diff --git a/flake.nix b/flake.nix index fb6d8a1..1f27457 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,7 @@ # │ └─ default.nix { - description = "Kabbone's peronal NixOS Flake config"; + description = "Kabbone's personal NixOS Flake config"; inputs = { nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Nix Packages @@ -48,12 +48,12 @@ noctalia = { url = "github:noctalia-dev/noctalia-shell"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = { + outputs = { self, nixpkgs, nixpkgs-unstable, @@ -66,18 +66,17 @@ impermanence, lanzaboote, ... - } @ inputs: rec { - inherit (self) outputs; + } @ inputs: + let systems = [ # "aarch64-linux" "x86_64-linux" ]; - forAllSystems = nixpkgs.lib.genAttrs systems; - #in { + in { # Your custom packages # Accessible through 'nix build', 'nix shell', etc - packages = forAllSystems (system: import ./packages nixpkgs.legacyPackages.${system}); + packages = forAllSystems (system: import ./packages { pkgs = nixpkgs.legacyPackages.${system}; }); # Formatter for your nix files, available through 'nix fmt' # Other options beside 'alejandra' include 'nixpkgs-fmt' formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra); @@ -96,19 +95,17 @@ import ./hosts { # Imports ./hosts/default.nix inherit (nixpkgs) lib; inherit inputs nixpkgs nixpkgs-unstable nixos-hardware home-manager home-manager-unstable agenix jovian-nixos microvm impermanence lanzaboote; # Also inherit home-manager so it does not need to be defined here. - nix.allowedUsers = [ "@wheel" ]; - security.sudo.execWheelOnly = true; } ); hydraJobs = { - "steamdeck" = nixosConfigurations.steamdeck.config.system.build.toplevel; - "hades" = nixosConfigurations.hades.config.system.build.toplevel; - "nasbak" = nixosConfigurations.nasbak.config.system.build.toplevel; - "jupiter" = nixosConfigurations.jupiter.config.system.build.toplevel; - "lifebook" = nixosConfigurations.lifebook.config.system.build.toplevel; - "kabtop" = nixosConfigurations.kabtop.config.system.build.toplevel; - "dmz" = nixosConfigurations.dmz.config.system.build.toplevel; + "steamdeck" = self.nixosConfigurations.steamdeck.config.system.build.toplevel; + "hades" = self.nixosConfigurations.hades.config.system.build.toplevel; + "nasbak" = self.nixosConfigurations.nasbak.config.system.build.toplevel; + "jupiter" = self.nixosConfigurations.jupiter.config.system.build.toplevel; + "lifebook" = self.nixosConfigurations.lifebook.config.system.build.toplevel; + "kabtop" = self.nixosConfigurations.kabtop.config.system.build.toplevel; + "dmz" = self.nixosConfigurations.dmz.config.system.build.toplevel; }; }; } diff --git a/hosts/configuration_common.nix b/hosts/configuration_common.nix new file mode 100644 index 0000000..3598ae9 --- /dev/null +++ b/hosts/configuration_common.nix @@ -0,0 +1,127 @@ +# +# Common configuration shared by all hosts (desktop and server). +# Imported by configuration_desktop.nix and configuration_server.nix. +# + +{ config, lib, pkgs, inputs, user, location, agenix, ... }: + +{ + imports = [ + ../modules/hardware/hydraCache.nix + ]; + + users.users.${user} = { + shell = pkgs.zsh; + openssh.authorizedKeys.keys = [ + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de" + ]; + }; + + time.timeZone = "Europe/Berlin"; + i18n = { + defaultLocale = "en_US.UTF-8"; + extraLocaleSettings = { + LC_TIME = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + }; + }; + + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + fonts.packages = with pkgs; [ + carlito + vegur + source-code-pro + font-awesome + hack-font + corefonts + intel-one-mono + cascadia-code + ]; + + environment = { + variables = { + TERMINAL = "alacritty"; + EDITOR = "nvim"; + VISUAL = "nvim"; + BROWSER = "firefox"; + }; + systemPackages = with pkgs; [ + vim + git + killall + pciutils + usbutils + wget + bind + dig + agenix.packages.${pkgs.system}.default + cryptsetup + powerline + powerline-fonts + powerline-symbols + tree + direnv + linuxPackages_latest.cpupower + btop + ]; + }; + + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + }; + }; + + programs.zsh.enable = true; + + nix = { + settings = { + auto-optimise-store = true; + allowed-users = [ "@wheel" ]; + }; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + package = pkgs.nixVersions.stable; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + + nixpkgs.config.allowUnfree = true; + nixpkgs.config.permittedInsecurePackages = [ + "olm-3.2.16" + ]; + + security = { + sudo.execWheelOnly = true; + rtkit.enable = true; + pki.certificateFiles = [ + ./rootCA.pem + ]; + }; + + system = { + stateVersion = "23.05"; + autoUpgrade = { + flake = "git+https://git.kabtop.de/Kabbone/nixos-config"; + randomizedDelaySec = "5m"; + allowReboot = true; + rebootWindow = { + lower = "02:00"; + upper = "05:00"; + }; + }; + }; +} diff --git a/hosts/configuration_desktop.nix b/hosts/configuration_desktop.nix index d5dc211..6b30db1 100644 --- a/hosts/configuration_desktop.nix +++ b/hosts/configuration_desktop.nix @@ -1,201 +1,61 @@ # -# Main system configuration. More information available in configuration.nix(5) man page. -# -# flake.nix -# ├─ ./hosts -# │ └─ configuration.nix * -# └─ ./modules -# └─ ./editors -# └─ ./nvim -# └─ default.nix +# Desktop/laptop configuration. Imports configuration_common.nix for shared settings. +# Host-specific window manager and hardware configs are imported per-host. # { config, lib, pkgs, pkgs-stable, inputs, user, location, agenix, ... }: { - imports = # Import window or display manager. - [ - #../modules/editors/nvim # ! Comment this out on first install ! - ]; - - users.users.${user} = { # System User - isNormalUser = true; - extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" "tss" ]; - shell = pkgs.zsh; # Default shell - uid = 2000; -# initialPassword = "password95"; - openssh.authorizedKeys.keys = [ - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc" - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc" - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de" - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de" - ]; - }; - - time.timeZone = "Europe/Berlin"; # Time zone and internationalisation - i18n = { - defaultLocale = "en_US.UTF-8"; - extraLocaleSettings = { # Extra locale settings that need to be overwritten - LC_TIME = "de_DE.UTF-8"; - LC_MONETARY = "de_DE.UTF-8"; - }; - }; - - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; # or us/azerty/etc - }; - - security = { - pam.services.login.enableGnomeKeyring = true; - rtkit.enable = true; - pki.certificateFiles = [ - ./rootCA.pem - ]; - #tpm2 = { - # enable = true; - # pkcs11.enable = true; - # tctiEnvironment.enable = true; - # }; - }; - - #sound = { # ALSA sound enable - ## #enable = true; - # mediaKeys = { # Keyboard Media Keys (for minimal desktop) enable = true; - # enable = true; - # }; - #}; - - fonts.packages = with pkgs; [ # Fonts - carlito # NixOS - vegur # NixOS - source-code-pro - font-awesome # Icons - hack-font - corefonts # MS - intel-one-mono - cascadia-code + imports = [ + ./configuration_common.nix ]; - environment = { - variables = { - TERMINAL = "alacritty"; - EDITOR = "nvim"; - VISUAL = "nvim"; - BROWSER = "firefox"; - }; - systemPackages = (with pkgs; [ # Default packages install system-wide - vim - git - killall - pciutils - usbutils - wget - file - powertop - cpufrequtils - lm_sensors - libva-utils - at-spi2-core - bind - dig - qmk-udev-rules - gptfdisk - agenix.packages.x86_64-linux.default - age-plugin-yubikey - pwgen - cryptsetup - powerline - powerline-fonts - powerline-symbols - tree - direnv - linuxPackages_latest.cpupower - linuxPackages_latest.turbostat - btop - sbctl - ausweisapp - e2fsprogs - ]) - - ++ - - (with pkgs-stable; [ - orca-slicer - ]); + users.users.${user} = { + isNormalUser = true; + uid = 2000; + extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" "tss" ]; }; + security.pam.services.login.enableGnomeKeyring = true; + + environment.systemPackages = with pkgs; [ + file + powertop + cpufrequtils + lm_sensors + libva-utils + at-spi2-core + qmk-udev-rules + gptfdisk + age-plugin-yubikey + pwgen + sbctl + ausweisapp + e2fsprogs + ] ++ (with pkgs-stable; [ + orca-slicer + ]); + + nixpkgs.config.permittedInsecurePackages = [ + "mbedtls-2.28.10" + ]; + services = { - pipewire = { # Sound + pipewire = { enable = true; - alsa = { - enable = true; - # support32Bit = true; - }; + alsa.enable = true; pulse.enable = true; wireplumber.enable = true; }; - openssh = { # SSH: secure shell (remote connection to shell of server) - enable = true; # local: $ ssh @ - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - }; -# extraConfig = '' -# HostKeyAlgorithms +ssh-rsa -# ''; # Temporary extra config so ssh will work in guacamole - }; pcscd.enable = true; yubikey-agent.enable = true; udev.packages = [ pkgs.yubikey-personalization pkgs.nitrokey-udev-rules ]; - flatpak.enable = true; # download flatpak file from website - sudo flatpak install - reboot if not showing up - # sudo flatpak uninstall --delete-data (> flatpak list --app) - flatpak uninstall --unused - # List: - # com.obsproject.Studio - # com.parsecgaming.parsec - # com.usebottles.bottles + flatpak.enable = true; gvfs.enable = true; fwupd.enable = true; }; - programs = { # No xbacklight, this is the alterantive - zsh.enable = true; - dconf.enable = true; - }; - + programs.dconf.enable = true; - nix = { # Nix Package Manager settings - settings ={ - auto-optimise-store = true; # Optimise syslinks - }; - gc = { # Automatic garbage collection - automatic = true; - dates = "weekly"; - options = "--delete-older-than 7d"; - }; - package = pkgs.nixVersions.stable; # Enable nixFlakes on system - extraOptions = '' - experimental-features = nix-command flakes - ''; - }; - nixpkgs.config.allowUnfree = true; # Allow proprietary software. - nixpkgs.config.permittedInsecurePackages = [ - "olm-3.2.16" - "mbedtls-2.28.10" - ]; - - system = { # NixOS settings - autoUpgrade = { # Allow auto update - enable = false; - flake = "git+https://git.kabtop.de/Kabbone/nixos-config"; - randomizedDelaySec = "5m"; - allowReboot = true; - rebootWindow = { - lower = "02:00"; - upper = "05:00"; - }; - #channel = "https://nixos.org/channels/nixos-unstable"; - }; - stateVersion = "23.05"; - }; + system.autoUpgrade.enable = false; } diff --git a/hosts/configuration_server.nix b/hosts/configuration_server.nix index dbd5798..8d955b2 100644 --- a/hosts/configuration_server.nix +++ b/hosts/configuration_server.nix @@ -1,155 +1,38 @@ # -# Main system configuration. More information available in configuration.nix(5) man page. -# -# flake.nix -# ├─ ./hosts -# │ └─ configuration.nix * -# └─ ./modules -# └─ ./editors -# └─ ./nvim -# └─ default.nix +# Server configuration. Imports configuration_common.nix for shared settings. +# Service modules are imported per-host. # { config, lib, pkgs, inputs, user, location, agenix, ... }: { - imports = # Import window or display manager. - [ - #../modules/editors/nvim # ! Comment this out on first install ! - ]; + imports = [ + ./configuration_common.nix + ]; - users.users.${user} = { # System User + users.users.${user} = { isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" ]; - shell = pkgs.zsh; # Default shell uid = 3000; -# initialPassword = "password95"; - openssh.authorizedKeys.keys = [ - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc" - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc" - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de" - "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de" - ]; - }; - security.sudo.wheelNeedsPassword = true; # User does not need to give password when using sudo. - - time.timeZone = "Europe/Berlin"; # Time zone and internationalisation - i18n = { - defaultLocale = "en_US.UTF-8"; - extraLocaleSettings = { # Extra locale settings that need to be overwritten - LC_TIME = "de_DE.UTF-8"; - LC_MONETARY = "de_DE.UTF-8"; - }; + extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" ]; }; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; # or us/azerty/etc - }; + security.sudo.wheelNeedsPassword = true; - security = { - rtkit.enable = true; - pki.certificateFiles = [ - ./rootCA.pem - ]; - }; - - fonts.packages = with pkgs; [ # Fonts - carlito # NixOS - vegur # NixOS - source-code-pro - font-awesome # Icons - hack-font - corefonts # MS - intel-one-mono - cascadia-code + environment.systemPackages = with pkgs; [ + ffmpeg + smartmontools + htop ]; - environment = { - variables = { - TERMINAL = "alacritty"; - EDITOR = "nvim"; - VISUAL = "nvim"; - BROWSER = "firefox"; - }; - systemPackages = with pkgs; [ # Default packages install system-wide - vim - git - killall - pciutils - usbutils - wget - powertop - cpufrequtils - lm_sensors - bind - dig - agenix.packages.x86_64-linux.default - ffmpeg - smartmontools - cryptsetup - powerline - powerline-fonts - powerline-symbols - tree - direnv - linuxPackages_latest.cpupower - btop - htop - ]; + services.openssh = { + ports = [ 2220 ]; + openFirewall = true; }; - services = { - openssh = { # SSH: secure shell (remote connection to shell of server) - enable = true; # local: $ ssh @ - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - }; - ports = [ 2220 ]; - openFirewall = true; - }; + nix.extraOptions = '' + keep-outputs = true + keep-derivations = true + ''; - #flatpak.enable = true; # download flatpak file from website - sudo flatpak install - reboot if not showing up - # sudo flatpak uninstall --delete-data (> flatpak list --app) - flatpak uninstall --unused - }; - - programs = { - zsh.enable = true; - }; - - nix = { # Nix Package Manager settings - settings ={ - auto-optimise-store = true; # Optimise syslinks - }; - gc = { # Automatic garbage collection - automatic = true; - dates = "weekly"; - options = "--delete-older-than 7d"; - }; - package = pkgs.nixVersions.stable; # Enable nixFlakes on system - extraOptions = '' - experimental-features = nix-command flakes - keep-outputs = true - keep-derivations = true - ''; - }; - nixpkgs.config.allowUnfree = true; # Allow proprietary software. - nixpkgs.config.permittedInsecurePackages = [ - "olm-3.2.16" - ]; - - system = { # NixOS settings - autoUpgrade = { # Allow auto update - enable = true; - flake = "git+https://git.kabtop.de/Kabbone/nixos-config"; - randomizedDelaySec = "5m"; - allowReboot = true; - rebootWindow = { - lower = "02:00"; - upper = "05:00"; - }; - }; - stateVersion = "23.05"; - }; + system.autoUpgrade.enable = true; } diff --git a/hosts/default.nix b/hosts/default.nix index 0aaa7e3..9661c9d 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -1,48 +1,55 @@ # # These are the different profiles that can be used when building NixOS. # -# flake.nix -# └─ ./hosts +# flake.nix +# └─ ./hosts # ├─ default.nix * -# ├─ configuration.nix +# ├─ configuration_common.nix +# ├─ configuration_desktop.nix +# ├─ configuration_server.nix # ├─ home.nix # └─ ./desktop OR ./laptop OR ./vm # ├─ ./default.nix -# └─ ./home.nix +# └─ ./home.nix # { lib, inputs, nixpkgs, nixpkgs-unstable, nixos-hardware, home-manager, home-manager-unstable, agenix, jovian-nixos, microvm, impermanence, lanzaboote, ... }: let user = "kabbone"; - userdmz = "diablo"; - userserver = "mephisto"; - location = "$HOME/.setup"; + location = builtins.getEnv "HOME" + "/.setup"; - system = "x86_64-linux"; # System architecture + system = "x86_64-linux"; pkgs = import nixpkgs { inherit system; - config.allowUnfree = true; # Allow proprietary software + config.allowUnfree = true; }; pkgs-unstable = import nixpkgs-unstable { inherit system; - config.allowUnfree = true; # Allow proprietary software + config.allowUnfree = true; }; - pkgs-stable = import nixpkgs { - inherit system; - config.allowUnfree = true; # Allow proprietary software - }; + pkgs-stable = pkgs; pkgs-kabbone = import ../packages { inherit system; inherit pkgs; }; - lib = nixpkgs.lib; - users.defaultShell = "pkgs.zsh"; + # Helper: returns [hm-module, config-attrset] for the modules list. + # hm - the home-manager flake input to use (stable or unstable) + # hmImports - list of home.nix paths for this host + mkHM = hm: hmImports: [ + hm.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { inherit user; }; + home-manager.users.${user}.imports = hmImports; + } + ]; in { @@ -55,22 +62,11 @@ in lanzaboote.nixosModules.lanzaboote ./desktop ./configuration_desktop.nix - ../modules/hardware/hydraCache.nix ../modules/hardware/remoteBuilder.nix nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-gpu-amd nixos-hardware.nixosModules.common-pc-ssd - - - home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit user; }; - home-manager.users.${user} = { - imports = [(import ./home.nix)] ++ [(import ./desktop/home.nix)]; - }; - } - ]; + ] ++ (mkHM home-manager [ ./home.nix ./desktop/home.nix ]); }; lifebook = lib.nixosSystem { # Laptop profile @@ -81,19 +77,9 @@ in lanzaboote.nixosModules.lanzaboote ./lifebook ./configuration_desktop.nix - ../modules/hardware/hydraCache.nix nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-pc-ssd - - home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit user; }; - home-manager.users.${user} = { - imports = [(import ./home.nix)] ++ [(import ./lifebook/home.nix)]; - }; - } - ]; + ] ++ (mkHM home-manager [ ./home.nix ./lifebook/home.nix ]); }; steamdeck = nixpkgs-unstable.lib.nixosSystem { # steamdeck profile @@ -105,151 +91,81 @@ in lanzaboote.nixosModules.lanzaboote ./steamdeck ./configuration_desktop.nix - ../modules/hardware/hydraCache.nix - - home-manager-unstable.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit user; }; - home-manager.users.${user} = { - imports = [(import ./home.nix)] ++ [(import ./steamdeck/home.nix)]; - }; - } - ]; + ] ++ (mkHM home-manager-unstable [ ./home.nix ./steamdeck/home.nix ]); }; - kabtop = lib.nixosSystem { # Desktop profile + kabtop = lib.nixosSystem { # Server profile inherit system; - specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs pkgs-unstable impermanence; }; + specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; }; modules = [ agenix.nixosModules.default microvm.nixosModules.host ./kabtop ./configuration_server.nix - ../modules/hardware/hydraCache.nix nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-pc-ssd - - home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit user; }; - home-manager.users.${user} = { - imports = [(import ./home_server.nix)] ++ [(import ./kabtop/home.nix)]; - }; - } - ]; + ] ++ (mkHM home-manager [ ./home_server.nix ./kabtop/home.nix ]); }; - nasbak = lib.nixosSystem { # Desktop profile + nasbak = lib.nixosSystem { # Server profile inherit system; specialArgs = { inherit inputs user location nixos-hardware agenix; }; modules = [ agenix.nixosModules.default ./nasbackup ./configuration_server.nix - ../modules/hardware/hydraCache.nix nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-pc-ssd - - home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit user; }; - home-manager.users.${user} = { - imports = [(import ./home_server.nix)] ++ [(import ./nasbackup/home.nix)]; - }; - } - ]; + ] ++ (mkHM home-manager [ ./home_server.nix ./nasbackup/home.nix ]); }; - jupiter = lib.nixosSystem { # Desktop profile + jupiter = lib.nixosSystem { # Server profile inherit system; specialArgs = { inherit inputs user location nixos-hardware agenix pkgs-kabbone; }; modules = [ agenix.nixosModules.default ./jupiter ./configuration_server.nix - ../modules/hardware/hydraCache.nix nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-pc-ssd - - home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit user; }; - home-manager.users.${user} = { - imports = [(import ./home_server.nix)] ++ [(import ./jupiter/home.nix)]; - }; - } - ]; + ] ++ (mkHM home-manager [ ./home_server.nix ./jupiter/home.nix ]); }; - kabtopci = lib.nixosSystem { # Desktop profile + kabtopci = lib.nixosSystem { # Server profile inherit system; - specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; }; + specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; }; modules = [ agenix.nixosModules.default microvm.nixosModules.host ./kabtopci ./configuration_server.nix - ../modules/hardware/hydraCache.nix nixos-hardware.nixosModules.common-pc-ssd - - home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit user; }; - home-manager.users.${user} = { - imports = [(import ./home_server.nix)] ++ [(import ./kabtopci/home.nix)]; - }; - } - ]; + ] ++ (mkHM home-manager [ ./home_server.nix ./kabtopci/home.nix ]); }; - kubemaster-1 = lib.nixosSystem { # Desktop profile + kubemaster-1 = lib.nixosSystem { # Server profile inherit system; - specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; }; + specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; }; modules = [ agenix.nixosModules.default microvm.nixosModules.host ./kubemaster-1 ./configuration_server.nix - ../modules/hardware/hydraCache.nix nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-pc-ssd - - home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit user; }; - home-manager.users.${user} = { - imports = [(import ./home_server.nix)] ++ [(import ./kubemaster-1/home.nix)]; - }; - } - ]; + ] ++ (mkHM home-manager [ ./home_server.nix ./kubemaster-1/home.nix ]); }; - dmz = lib.nixosSystem { # Desktop profile + dmz = lib.nixosSystem { # Server profile inherit system; - specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; }; + specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; }; modules = [ agenix.nixosModules.default microvm.nixosModules.host ./dmz ./configuration_server.nix - ../modules/hardware/hydraCache.nix nixos-hardware.nixosModules.common-pc-ssd - - home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit user; }; - home-manager.users.${user} = { - imports = [(import ./home_server.nix)] ++ [(import ./dmz/home.nix)]; - }; - } - ]; + ] ++ (mkHM home-manager [ ./home_server.nix ./dmz/home.nix ]); }; # vm = lib.nixosSystem { # VM profile @@ -259,14 +175,7 @@ in # ./vm # ./configuration.nix # -# home-manager.nixosModules.home-manager { -# home-manager.useGlobalPkgs = true; -# home-manager.useUserPackages = true; -# home-manager.extraSpecialArgs = { inherit user; }; -# home-manager.users.${user} = { -# imports = [(import ./home.nix)] ++ [(import ./vm/home.nix)]; -# }; -# } +# (mkHM home-manager [ ./home.nix ./vm/home.nix ]) # ]; # }; } diff --git a/hosts/home.nix b/hosts/home.nix index 3ef7b09..9dd4783 100644 --- a/hosts/home.nix +++ b/hosts/home.nix @@ -47,6 +47,7 @@ screen yubioath-flutter nitrokey-app + claude-code tailscale wireguard-tools diff --git a/modules/editors/nvim/default.nix b/modules/editors/nvim/default.nix index 1e0d47d..dcf89e1 100644 --- a/modules/editors/nvim/default.nix +++ b/modules/editors/nvim/default.nix @@ -17,6 +17,8 @@ vimAlias = true; vimdiffAlias = true; withNodeJs = true; + withRuby = true; + withPython3 = true; # plugins = with pkgs.vimPlugins; [ # diff --git a/modules/wm/default.nix b/modules/wm/default.nix index 70eaa78..6faa521 100644 --- a/modules/wm/default.nix +++ b/modules/wm/default.nix @@ -1,16 +1,16 @@ { pkgs, lib, config, ... }: - +with lib; { + # NOTE: Dynamic imports based on option values are not supported in NixOS modules. + # To conditionally load a WM, either import all WM modules and use mkIf in each, + # or select the WM module directly in the host configuration. + imports = []; + options = { desktop = { - wm = lib.mkOption { type = types.str; default = "sway"; }; - taskbar = lib.mkOption { type = types.str; default = "waybar"; }; - launcher = lib.mkOption { type = types.str; default = "bemenu"; }; + wm = mkOption { type = types.str; default = "sway"; }; + taskbar = mkOption { type = types.str; default = "waybar"; }; + launcher = mkOption { type = types.str; default = "bemenu"; }; }; }; - - config = { - imports = - (import ./ + (desktop.wm)) ++ - }; } diff --git a/overlays/default.nix b/overlays/default.nix index 19eca21..7061401 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,6 +1,6 @@ {inputs, ...}: { # This one brings our custom packages from the 'pkgs' directory - additions = final: _prev: import ../pkgs {pkgs = final;}; + additions = final: _prev: import ../packages {pkgs = final;}; modifications = final: prev: { mealie = final.unstable.mealie; diff --git a/result b/result new file mode 120000 index 0000000..290b7e3 --- /dev/null +++ b/result @@ -0,0 +1 @@ +/nix/store/0j8av8h7rid2p83sdzbb5bi0x1ldfd9p-nixos-system-hades-25.11.20260415.1766437 \ No newline at end of file diff --git a/systemSettings.nix b/systemSettings.nix deleted file mode 100644 index d973b26..0000000 --- a/systemSettings.nix +++ /dev/null @@ -1,18 +0,0 @@ -# options for systemsettings -{ pkgs, lib, config, ... }: - -{ - options = { - systemSettings.enable = lib.mkEnableOption "enables standard systemsettings"; - }; - - config = lib.mkIf config.systemSettings.enable { - system = lib.mkDefault "x86_64-linux"; - profile = lib.mkDefault "personal"; - timezone = "Europe/Berlin"; - locale = "en_US.UTF-8"; - bootMode = lib.mkDefault "uefi"; - bootMountPath = "/boot"; - }; - -}