra packages for bat.";
config.programs.bat = {
enable = true;
config = {
@@ -19,7 +19,6 @@ in {
extraPackages = mkIf cfg.extras (with pkgs.bat-extras; [
batman
batpipe
batgrep
]);
};
}

0
users/modules/btop.nix → users/modules/cli/btop.nix
View File

29
users/modules/cli/default.nix Normal file
View File

@@ -0,0 +1,29 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.home.cli;
in {
imports = [
./bat.nix
./btop.nix
./direnv.nix
./eza.nix
./mu.nix
./nh.nix
./nix-index.nix
./scripts
./tealdeer.nix
./yt-dlp.nix
];
options.home.cli.fullDesktop = mkEnableOption "Enable all optional modules and options";
config.home.cli = {
bat.extras = mkDefault cfg.fullDesktop;
mu.enable = mkDefault cfg.fullDesktop;
scripts.enable = mkDefault cfg.fullDesktop;
yt-dlp.enable = mkDefault cfg.fullDesktop;
};
}

0
users/modules/direnv.nix → users/modules/cli/direnv.nix
View File

0
users/modules/eza.nix → users/modules/cli/eza.nix
View File

11
users/modules/cli/mu.nix Normal file
View File

@@ -0,0 +1,11 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.home.cli.mu;
in {
options.home.cli.mu.enable = mkEnableOption "Enable mu";
config.programs.mu.enable = cfg.enable;
}

4
users/modules/nh.nix → users/modules/cli/nh.nix
View File

@@ -4,9 +4,9 @@
...
}:
with lib; let
cfg = config.modules.nh;
cfg = config.home.cli.nh;
in {
options.modules.nh.flake = mkOption {
options.home.cli.nh.flake = mkOption {
type = types.path;
default = "/home/phundrak/.dotfiles";
example = "/etc/nixos";

10
users/modules/cli/nix-index.nix Normal file
View File

@@ -0,0 +1,10 @@
{inputs, ...}: {
imports = [
inputs.nix-index-database.homeModules.nix-index
];
programs = {
nix-index.enable = true;
nix-index-database.comma.enable = true;
};
}

0
users/scripts/askpass.nix → users/modules/cli/scripts/askpass.nix
View File

0
users/scripts/backup.nix → users/modules/cli/scripts/backup.nix
View File

15
users/modules/cli/scripts/default.nix Normal file
View File

@@ -0,0 +1,15 @@
{
pkgs,
lib,
config,
...
}:
with lib; let
cfg = config.home.cli.scripts;
files = filesystem.listFilesRecursive ./.;
scriptFiles = builtins.filter (path: baseNameOf path != "default.nix") files;
scripts = map (file: (import file {inherit pkgs config;})) scriptFiles;
in {
options.home.cli.scripts.enable = mkEnableOption "Add custom scripts to PATH";
config.home.packages = mkIf cfg.enable scripts;
}

0
users/scripts/keygen.nix → users/modules/cli/scripts/keygen.nix
View File

4
users/scripts/launch-with-emacsclient.nix → users/modules/cli/scripts/launch-with-emacsclient.nix
View File

@@ -1,10 +1,10 @@
{
pkgs,
emacsPackage,
config,
...
}:
pkgs.writeShellScriptBin "launch-with-emacsclient" ''
filename="$1"
line="$2"
column="$3"
${emacsPackage}/bin/emacsclient +$line:$column "$filename"''
${config.home.dev.editors.emacs.package}/bin/emacsclient +$line:$column "$filename"''

0
users/scripts/mp42webm.nix → users/modules/cli/scripts/mp42webm.nix
View File

0
users/scripts/plock.nix → users/modules/cli/scripts/plock.nix
View File

0
users/scripts/rofi-emoji.nix → users/modules/cli/scripts/rofi-emoji.nix
View File

0
users/scripts/screenshot.nix → users/modules/cli/scripts/screenshot.nix
View File

0
users/scripts/sshbind.nix → users/modules/cli/scripts/sshbind.nix
View File

0
users/scripts/ytplay.nix → users/modules/cli/scripts/ytplay.nix
View File

0
users/modules/tealdeer.nix → users/modules/cli/tealdeer.nix
View File

18
users/modules/cli/yt-dlp.nix Normal file
View File

@@ -0,0 +1,18 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.home.cli.yt-dlp;
in {
options.home.cli.yt-dlp.enable = mkEnableOption "Enable yt-dlp";
config.programs.yt-dlp = mkIf cfg.enable {
inherit (cfg) enable;
settings = {
embed-thumbnail = true;
embed-subs = true;
sub-langs = "all";
};
};
}

34
users/modules/default.nix
View File

@@ -1,17 +1,29 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.home;
in {
imports = [
./basics.nix
./bat.nix
./btop.nix
./direnv.nix
./eza.nix
./gpg.nix
./mopidy.nix
./nh.nix
./nix-index.nix
./cli
./desktop
./dev
./media
./services
./security
./shell
./ssh.nix
./tealdeer.nix
./vcs
];
options.home.fullDesktop = mkEnableOption "Enable most modules";
config.home = {
cli.fullDesktop = mkDefault cfg.fullDesktop;
desktop.fullDesktop = mkDefault cfg.fullDesktop;
dev.fullDesktop = mkDefault cfg.fullDesktop;
media.fullDesktop = mkDefault cfg.fullDesktop;
security.fullDesktop = mkDefault cfg.fullDesktop;
services.fullDesktop = mkDefault cfg.fullDesktop;
};
}

32
users/modules/desktop/default.nix Normal file
View File

@@ -0,0 +1,32 @@
{
lib,
config,
...
}:
with lib; let
cfg = config.home.desktop;
in {
imports = [
./emoji.nix
./eww.nix
./hyprland.nix
./kdeconnect.nix
./kitty.nix
./obs.nix
./qt.nix
./swaync.nix
./waybar.nix
./wlsunset.nix
./wofi.nix
];
options.home.desktop.fullDesktop = mkEnableOption "Enable options for graphical environments";
config.home.desktop = {
eww.enable = mkDefault cfg.fullDesktop;
hyprland.enable = mkDefault cfg.fullDesktop;
kdeconnect.enable = mkDefault cfg.fullDesktop;
kitty.enable = mkDefault cfg.fullDesktop;
obs.enable = mkDefault cfg.fullDesktop;
qt.enable = mkDefault cfg.fullDesktop;
};
}

0
users/modules/emoji.nix → users/modules/desktop/emoji.nix
View File

0
users/modules/eww-config/eww.scss → users/modules/desktop/eww-config/eww.scss
View File

0
users/modules/eww-config/eww.yuck → users/modules/desktop/eww-config/eww.yuck
View File

0
users/modules/eww-config/test → users/modules/desktop/eww-config/test
View File

Some files were not shown because too many files have changed in this diff Show More