Merge branch 'master' into ixion-build

modules/apps/appimage.nix

@@ -0,0 +1,19 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.appimage;
+in {
+  options.appimage = {
+    enable = mkEnableOption "AppImage support";
+  };
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      appimageupdate
+      appimage-run
+    ];
+  };
+}

modules/common/default.nix

@@ -5,6 +5,7 @@
 }: {
   imports = [
     ./core.nix
+    ./environment.nix
     ./fonts.nix
     ./users.nix
   ];

modules/common/environment.nix

@@ -0,0 +1,23 @@
+{ lib, pkgs, ... }: {
+  environment.systemPackages = with pkgs; [
+    git
+    vim
+    neovim
+    usbutils
+    coreutils
+    pciutils
+    patchelf
+    htop
+  ] ++ 
+  lib.optionals pkgs.stdenv.isLinux (with pkgs; [
+    systemd
+    lshw
+    dmidecode
+    nix-ld
+  ]) ++
+  lib.optionals pkgs.stdenv.isDarwin (with pkgs; [
+      # nothing here, yet ;)
+  ]);
+
+  environment.variables.EDITOR = "nvim";
+}

modules/common/users.nix

@@ -1,35 +1,38 @@
+{ lib, pkgs, userName, hostname, ... }:
+
 {
-  lib,
-  pkgs,
-  userName,
-  hostname,
-  ...
-} @ args: {
-  imports = [
-    ../security/sudo.nix
-  ];
-
   networking.hostName = hostname;
-
-  # Don't forget to set a password with ‘passwd’!
-  users.users."${userName}" = lib.mkMerge [
-    {
-      home =
-        if pkgs.stdenv.isDarwin
-        then "/Users/${userName}"
-        else "/home/${userName}";
-      description = userName;
-    }
-
-    (lib.mkIf (pkgs.stdenv.isLinux) {
-      group = "${userName}";
-      isNormalUser = true;
-    })
-  ];
-
-  security.sudo.needsPassword = false;
-
+  
+  users.users."${userName}" = {
+    home = if pkgs.stdenv.isDarwin 
+           then "/Users/${userName}" 
+           else "/home/${userName}";
+    description = userName;
+  } // lib.optionalAttrs pkgs.stdenv.isLinux {
+    group = "${userName}";
+    isNormalUser = true;
+  };
+  
   users.groups.wyatt = {};
-
   nix.settings.trusted-users = [userName];
+
+  security = lib.optionalAttrs pkgs.stdenv.isLinux {
+    sudo.extraRules = [
+      {
+        groups = [ "wheel" ];
+        commands = [
+          {
+            command = "ALL";
+            options = [ "NOPASSWD" "SETENV" ];
+          }
+        ];
+      }
+    ];
+  };
+
+  environment = lib.optionalAttrs pkgs.stdenv.isDarwin {
+    etc."sudoers.d/wheel-nopasswd".text = ''
+      %wheel ALL=(ALL:ALL) NOPASSWD: SETENV: ALL
+    '';
+  };
 }

modules/machine/cloud/configuration.nix

@@ -21,11 +21,13 @@ in {
       inherit lib pkgs flatpakPackages;
     })
     ../../apps/gaming.nix
+    ../../apps/appimage.nix
     ../../graphics
     ../../pwrMgmt
     ../../networking/core.nix
     ../../sound/pipewire.nix
     ../../sound/shairport.nix
+    ../../sound/focusrite.nix
     ../../virtualization/podman.nix
     ../../virtualization/hardware.nix
   ];
@@ -34,9 +36,13 @@ in {
   nix.settings.experimental-features = ["nix-command" "flakes"];
 
   # Custom kernel/boot stuff
-  boot.kernelPackages = pkgs.linuxPackages_latest;
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
+  boot = {
+    kernelPackages = pkgs.linuxPackages_latest;
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+  };
 
   # Enable Bluetooth if present
   hardware.bluetooth.enable = true;
@@ -46,40 +52,23 @@ in {
 
   # Install packages to be installed system-wide
   environment.systemPackages = with pkgs; [
-    vim
-    neovim
-    git
     wireguard-tools
     grim
     slurp
     playerctl
     light
     brightnessctl
-    firefox
     wttrbar
     cliphist
-    patchelf
-    nix-ld
+    xdg-desktop-portal-gtk
+    xdg-utils
+    flatpak-xdg-utils
+    desktop-file-utils
+    shared-mime-info
+    wl-clipboard
+    wl-clip-persist
   ];
 
-  # Set the EDITOR global environment variable to neovim
-  environment.variables.EDITOR = "nvim";
-
-  # Enable OpenSSH
-  services.openssh.enable = true;
-
-  # Enable keyring
-  services.gnome.gnome-keyring.enable = true;
-
-  # Enable GnuPG
-  programs.gnupg.agent = {
-    enable = true;
-    enableSSHSupport = true;
-  };
-
-  # Enable SUID wrappers (some programs need them)
-  programs.mtr.enable = true;
-
   # Enable Polkit
   security.polkit.enable = true;
 
@@ -147,28 +136,54 @@ in {
     networkManager.enable = true;
   };
 
-  # Enable dconf
-  programs.dconf.enable = true;
+  programs = {
+    # Enable GnuPG
+    gnupg.agent = {
+      enable = true;
+      enableSSHSupport = true;
+    };
+
+    # Enable SUID wrappers (some programs need them)
+    mtr.enable = true;
+
+    # Enable dconf
+    dconf.enable = true;
+  };
 
   # Add username to groups "wheel" and "video" - more may be added here later
   users.users.${userName}.extraGroups = ["wheel" "video" "gamemode" "podman" "network"];
 
-  # Flatpak packages (see ../../apps/flatpak.nix)
-  services.flatpak.packages = flatpakPackages;
+  services = {
+    # Enable OpenSSH
+    openssh.enable = true;
+
+    # Enable keyring
+    gnome.gnome-keyring.enable = true;
+
+    # Flatpak packages (see ../../apps/flatpak.nix)
+    flatpak.packages = flatpakPackages;
+  };
+
+  # Focusrite Scarlett audio interface support (see ../../sound/focusrite.nix)
+  sound.hardware.focusrite.enable = true;
+
+  # AppImage support
+  appimage.enable = true;
 
   # XDG stuff
   xdg = {
     portal = {
       enable = true;
-      wlr.enable = true;
       config = {
+        sway = {
+          default = ["wlr" "gtk"];
+          "org.freedesktop.impl.portal.Secret" = ["gnome-keyring"];
+        };
         common = {
-          default = [
-            "wlr"
-          ];
+          default = ["gtk"];
+          "org.freedesktop.impl.portal.Secret" = ["gnome-keyring"];
         };
       };
-      xdgOpenUsePortal = true;
       extraPortals = with pkgs; [
         xdg-desktop-portal-wlr
         xdg-desktop-portal-gtk

modules/machine/valefor/README.md

@@ -6,4 +6,4 @@ Licensed by the Mozilla Public License v2
 
 ## Synopsis
 
-This directory is currently empty so, currently, there's nothing to see! However, this is where the machine-specific configuration files for hostname `valefor` live, my apartment appliance server. These files get called by the root `flake.nix` file.
+This is where the machine-specific configuration files for hostname `valefor` live, my apartment appliance server. These files get called by the root `flake.nix` file.

modules/machine/valefor/configuration.nix

@@ -27,18 +27,6 @@
   # Set your timezone
   time.timeZone = "America/Detroit";
 
-  # Install packages to be installed system-wide
-  environment.systemPackages = with pkgs; [
-    vim
-    neovim
-    git
-    patchelf
-    nix-ld
-  ];
-
-  # Set the EDITOR global environment variable to neovim
-  environment.variables.EDITOR = "nvim";
-
   # Enable OpenSSH
   services.openssh.enable = true;
 

modules/security/sudo.nix

@@ -5,7 +5,7 @@
 }:
 with lib; {
   options = {
-    security.sudo = {
+    security.sudoers = {
       needsPassword = mkOption {
         type = types.bool;
         default = true;

modules/sound/focusrite.nix

@@ -0,0 +1,33 @@
+# Must be paired with the pipewire Nix module, this does nothing but install packages
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.sound.hardware.focusrite;
+in {
+  options.sound.hardware.focusrite = {
+    enable = mkEnableOption "Focusrite audio interface support";
+    guiSupport = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Enable GUI support for Focusrite Scarlett audio interface (installs alsa-scarlett-gui)";
+    };
+  };
+  config = mkIf cfg.enable (mkMerge [
+    {
+      environment.systemPackages = with pkgs;
+        [
+          scarlett2
+          alsa-scarlett-gui
+        ]
+        ++ (
+          if cfg.guiSupport
+          then [pkgs.alsa-scarlett-gui]
+          else []
+        );
+    }
+  ]);
+}