Call nixfmt for the first time

Signed-off-by: Ivan Bushchik <ivabus@ivabus.dev>
This commit is contained in:
Ivan Bushchik 2023-09-06 16:10:11 +03:00
parent 6c7e4a2946
commit 9de8497113
No known key found for this signature in database
GPG key ID: 2F16FBF3262E090C
35 changed files with 239 additions and 299 deletions

View file

@ -10,4 +10,4 @@
./stateless.nix ./stateless.nix
./user.nix ./user.nix
]; ];
} }

View file

@ -1,11 +1,8 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.my.git;
cfg = config.my.git;
in { in {
options = { options = { my.git.enable = lib.mkEnableOption "Enable git configuration"; };
my.git.enable = lib.mkEnableOption "Enable git configuration";
};
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
@ -22,4 +19,4 @@ in {
home.stateVersion = "23.05"; home.stateVersion = "23.05";
}; };
}; };
} }

View file

@ -1,7 +1,6 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.my.laptop;
cfg = config.my.laptop;
in { in {
options = { options = {
my.laptop.enable = lib.mkEnableOption "Laptop-specific configuration"; my.laptop.enable = lib.mkEnableOption "Laptop-specific configuration";
@ -9,9 +8,7 @@ in {
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
networking.wireless.iwd.enable = true; networking.wireless.iwd.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ lm_sensors ];
lm_sensors
];
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
services.blueman.enable = true; services.blueman.enable = true;

View file

@ -4,10 +4,10 @@
time.timeZone = "Europe/Moscow"; time.timeZone = "Europe/Moscow";
i18n.defaultLocale = "ru_RU.UTF-8"; i18n.defaultLocale = "ru_RU.UTF-8";
console = { console = {
font = "${pkgs.terminus_font}/share/consolefonts/ter-u24b.psf.gz"; font = "${pkgs.terminus_font}/share/consolefonts/ter-u24b.psf.gz";
keyMap = "us"; keyMap = "us";
packages = with pkgs; [ terminus_font ]; packages = with pkgs; [ terminus_font ];
}; };
} }

View file

@ -16,10 +16,8 @@
}; };
# Used by systemd-resolved, not directly by resolv.conf. # Used by systemd-resolved, not directly by resolv.conf.
networking.nameservers = [ networking.nameservers =
"8.8.8.8#dns.google" [ "8.8.8.8#dns.google" "1.0.0.1#cloudflare-dns.com" ];
"1.0.0.1#cloudflare-dns.com"
];
networking.enableIPv6 = true; networking.enableIPv6 = true;
@ -37,7 +35,8 @@
}; };
services.chrony.enable = true; services.chrony.enable = true;
networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ]; networking.timeServers =
[ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
# Useful tools # Useful tools
boot.kernelModules = [ "af_packet" ]; boot.kernelModules = [ "af_packet" ];

View file

@ -4,14 +4,14 @@
services.openssh = { services.openssh = {
enable = true; enable = true;
settings.PasswordAuthentication = false; settings.PasswordAuthentication = false;
# Cute banner, r-right? # Cute banner, r-right?
banner = '' banner = ''
Authorized access only! Authorized access only!
If you are not authorized to access or use this system, disconnect now! If you are not authorized to access or use this system, disconnect now!
''; '';
}; };
} }

View file

@ -5,4 +5,4 @@
"vm.panic_on_oom" = true; "vm.panic_on_oom" = true;
"kernel.panic" = 3; "kernel.panic" = 3;
}; };
} }

View file

@ -1,7 +1,6 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let my = import ../.;
my = import ../.;
in rec { in rec {
users.mutableUsers = false; users.mutableUsers = false;
@ -33,15 +32,13 @@ in rec {
hashedPassword = my.secrets.hashed-password; hashedPassword = my.secrets.hashed-password;
}; };
users.users.root = { users.users.root = {
hashedPassword = null; hashedPassword = null;
openssh.authorizedKeys.keys = users.users.ivabus.openssh.authorizedKeys.keys; openssh.authorizedKeys.keys =
users.users.ivabus.openssh.authorizedKeys.keys;
}; };
programs.zsh = { programs.zsh = { enable = true; };
enable = true;
};
programs.gnupg.agent.enable = true; programs.gnupg.agent.enable = true;
programs.ssh.startAgent = true; programs.ssh.startAgent = true;

View file

@ -3,10 +3,5 @@ rec {
roles = import ./roles; roles = import ./roles;
secrets = import ./secrets.nix; secrets = import ./secrets.nix;
modules = { pkgs, ... }: { modules = { pkgs, ... }: { imports = [ common roles ]; };
imports = [
common
roles
];
};
} }

View file

@ -11,57 +11,50 @@
apple-silicon-support.url = "github:tpwrules/nixos-apple-silicon"; apple-silicon-support.url = "github:tpwrules/nixos-apple-silicon";
}; };
outputs =
{ self, nixpkgs, home-manager, apple-silicon-support, ... }@inputs: {
# Stella = Unchartevice 6540 (Ryzen 3 3250U, 16GB RAM)
nixosConfigurations."stella" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ home-manager.nixosModules.home-manager ./machines/stella ];
};
outputs = { self, nixpkgs, home-manager, apple-silicon-support, ... }@inputs: { # Vetus = iMac 27" 2017, i5, 64 GB RAM
# Stella = Unchartevice 6540 (Ryzen 3 3250U, 16GB RAM) nixosConfigurations."vetus" = nixpkgs.lib.nixosSystem {
nixosConfigurations."stella" = nixpkgs.lib.nixosSystem { system = "x86_64-linux";
system = "x86_64-linux"; modules = [ home-manager.nixosModules.home-manager ./machines/vetus ];
modules = [ };
home-manager.nixosModules.home-manager
./machines/stella
];
};
# Vetus = iMac 27" 2017, i5, 64 GB RAM # Celerrime = MacBook Air M2
nixosConfigurations."vetus" = nixpkgs.lib.nixosSystem { nixosConfigurations."celerrime" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "aarch64-linux";
modules = [ modules = [
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
./machines/vetus apple-silicon-support.nixosModules.apple-silicon-support
]; ./machines/celerrime
}; ];
};
# Celerrime = MacBook Air M2 # Raspberry Pi 4B 2GB RAM
nixosConfigurations."celerrime" = nixpkgs.lib.nixosSystem { nixosConfigurations."rubusidaeus" = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
home-manager.nixosModules.home-manager
apple-silicon-support.nixosModules.apple-silicon-support
./machines/celerrime
];
};
# Raspberry Pi 4B 2GB RAM
nixosConfigurations."rubusidaeus" = nixpkgs.lib.nixosSystem {
system = "aarch64-linux"; system = "aarch64-linux";
modules = [ modules = [
"${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
./machines/rubusidaeus ./machines/rubusidaeus
]; ];
}; };
/* These machines will be configured later. */ # These machines will be configured later.
/* /* # Effundam = MacBook Air M1 (server usage). Will not be added to flake.nix until thunderbolt and apfs proper support
# Effundam = MacBook Air M1 (server usage). Will not be added to flake.nix until thunderbolt and apfs proper support nixosConfigurations."effundam" = nixpkgs.lib.nixosSystem {
nixosConfigurations."effundam" = nixpkgs.lib.nixosSystem { system = "aarch64-linux";
system = "aarch64-linux"; modules = [
modules = [ home-manager.nixosModules.home-manager
home-manager.nixosModules.home-manager apple-silicon-support.nixosModules.apple-silicon-support
apple-silicon-support.nixosModules.apple-silicon-support ./machines/effundam
./machines/effundam ];
]; };
*/
}; };
*/
};
} }

View file

@ -1,10 +1,11 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
overlay = final: super: { overlay = final: super: {
makeModulesClosure = x: makeModulesClosure = x:
super.makeModulesClosure (x // { allowMissing = true; }); # Ignores missing kernel modules (can't build image without this fix) super.makeModulesClosure (x // {
allowMissing = true;
}); # Ignores missing kernel modules (can't build image without this fix)
}; };
in { in {

View file

@ -1,12 +1,8 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let my = import ../..;
my = import ../..;
in { in {
imports = [ imports = [ ./hardware.nix my.modules ];
./hardware.nix
my.modules
];
networking.hostName = "celerrime"; networking.hostName = "celerrime";
@ -28,9 +24,7 @@ in {
virtualisation.enable = false; virtualisation.enable = false;
yggdrasil-client.enable = true; yggdrasil-client.enable = true;
server = { server = { ivabus-dev.enable = true; };
ivabus-dev.enable = true;
};
}; };
networking.useDHCP = true; networking.useDHCP = true;
@ -40,9 +34,8 @@ in {
hardware.asahi.addEdgeKernelConfig = true; hardware.asahi.addEdgeKernelConfig = true;
hardware.asahi.useExperimentalGPUDriver = true; hardware.asahi.useExperimentalGPUDriver = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs;
(retroarch.override { cores = with libretro; [ np2kai ];}) [ (retroarch.override { cores = with libretro; [ np2kai ]; }) ];
];
system.stateVersion = "23.05"; system.stateVersion = "23.05";
} }

View file

@ -1,32 +1,30 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, pkgs, modulesPath, ... }:
{ {
imports = imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "usb_storage" ]; boot.initrd.availableKernelModules = [ "usb_storage" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ]; boot.kernelModules = [ ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/aed0b311-8954-4164-afc3-9e7c6a2d8c2a"; device = "/dev/disk/by-uuid/aed0b311-8954-4164-afc3-9e7c6a2d8c2a";
fsType = "ext4"; fsType = "ext4";
}; };
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/8551d309-afe6-4a25-b571-b2cb1eff7c09"; boot.initrd.luks.devices."cryptroot".device =
"/dev/disk/by-uuid/8551d309-afe6-4a25-b571-b2cb1eff7c09";
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/771E-1309"; device = "/dev/disk/by-uuid/771E-1309";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = swapDevices = [{
[ { device = "/dev/disk/by-partuuid/dace6477-697e-4bba-aede-eb0e9f7a28ff";
device = "/dev/disk/by-partuuid/dace6477-697e-4bba-aede-eb0e9f7a28ff"; randomEncryption.enable = true;
randomEncryption.enable = true; }];
} ];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

View file

@ -1,8 +1,6 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let my = import ../..;
my = import ../..;
in { in {
imports = [ imports = [
./hardware.nix # Use nixos-generate-config --show-hardware-config > /etc/nixos/machines/MACHINE/hardware.nix ./hardware.nix # Use nixos-generate-config --show-hardware-config > /etc/nixos/machines/MACHINE/hardware.nix

View file

@ -1,13 +1,8 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let my = import ../..;
my = import ../..;
in { in {
imports = [ imports = [ my.modules ../../hardware/rpi4.nix ];
my.modules
../../hardware/rpi4.nix
];
networking.hostName = "rubusidaeus"; networking.hostName = "rubusidaeus";

View file

@ -1,13 +1,8 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let my = import ../..;
my = import ../..;
in { in {
imports = [ imports = [ ./hardware.nix my.modules ];
./hardware.nix
my.modules
];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -28,8 +23,8 @@ in {
yggdrasil-client.enable = true; yggdrasil-client.enable = true;
}; };
services.xserver.videoDrivers=["amdgpu"]; services.xserver.videoDrivers = [ "amdgpu" ];
boot.initrd.kernelModules=["amdgpu"]; boot.initrd.kernelModules = [ "amdgpu" ];
powerManagement = { powerManagement = {
enable = true; enable = true;

View file

@ -1,36 +1,36 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, pkgs, modulesPath, ... }:
{ {
imports = imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" "nct6775" ]; boot.kernelModules = [ "kvm-amd" "nct6775" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
environment.etc = { environment.etc = {
"sysconfig/lm_sensors".text = '' "sysconfig/lm_sensors".text = ''
HWMON_MODULES="lm75" HWMON_MODULES="lm75"
''; '';
}; };
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/e9d47776-8f25-490b-9ea3-ee80ab9d6110"; device = "/dev/disk/by-uuid/e9d47776-8f25-490b-9ea3-ee80ab9d6110";
fsType = "btrfs"; fsType = "btrfs";
}; };
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/c2e3757b-b29c-4797-9535-084eb71351e9"; boot.initrd.luks.devices."cryptroot".device =
"/dev/disk/by-uuid/c2e3757b-b29c-4797-9535-084eb71351e9";
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/4F73-6FFF"; device = "/dev/disk/by-uuid/4F73-6FFF";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

View file

@ -1,13 +1,8 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let my = import ../..;
my = import ../..;
in { in {
imports = [ imports = [ ./hardware.nix my.modules ];
./hardware.nix
my.modules
];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -28,9 +23,9 @@ in {
networking.useDHCP = true; networking.useDHCP = true;
services.xserver.videoDrivers=["amdgpu"]; services.xserver.videoDrivers = [ "amdgpu" ];
boot.initrd.kernelModules=["amdgpu"]; boot.initrd.kernelModules = [ "amdgpu" ];
system.stateVersion = "23.05"; system.stateVersion = "23.05";
} }

View file

@ -1,29 +1,31 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, pkgs, modulesPath, ... }:
{ {
imports = imports = [
[ (modulesPath + "/hardware/network/broadcom-43xx.nix") (modulesPath + "/hardware/network/broadcom-43xx.nix")
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/nvme0n1p2"; device = "/dev/nvme0n1p2";
fsType = "btrfs"; fsType = "btrfs";
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/B167-E1D3"; device = "/dev/disk/by-uuid/B167-E1D3";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

View file

@ -1,4 +1,4 @@
{ pkgs ? import <nixpkgs> {}, bundlerEnv, ... }: { pkgs ? import <nixpkgs> { }, bundlerEnv, ... }:
let let
version = "130812885aee9f2e0a5f6a4b534a3b6b68431554"; version = "130812885aee9f2e0a5f6a4b534a3b6b68431554";
repo = builtins.fetchGit { repo = builtins.fetchGit {

View file

@ -14,4 +14,4 @@
./server/nginx.nix ./server/nginx.nix
./server/ivabus-dev.nix ./server/ivabus-dev.nix
]; ];
} }

View file

@ -1,14 +1,10 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let cfg = config.my.roles.design;
cfg = config.my.roles.design;
in { in {
options.my.roles.design.enable = lib.mkEnableOption "Enable design-specific programs"; options.my.roles.design.enable =
lib.mkEnableOption "Enable design-specific programs";
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ inkscape gimp imagemagick ];
inkscape
gimp
imagemagick
];
}; };
} }

View file

@ -1,10 +1,11 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.my.roles.devel;
cfg = config.my.roles.devel;
in { in {
options.my.roles.devel.enable = lib.mkEnableOption "Enable tools for development programs"; options.my.roles.devel.enable =
config = lib.mkIf (cfg.enable) ( lib.mkMerge [{ lib.mkEnableOption "Enable tools for development programs";
config = lib.mkIf (cfg.enable) (lib.mkMerge [
{
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
rustc rustc
@ -25,21 +26,27 @@ in {
]; ];
} }
# Architecture-specific packages and configuration # Architecture-specific packages and configuration
(lib.mkIf (!pkgs.stdenv.isAarch64) {boot.binfmt.emulatedSystems = [ "aarch64-linux" ];}) (lib.mkIf (!pkgs.stdenv.isAarch64) {
(lib.mkIf (!pkgs.stdenv.isAarch32) {boot.binfmt.emulatedSystems = [ "armv6l-linux" ];}) boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
(lib.mkIf (!pkgs.stdenv.isx86_64) {boot.binfmt.emulatedSystems = [ "x86_64-linux" "i686-linux" ];}) })
(lib.mkIf (!pkgs.stdenv.isAarch32) {
boot.binfmt.emulatedSystems = [ "armv6l-linux" ];
})
(lib.mkIf (!pkgs.stdenv.isx86_64) {
boot.binfmt.emulatedSystems = [ "x86_64-linux" "i686-linux" ];
})
# Remove CLion from builds while I'm semi-online # Remove CLion from builds while I'm semi-online
# Install CLion only if we are on x86_64 # Install CLion only if we are on x86_64
/*(lib.mkIf (pkgs.stdenv.isx86_64) { /* (lib.mkIf (pkgs.stdenv.isx86_64) {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
jetbrains.clion jetbrains.clion
]; ];
})*/ })
*/
# Install vscode only if we are on x86_64 or aarch64 or aarch32 # Install vscode only if we are on x86_64 or aarch64 or aarch32
(lib.mkIf (pkgs.stdenv.isx86_64 || pkgs.stdenv.isAarch64 || pkgs.stdenv.isAarch32) { (lib.mkIf
environment.systemPackages = with pkgs; [ (pkgs.stdenv.isx86_64 || pkgs.stdenv.isAarch64 || pkgs.stdenv.isAarch32) {
vscode environment.systemPackages = with pkgs; [ vscode ];
]; })
})
]); ]);
} }

View file

@ -1,28 +1,29 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.my.roles.gaming;
cfg = config.my.roles.gaming;
in { in {
options.my.roles.gaming.enable = lib.mkEnableOption "Enable wine & steam"; options.my.roles.gaming.enable = lib.mkEnableOption "Enable wine & steam";
config = lib.mkIf (cfg.enable) ( lib.mkMerge [{ config = lib.mkIf (cfg.enable) (lib.mkMerge [
nixpkgs.config.allowUnfree = true; {
hardware.opengl.driSupport32Bit = true; nixpkgs.config.allowUnfree = true;
services.pipewire.alsa.support32Bit = true; hardware.opengl.driSupport32Bit = true;
environment.systemPackages = with pkgs; [ services.pipewire.alsa.support32Bit = true;
wineWowPackages.stable environment.systemPackages = with pkgs; [
wine wineWowPackages.stable
(wine.override { wineBuild = "wine64"; }) wine
wineWowPackages.staging (wine.override { wineBuild = "wine64"; })
winetricks wineWowPackages.staging
wineWowPackages.waylandFull winetricks
(retroarch.override { cores = with libretro; [ np2kai ];}) wineWowPackages.waylandFull
]; (retroarch.override { cores = with libretro; [ np2kai ]; })
} ];
# Enable steam only on x86_64 (since I have hosts with ARM, but I don't think I will enable my.roles.gaming on ARM system soon) }
(lib.mkIf(pkgs.stdenv.isx86_64) { # Enable steam only on x86_64 (since I have hosts with ARM, but I don't think I will enable my.roles.gaming on ARM system soon)
programs.steam.enable = true; # Firewall ports used by Steam in-home streaming. (lib.mkIf (pkgs.stdenv.isx86_64) {
networking.firewall.allowedTCPPorts = [ 27036 27037 ]; programs.steam.enable =
networking.firewall.allowedUDPPorts = [ 27031 27036 ]; true; # Firewall ports used by Steam in-home streaming.
networking.firewall.allowedTCPPorts = [ 27036 27037 ];
networking.firewall.allowedUDPPorts = [ 27031 27036 ];
}) })
]); ]);
} }

View file

@ -1,7 +1,6 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.my.roles.graphical;
cfg = config.my.roles.graphical;
in { in {
options.my.roles.graphical.enable = lib.mkEnableOption "Enable GUI"; options.my.roles.graphical.enable = lib.mkEnableOption "Enable GUI";
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
@ -85,7 +84,8 @@ in {
roboto-mono roboto-mono
kochi-substitute kochi-substitute
]; ];
environment.sessionVariables.NIXOS_OZONE_WL = "1"; # Enable wayland for electron environment.sessionVariables.NIXOS_OZONE_WL =
"1"; # Enable wayland for electron
home-manager.users.ivabus = { home-manager.users.ivabus = {
gtk = { gtk = {
enable = true; enable = true;

View file

@ -1,14 +1,14 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.my.roles.latex;
cfg = config.my.roles.latex;
in { in {
options.my.roles.latex.enable = lib.mkEnableOption "Enable latex stuff"; options.my.roles.latex.enable = lib.mkEnableOption "Enable latex stuff";
config = lib.mkIf (cfg.enable){ config = lib.mkIf (cfg.enable) {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs;
# Maybe I don't need to use -full variant of texlive [
# TODO: I should find distribution I actually need # Maybe I don't need to use -full variant of texlive
texlive.combined.scheme-full # TODO: I should find distribution I actually need
]; texlive.combined.scheme-full
];
}; };
} }

View file

@ -1,13 +1,10 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.my.roles.media-client;
cfg = config.my.roles.media-client;
in { in {
options.my.roles.media-client.enable = lib.mkEnableOption "Enable media players, downloaders, etc."; options.my.roles.media-client.enable =
config = lib.mkIf (cfg.enable){ lib.mkEnableOption "Enable media players, downloaders, etc.";
environment.systemPackages = with pkgs; [ config = lib.mkIf (cfg.enable) {
vlc environment.systemPackages = with pkgs; [ vlc yt-dlp ffmpeg ];
yt-dlp ffmpeg
];
}; };
} }

View file

@ -1,13 +1,12 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.my.roles.ntp-server;
cfg = config.my.roles.ntp-server;
in { in {
options.my.roles.ntp-server.enable = lib.mkEnableOption "Enable NTP server"; options.my.roles.ntp-server.enable = lib.mkEnableOption "Enable NTP server";
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
services.chrony.extraConfig = '' services.chrony.extraConfig = ''
allow 192.168.0.0/16 allow 192.168.0.0/16
''; '';
networking.firewall.allowedUDPPorts = [ 123 ]; networking.firewall.allowedUDPPorts = [ 123 ];
}; };
} }

View file

@ -1,15 +1,14 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let cfg = config.my.roles.server.ivabus-dev;
cfg = config.my.roles.server.ivabus-dev; in {
in options.my.roles.server.ivabus-dev.enable =
{ lib.mkEnableOption "Serve ivabus.dev";
options.my.roles.server.ivabus-dev.enable = lib.mkEnableOption "Serve ivabus.dev";
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
my.roles.server.nginx.enable = true; my.roles.server.nginx.enable = true;
services.nginx = { services.nginx = {
virtualHosts."ivabus.dev" = { virtualHosts."ivabus.dev" = {
# i don't want to call package like this # i don't want to call package like this
root = pkgs.callPackage ../../pkgs/ivabus-dev.nix {}; root = pkgs.callPackage ../../pkgs/ivabus-dev.nix { };
extraConfig = '' extraConfig = ''
error_page 404 /404.html; error_page 404 /404.html;

View file

@ -1,10 +1,9 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let cfg = config.my.roles.server.nginx;
cfg = config.my.roles.server.nginx; in {
in
{
# Don't call from machine setup, services will enable it automatically # Don't call from machine setup, services will enable it automatically
options.my.roles.server.nginx.enable = lib.mkEnableOption "Initial nginx setup"; options.my.roles.server.nginx.enable =
lib.mkEnableOption "Initial nginx setup";
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
services.nginx = { services.nginx = {
enable = true; enable = true;
@ -14,4 +13,4 @@ in
recommendedTlsSettings = true; recommendedTlsSettings = true;
}; };
}; };
} }

View file

@ -1,13 +1,12 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.my.roles.torrent;
cfg = config.my.roles.torrent;
in { in {
options.my.roles.torrent.enable = lib.mkEnableOption "Enable torrent support."; options.my.roles.torrent.enable =
lib.mkEnableOption "Enable torrent support.";
# TODO: do something about systems without GUI (i don't use any at the moment) # TODO: do something about systems without GUI (i don't use any at the moment)
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs;
(transmission.override {enableGTK3 = true;}) [ (transmission.override { enableGTK3 = true; }) ];
];
}; };
} }

View file

@ -1,15 +1,12 @@
{ pkgs, config, lib, ... }: { pkgs, config, lib, ... }:
let let cfg = config.my.roles.virtualisation;
cfg = config.my.roles.virtualisation;
in { in {
options.my.roles.virtualisation.enable = lib.mkEnableOption "Enable tools for virtualisation"; options.my.roles.virtualisation.enable =
lib.mkEnableOption "Enable tools for virtualisation";
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
# TODO: Think if I ever need virtualisation # TODO: Think if I ever need virtualisation
virtualisation.libvirtd.enable = true; virtualisation.libvirtd.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ qemu_full qemu-utils ];
qemu_full
qemu-utils
];
}; };
} }

View file

@ -1,9 +1,9 @@
{ config, lib, ... }: { config, lib, ... }:
let let cfg = config.my.roles.yggdrasil-client;
cfg = config.my.roles.yggdrasil-client;
in { in {
options.my.roles.yggdrasil-client.enable = lib.mkEnableOption "Enable yggdrasil"; options.my.roles.yggdrasil-client.enable =
lib.mkEnableOption "Enable yggdrasil";
config = lib.mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
services.yggdrasil = { services.yggdrasil = {
enable = true; enable = true;
@ -16,4 +16,4 @@ in {
}; };
}; };
}; };
} }

View file

@ -1,9 +1,9 @@
let let
canaryHash = builtins.hashFile "sha256" ./secrets/canary; canaryHash = builtins.hashFile "sha256" ./secrets/canary;
expectedHash = "bc6f38a927602241c5e0996b61ebd3a90d5356ca76dc968ec14df3cd45c6612c"; expectedHash =
in "bc6f38a927602241c5e0996b61ebd3a90d5356ca76dc968ec14df3cd45c6612c";
if canaryHash != expectedHash then abort "Secrets are not readable. Have you run `git-crypt unlock`?" in if canaryHash != expectedHash then
else { abort "Secrets are not readable. Have you run `git-crypt unlock`?"
hashed-password = builtins.readFile ./secrets/hashed-password; else {
} hashed-password = builtins.readFile ./secrets/hashed-password;
}

View file

@ -1,18 +1,9 @@
{ crossSystem ? "aarch64-unknown-linux-musl" }: { crossSystem ? "aarch64-unknown-linux-musl" }:
let pkgs = import <nixpkgs> { let pkgs = import <nixpkgs> { crossSystem = { config = crossSystem; }; };
crossSystem = { in pkgs.pkgsStatic.callPackage ({ mkShell, pkg-config, zlib, file }:
config = crossSystem; mkShell {
}; nativeBuildInputs = [ pkg-config file ];
}; buildInputs = [ zlib ];
in env = { CROSS_COMPILE = crossSystem; };
pkgs.pkgsStatic.callPackage ( }) { }
{mkShell, pkg-config, zlib, file}:
mkShell {
nativeBuildInputs = [ pkg-config file ];
buildInputs = [ zlib ];
env = {
CROSS_COMPILE = crossSystem;
};
}
) {}