From d8a9e92dff745a3ceda7a2d616c235d458807d80 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Thu, 12 Dec 2024 20:41:58 -0500 Subject: [PATCH 01/10] code dump v1 --- flake.nix | 6 +- modules/apps/flatpak.nix | 36 ++++++++++ modules/graphics/default.nix | 42 +++++++++++ modules/machine/cloud/configuration.nix | 79 +++------------------ modules/machine/cloud/default.nix | 6 ++ modules/machine/sephiroth/configuration.nix | 19 ++--- modules/machine/sephiroth/default.nix | 6 ++ modules/sound/pipewire.nix | 6 ++ modules/sound/shairport.nix | 7 ++ modules/virtualization/docker.nix | 6 ++ modules/virtualization/hardware.nix | 4 ++ modules/virtualization/podman.nix | 7 ++ 12 files changed, 137 insertions(+), 87 deletions(-) create mode 100644 modules/apps/flatpak.nix create mode 100644 modules/graphics/default.nix create mode 100644 modules/machine/cloud/default.nix create mode 100644 modules/machine/sephiroth/default.nix create mode 100644 modules/sound/pipewire.nix create mode 100644 modules/sound/shairport.nix create mode 100644 modules/virtualization/docker.nix create mode 100644 modules/virtualization/hardware.nix create mode 100644 modules/virtualization/podman.nix diff --git a/flake.nix b/flake.nix index 5abd142..97fe803 100644 --- a/flake.nix +++ b/flake.nix @@ -39,8 +39,7 @@ modules = [ ./modules/common/core.nix ./modules/common/users.nix - ./modules/machine/sephiroth/configuration.nix - ./modules/machine/sephiroth/apps.nix + ./modules/machine/sephiroth home-manager.darwinModules.home-manager { @@ -64,8 +63,7 @@ nix-ld.nixosModules.nix-ld ./modules/common/core.nix ./modules/common/users.nix - ./modules/machine/cloud/hardware-configuration.nix - ./modules/machine/cloud/configuration.nix + ./modules/machine/cloud home-manager.nixosModules.home-manager { diff --git a/modules/apps/flatpak.nix b/modules/apps/flatpak.nix new file mode 100644 index 0000000..42c43f5 --- /dev/null +++ b/modules/apps/flatpak.nix @@ -0,0 +1,36 @@ +{ + lib, + pkgs, + flatpakPackages ? [], + flatpakRemotes ? [], +}: { + services.flatpak = { + enable = true; + remotes = + if flatpakRemotes == [] + then [ + { + name = "flathub"; + location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; + } + ] + else flatpakRemotes; + # packages = [ + # "com.github.tchx84.Flatseal" + # "com.slack.Slack" + # "info.beyondallreason.bar" + # "io.dbeaver.DBeaverCommunity" + # "io.openrct2.OpenRCT2" + # "md.obsidian.Obsidian" + # "org.prismlauncher.PrismLauncher" + # "sh.cider.Cider" + # ]; + packages = flatpakPackages; + update = { + auto = { + enable = true; + onCalendar = "weekly"; + }; + }; + }; +} diff --git a/modules/graphics/default.nix b/modules/graphics/default.nix new file mode 100644 index 0000000..62b4668 --- /dev/null +++ b/modules/graphics/default.nix @@ -0,0 +1,42 @@ +{ + pkgs, + lib, + config, + ... +}: { + nixosModules.gpuHardware = {gpuVendor ? null, ...}: { + hardware.opengl = { + # Always enable OpenGL support + enable = true; + + # Dynamically select packages based on GPU vendor + extraPackages = with pkgs; ( + # Base packages that are always included + [ + mesa + libvdpau-va-gl + libva + libva-utils + ] + # Vendor-specific packages + ++ ( + if gpuVendor == "intel" + then [ + intel-vaapi-driver + intel-media-driver + ] + else if gpuVendor == "amd" + then [ + rocm-opencl-icd + ] + else if gpuVendor == "nvidia" + then [ + # Add Nvidia-specific packages if needed + nvidia-vaapi-driver + ] + else [] + ) + ); + }; + }; +} diff --git a/modules/machine/cloud/configuration.nix b/modules/machine/cloud/configuration.nix index 726b98b..f62f39e 100644 --- a/modules/machine/cloud/configuration.nix +++ b/modules/machine/cloud/configuration.nix @@ -1,8 +1,18 @@ { + config, pkgs, userName, ... }: { + imports = [ + ../../apps/flatpak.nix + ../../sound/pipewire.nix + ../../sound/shairport.nix + ../../virtualization/podman.nix + ../../virtualization/hardware.nix + (config.nixosModules.gpuHardware {gpuVendor = "amd";}) + ]; + # Enable flakes for NixOS nix.settings.experimental-features = ["nix-command" "flakes"]; @@ -10,46 +20,12 @@ boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - # Install and enable common graphics drivers - hardware.opengl = { - # driSupport = true; - extraPackages = with pkgs; [ - mesa - libvdpau-va-gl - libva - libva-utils - intel-vaapi-driver # for Intel - intel-media-driver # for Intel - rocm-opencl-icd # for AMD - ]; - }; - - # For systems with AMD graphics, this enables Vulkan on 32-bit applications - # For 64-bit application, however, Vulkan is enabled by default - # hardware.graphics.driSupport32Bit = true; - - # For systems with AMD graphics, enable AMDVLK - #hardware.graphics = { - # extraPackages = with pkgs; [ - # amdvlk - # ]; - # extraPackages32 = with pkgs; [ - # driversi686Linux - # ]; - #}; - # Enable Bluetooth if present hardware.bluetooth.enable = true; # Set your timezone time.timeZone = "America/Detroit"; - # Enable Pipewire (sound) - services.pipewire = { - enable = true; - pulse.enable = true; - }; - # Enable touchpad services.libinput.enable = true; @@ -59,7 +35,6 @@ neovim git wireguard-tools - podman buildah podman-tui podman-compose @@ -160,34 +135,6 @@ networking.firewall.allowedUDPPorts = []; networking.networkmanager.enable = true; # Linux tool for managing network connections - # Enable Flatpak (app containerization) - # services.flatpak.enable = true; - services.flatpak = { - enable = true; - remotes = [ - { - name = "flathub"; - location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; - } - ]; - packages = [ - "com.github.tchx84.Flatseal" - "com.slack.Slack" - "info.beyondallreason.bar" - "io.dbeaver.DBeaverCommunity" - "io.openrct2.OpenRCT2" - "md.obsidian.Obsidian" - "org.prismlauncher.PrismLauncher" - "sh.cider.Cider" - ]; - update = { - auto = { - enable = true; - onCalendar = "weekly"; - }; - }; - }; - # Enable Podman (OCI containers) virtualisation.podman = { enable = true; @@ -195,12 +142,6 @@ defaultNetwork.settings.dns_enabled = true; }; - services.shairport-sync = { - enable = pkgs.stdenv.isLinux; - openFirewall = pkgs.stdenv.isLinux; - arguments = "-v -o pw"; - }; - # users.users."${userName}" = { # group = "${userName}"; # isNormalUser = true; diff --git a/modules/machine/cloud/default.nix b/modules/machine/cloud/default.nix new file mode 100644 index 0000000..187a110 --- /dev/null +++ b/modules/machine/cloud/default.nix @@ -0,0 +1,6 @@ +{...}: { + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; +} diff --git a/modules/machine/sephiroth/configuration.nix b/modules/machine/sephiroth/configuration.nix index f2adfad..d234627 100644 --- a/modules/machine/sephiroth/configuration.nix +++ b/modules/machine/sephiroth/configuration.nix @@ -3,30 +3,22 @@ hostname, ... }: { + imports = [ + ../../virtualization/podman.nix + ]; + system = { - # activationScripts are executed every time you boot the system or run `nixos-rebuild` / `darwin-rebuild`. activationScripts.postUserActivation.text = '' - # activateSettings -u will reload the settings from the database and apply them to the current session, - # so we do not need to logout and login again to make the changes take effect. /System/Library/PrivateFrameworks/SystemAdministration.framework/Resources/activateSettings -u ''; defaults = { - menuExtraClock.Show24Hour = true; # show 24 hour clock + menuExtraClock.Show24Hour = true; - # customize dock dock = { autohide = true; - # show-recents = false; # disable recent apps - - # # customize Hot Corners - # wvous-tl-corner = 2; # top-left - Mission Control - # wvous-tr-corner = 13; # top-right - Lock Screen - # wvous-bl-corner = 3; # bottom-left - Application Windows - # wvous-br-corner = 4; # bottom-right - Desktop }; - # # customize finder finder = { _FXShowPosixPathInTitle = true; # show full path in finder title AppleShowAllExtensions = true; # show all file extensions @@ -36,7 +28,6 @@ ShowStatusBar = true; # show status bar }; - # # customize trackpad # trackpad = { # Clicking = true; # enable tap to click # TrackpadRightClick = true; # enable two finger right click diff --git a/modules/machine/sephiroth/default.nix b/modules/machine/sephiroth/default.nix new file mode 100644 index 0000000..fcb07f3 --- /dev/null +++ b/modules/machine/sephiroth/default.nix @@ -0,0 +1,6 @@ +{...}: { + imports = [ + ./apps.nix + ./configuration.nix + ]; +} diff --git a/modules/sound/pipewire.nix b/modules/sound/pipewire.nix new file mode 100644 index 0000000..56e3063 --- /dev/null +++ b/modules/sound/pipewire.nix @@ -0,0 +1,6 @@ +{...}: { + services.pipewire = { + enable = true; + pulse.enable = true; + }; +} diff --git a/modules/sound/shairport.nix b/modules/sound/shairport.nix new file mode 100644 index 0000000..a81d82f --- /dev/null +++ b/modules/sound/shairport.nix @@ -0,0 +1,7 @@ +{pkgs}: { + services.shairport-sync = { + enable = pkgs.stdenv.isLinux; + openFirewall = pkgs.stdenv.isLinux; + arguments = "-v -o pw"; + }; +} diff --git a/modules/virtualization/docker.nix b/modules/virtualization/docker.nix new file mode 100644 index 0000000..25f7831 --- /dev/null +++ b/modules/virtualization/docker.nix @@ -0,0 +1,6 @@ +{...}: { + virtualisation.docker = { + enable = true; + enableOnBoot = true; + }; +} diff --git a/modules/virtualization/hardware.nix b/modules/virtualization/hardware.nix new file mode 100644 index 0000000..37f8b42 --- /dev/null +++ b/modules/virtualization/hardware.nix @@ -0,0 +1,4 @@ +{...}: { + virtualisation.libvirtd.enable = true; + programs.virt-manager.enable = true; +} diff --git a/modules/virtualization/podman.nix b/modules/virtualization/podman.nix new file mode 100644 index 0000000..b9e685a --- /dev/null +++ b/modules/virtualization/podman.nix @@ -0,0 +1,7 @@ +{...}: { + virtualisation.podman = { + enable = true; + dockerSocket.enable = true; + defaultNetwork.settings.dns_enabled = true; + }; +} -- 2.45.2 From adabefd821281b6dbda27cf8a762ef8ad8c8b94b Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Sun, 15 Dec 2024 18:22:36 -0500 Subject: [PATCH 02/10] modularized all the things part one (?) --- modules/apps/gaming.nix | 180 ++++++++++++++++++++ modules/apps/xdg.nix | 0 modules/common/users.nix | 8 - modules/machine/cloud/README.md | 4 + modules/machine/cloud/configuration.nix | 88 ++++++---- modules/machine/sephiroth/configuration.nix | 11 ++ modules/networking/README.md | 90 ++++++++++ modules/networking/core.nix | 145 ++++++++++++++++ modules/networking/dns.nix | 133 +++++++++++++++ modules/pwrMgmt/README.md | 48 ++++++ modules/pwrMgmt/default.nix | 73 ++++++++ modules/sound/README.md | 19 +++ modules/virtualization/README.md | 51 ++++++ modules/virtualization/docker.nix | 1 + modules/virtualization/podman.nix | 42 ++++- 15 files changed, 848 insertions(+), 45 deletions(-) create mode 100644 modules/apps/gaming.nix create mode 100644 modules/apps/xdg.nix create mode 100644 modules/networking/README.md create mode 100644 modules/networking/core.nix create mode 100644 modules/networking/dns.nix create mode 100644 modules/pwrMgmt/README.md create mode 100644 modules/pwrMgmt/default.nix create mode 100644 modules/sound/README.md create mode 100644 modules/virtualization/README.md diff --git a/modules/apps/gaming.nix b/modules/apps/gaming.nix new file mode 100644 index 0000000..d7efb49 --- /dev/null +++ b/modules/apps/gaming.nix @@ -0,0 +1,180 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.gaming; +in { + options.gaming = { + steam = { + enable = lib.mkEnableOption "Steam gaming platform"; + + firewall = { + remotePlay = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Open firewall ports for Steam Remote Play"; + }; + + localNetworkGameTransfers = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Open firewall ports for local network game transfers"; + }; + }; + }; + + gamemode = { + enable = lib.mkEnableOption "Gamemode performance optimization"; + config = lib.mkOption { + type = lib.types.attrs; + default = {}; + description = "Custom Gamemode configuration options"; + }; + }; + + gamescope = { + enable = lib.mkEnableOption "Gamescope gaming compositor"; + settings = { + resolution = lib.mkOption { + type = lib.types.nullOr (lib.types.submodule { + options = { + width = lib.mkOption { + type = lib.types.int; + description = "Gamescope rendering width"; + }; + height = lib.mkOption { + type = lib.types.int; + description = "Gamescope rendering height"; + }; + }; + }); + default = null; + description = "Gamescope rendering resolution"; + }; + + refreshRate = lib.mkOption { + type = lib.types.nullOr lib.types.int; + default = null; + description = "Gamescope rendering refresh rate"; + }; + }; + }; + + lutris = { + enable = lib.mkEnableOption "Lutris game manager and launcher"; + package = lib.mkOption { + type = lib.types.package; + default = pkgs.lutris; + description = "Lutris package to use (allows for custom or alternative packages)"; + }; + + wine = { + enable = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable Wine support for Lutris"; + }; + + package = lib.mkOption { + type = lib.types.package; + default = pkgs.wineWow; + description = "Wine package to use with Lutris"; + }; + }; + + # Compatibility layers for Lutris + compatibility = { + protonSupport = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable Proton-like compatibility layers for Lutris"; + }; + + extraTools = lib.mkOption { + type = lib.types.listOf lib.types.package; + default = []; + description = "Additional compatibility tools for Lutris"; + }; + }; + + # Additional system packages for Lutris + extraPackages = lib.mkOption { + type = lib.types.listOf lib.types.package; + default = []; + description = "Additional packages to install alongside Lutris"; + }; + }; + + minecraft = lib.mkOption { + enable = lib.mkEnableOption "Minecraft in the form of PrismLauncher, a tool for launching Minecraft"; + }; + ffxiv = lib.mkOption { + enable = lib.mkEnableOption "Final Fantasy XIV and it's accompanied (unofficial) launcher"; + }; + }; + + config = { + programs.steam = lib.mkIf cfg.steam.enable { + enable = true; + remotePlay.openFirewall = cfg.steam.firewall.remotePlay; + localNetworkGameTransfers.openFirewall = cfg.steam.firewall.localNetworkGameTransfers; + }; + + programs.gamemode = lib.mkIf cfg.gamemode.enable { + enable = true; + settings = cfg.gamemode.config; + }; + + programs.gamescope = lib.mkIf cfg.gamescope.enable { + enable = true; + + # Apply custom resolution if specified + args = + lib.optional (cfg.gamescope.settings.resolution != null) [ + "-w" + (toString cfg.gamescope.settings.resolution.width) + "-h" + (toString cfg.gamescope.settings.resolution.height) + ] + ++ lib.optional (cfg.gamescope.settings.refreshRate != null) [ + "-r" + (toString cfg.gamescope.settings.refreshRate) + ]; + }; + + environment.systemPackages = + lib.mkIf cfg.lutris.enable ( + # Base Lutris package + [cfg.lutris.package] + ++ + # Wine packages if enabled + (lib.optionals cfg.lutris.wine.enable [ + cfg.lutris.wine.package + pkgs.winetricks + ]) + ++ + # Proton and compatibility tools + (lib.optionals cfg.lutris.compatibility.protonSupport [ + pkgs.proton-ge-custom + ]) + ++ + # Extra compatibility tools + cfg.lutris.compatibility.extraTools + ++ + # User-specified extra packages + cfg.lutris.extraPackages + ) + lib.mkIf + cfg.minecraft.enable [pkgs.prismlauncher] + lib.mkIf + cfg.ffxiv.enable [pkgs.xivlauncher]; + + # Wine configuration + programs.wine = lib.mkIf (cfg.lutris.enable && cfg.lutris.wine.enable) { + enable = true; + package = cfg.lutris.wine.package; + }; + }; +} diff --git a/modules/apps/xdg.nix b/modules/apps/xdg.nix new file mode 100644 index 0000000..e69de29 diff --git a/modules/common/users.nix b/modules/common/users.nix index d8185d8..ce772dd 100644 --- a/modules/common/users.nix +++ b/modules/common/users.nix @@ -5,16 +5,8 @@ hostname, ... } @ args: { - # Set up networking configuration networking.hostName = hostname; - # networking.computerName = hostname; - # networking.firewall.enable = true; # VERY important, do not touch - # networking.firewall.allowedTCPPorts = []; - # networking.firewall.allowedUDPPorts = []; - # networking.networkmanager.enable = pkgs.stdenv.isLinux; # Linux tool for managing network connections - # system.defaults.smb.NetBIOSName = hostname; - # Set up user accounts # Don't forget to set a password with ‘passwd’! users.users."${userName}" = lib.mkMerge [ { diff --git a/modules/machine/cloud/README.md b/modules/machine/cloud/README.md index 6650285..e4a13aa 100644 --- a/modules/machine/cloud/README.md +++ b/modules/machine/cloud/README.md @@ -7,3 +7,7 @@ Licensed by the Mozilla Public License v2 ## Synopsis This directory is where the machine-specific configuration files for hostname `cloud` live, my primary desktop. These files get called by the root `flake.nix` file. + +### `TODO` list + +- Migrate to (disko)[https://github.com/nix-community/disko] diff --git a/modules/machine/cloud/configuration.nix b/modules/machine/cloud/configuration.nix index f62f39e..4ebc39f 100644 --- a/modules/machine/cloud/configuration.nix +++ b/modules/machine/cloud/configuration.nix @@ -3,9 +3,12 @@ pkgs, userName, ... -}: { +}: let + timeZone = null; +in { imports = [ ../../apps/flatpak.nix + ../../pwrMgmt ../../sound/pipewire.nix ../../sound/shairport.nix ../../virtualization/podman.nix @@ -24,7 +27,7 @@ hardware.bluetooth.enable = true; # Set your timezone - time.timeZone = "America/Detroit"; + time.timeZone = timeZone ? "America/Detroit"; # Enable touchpad services.libinput.enable = true; @@ -35,11 +38,6 @@ neovim git wireguard-tools - buildah - podman-tui - podman-compose - podman-desktop - toolbox grim slurp playerctl @@ -83,25 +81,63 @@ # Enable Polkit security.polkit.enable = true; - # Enable power management - powerManagement = { - enable = true; - powertop.enable = false; # TODO: to be enabled on laptops - cpuFreqGovernor = "performace"; + # Gaming module (see ../../apps/gaming.nix) + customGaming = { + steam = { + enable = true; + firewall = { + remotePlay = true; + localNetworkGameTransfers = true; + }; + }; + gamemode.enable = true; + gamescope.enable = true; + lutris = { + enable = true; + wine = { + enable = true; + package = pkgs.wine; + }; + compatibility = { + protonSupport = true; + extraTools = with pkgs; [ + proton-ge-custom + ]; + }; + extraPackages = with pkgs; [ + gamemode + mangohud + ]; + }; + + minecraft.enable = true; }; - # Enable Steam and open various firewall ports when applicable - programs.steam = { + # Power management (see ../../pwrMgmt/default.nix) + customPowerManagement = { enable = true; - remotePlay.openFirewall = true; - localNetworkGameTransfers.openFirewall = true; + cpuFreqGovernor = "performance"; + powertop.enable = false; }; - # Enable gamemode (gamemode, gamemoded, gamemoderun) when needed - programs.gamemode.enable = true; + podman = { + podman = { + enable = true; + extraPackages = with pkgs; [ + docker-credential-helpers + toolbox + cosign + crane + podman-tui + podman-desktop + ]; + }; + }; - # Enable gamescope (compositor) when needed - programs.gamescope.enable = true; + customNetworking = { + firewall.enable = true; + networkManager.enable = true; + }; # Enable dconf programs.dconf.enable = true; @@ -135,17 +171,5 @@ networking.firewall.allowedUDPPorts = []; networking.networkmanager.enable = true; # Linux tool for managing network connections - # Enable Podman (OCI containers) - virtualisation.podman = { - enable = true; - dockerSocket.enable = true; - defaultNetwork.settings.dns_enabled = true; - }; - - # users.users."${userName}" = { - # group = "${userName}"; - # isNormalUser = true; - # }; - system.stateVersion = "24.05"; } diff --git a/modules/machine/sephiroth/configuration.nix b/modules/machine/sephiroth/configuration.nix index d234627..26c7a51 100644 --- a/modules/machine/sephiroth/configuration.nix +++ b/modules/machine/sephiroth/configuration.nix @@ -167,6 +167,17 @@ system.stateVersion = 5; + containers.podman = { + enable = true; + dockerCompat = false; + extraPackages = with pkgs; [ + podman-tui + docker-credential-helpers + cosign + crane + ]; + }; + # Set your time zone. time.timeZone = "America/Detroit"; } diff --git a/modules/networking/README.md b/modules/networking/README.md new file mode 100644 index 0000000..fff25ce --- /dev/null +++ b/modules/networking/README.md @@ -0,0 +1,90 @@ +# Network and networking modules + +This directory houses all network, firewall, DHCP, DNS, and all other related networking enablement. + +## `core.nix` + +This is where the firewall and NetworkManager live. For the firewall, you have pre-defined options that will open ports for you by enabling some network service. + +For example: + +```nix +tcpPorts.web.enable = true; +udpPorts.dns.enable = true; +``` + +Here's a more featureful example of how you would enable a firewall and set up NetworkManager: + +```nix + customNetworking = { + firewall = { + enable = true; + + # Open web service ports + tcpPorts.web.enable = true; + + # Custom TCP ports + tcpPorts.allowedPorts = [ 8080 22 ]; + + # Custom UDP ports + udpPorts.allowedPorts = [ 5000 ]; + }; + + networkManager = { + enable = true; + extraPlugins = with pkgs; [ + # Additional NetworkManager plugins + networkmanager-openvpn + networkmanager-openconnect + ]; + }; + }; +``` + +As shown above, you'll have to open ports for services you would want to access remotely. + +## DNS + +There are two options here: BIND9 (or simply Bind) or Technitium DNS server. Enabling both DNS servers will throw an error and your configuration will not build. + +You'll have to import `./dns.nix` for the services to be enabled. + +Here's an example of what configuration might look like: + +```nix + dns.bind = { + enable = true; + settings = { + interfaces = [ "127.0.0.1" "192.168.100.100" ]; + zones = [ + { + name = "example.com"; + type = "master"; + file = "/etc/named/zones/example.com.zone"; + } + ]; + extraConfig = '' + // Additional BIND configuration + options { + directory "/var/named"; + recursion yes; + } + ''; + } + }; +``` + +_or_ + +```nix + dns.technitium = { + enable = true; + settings = { + address = "192.168.100.0"; + port = 5380; + extraOptions = { + LOG_LEVEL = "info"; + }; + } + }; +``` diff --git a/modules/networking/core.nix b/modules/networking/core.nix new file mode 100644 index 0000000..c7e0500 --- /dev/null +++ b/modules/networking/core.nix @@ -0,0 +1,145 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.customNetworking; +in { + options.customNetworking = { + # Firewall Configuration + firewall = { + enable = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable system firewall"; + }; + + tcpPorts = { + # Predefined, default common service ports + ssh = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Open SSH service port (22)"; + }; + }; + web = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Open common web service ports (80, 443)"; + }; + }; + smtp = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Open SMTP service ports (25, 465, 587)"; + }; + }; + imap = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Open IMAP service ports (143, 993)"; + }; + }; + mysql = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Open MySQL service port (3306)"; + }; + }; + mssql = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Open Microsoft SQL Server service port (1433)"; + }; + }; + postgres = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Open Postgres service port (5432)"; + }; + }; + allowedPorts = lib.mkOption { + type = lib.types.listOf lib.types.port; + default = []; + description = "List of custom TCP ports to open"; + }; + }; + + udpPorts = { + dns = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Open DNS service port (53)"; + }; + }; + ntp = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Open NTP service port (123)"; + }; + }; + allowedPorts = lib.mkOption { + type = lib.types.listOf lib.types.port; + default = []; + description = "List of custom UDP ports to open"; + }; + }; + }; + + networkManager = { + enable = lib.mkOption { + type = lib.types.bool; + default = true; + description = "Enable NetworkManager for network connection management"; + }; + + extraPlugins = lib.mkOption { + type = lib.types.listOf lib.types.package; + default = []; + description = "Additional NetworkManager plugins to install"; + }; + }; + }; + + config = { + networking.firewall = { + enable = cfg.firewall.enable; + + allowedTCPPorts = + ( + lib.optionals + cfg.firewall.tcpPorts.ssh.enable [22] + cfg.firewall.tcpPorts.web.enable [80 443] + cfg.firewall.tcpPorts.smtp.enable [25 465 587] + cfg.firewall.tcpPorts.imap.enable [143 993] + cfg.firewall.tcpPorts.mysql.enable [3306] + cfg.firewall.tcpPorts.mssql.enable [1433] + cfg.firewall.tcpPorts.postgres.enable [5432] + ) + ++ cfg.firewall.tcpPorts.allowedPorts; + + allowedUDPPorts = + ( + lib.optionals + cfg.firewall.udpPorts.dns.enable [53] + cfg.firewall.udpPorts.ntp.enable [123] + ) + ++ cfg.firewall.udpPorts.allowedPorts; + }; + + networking.networkmanager = { + enable = cfg.networkManager.enable; + packages = cfg.networkManager.extraPlugins; + }; + }; +} diff --git a/modules/networking/dns.nix b/modules/networking/dns.nix new file mode 100644 index 0000000..1a94c8b --- /dev/null +++ b/modules/networking/dns.nix @@ -0,0 +1,133 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.dns; +in { + options.dns = { + bind = { + enable = lib.mkEnableOption "BIND DNS server"; + settings = { + interfaces = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = ["127.0.0.1"]; + description = "Network interfaces BIND should listen on"; + }; + + zones = lib.mkOption { + type = lib.types.listOf (lib.types.submodule { + options = { + name = lib.mkOption { + type = lib.types.str; + description = "Name of the DNS zone"; + }; + type = lib.mkOption { + type = lib.types.enum ["master" "slave"]; + default = "master"; + description = "Type of DNS zone"; + }; + file = lib.mkOption { + type = lib.types.str; + default = ""; + description = "Path to zone file"; + }; + }; + }); + default = []; + description = "DNS zones to configure"; + }; + + extraConfig = lib.mkOption { + type = lib.types.lines; + default = ""; + description = "Additional BIND configuration options"; + }; + }; + }; + + technitium = { + enable = lib.mkEnableOption "Technitium DNS server"; + settings = { + address = lib.mkOption { + type = lib.types.str; + default = "0.0.0.0"; + description = "IP address Technitium should listen on"; + }; + port = lib.mkOption { + type = lib.types.port; + default = 5380; + description = "Port for Technitium DNS server"; + }; + extraOptions = lib.mkOption { + type = lib.types.attrs; + default = {}; + description = "Additional Technitium configuration options"; + }; + }; + }; + }; + + # Validate that only one DNS server is enabled + imports = [ + (lib.mkIf (cfg.bind.enable && cfg.technitium.enable) (throw "Only one DNS server can be enabled at a time")) + ]; + + # Implementation of the configuration + config = lib.mkMerge [ + # BIND DNS Server Configuration + (lib.mkIf cfg.bind.enable { + services.named = { + enable = true; + interfaces = cfg.bind.settings.interfaces; + zones = + map (zone: { + name = zone.name; + type = zone.type; + file = zone.file; + }) + cfg.bind.settings.zones; + extraConfig = cfg.bind.settings.extraConfig; + }; + networking.firewall = { + allowedTCPPorts = [53]; + allowedUDPPorts = [53]; + }; + environment.systemPackages = [pkgs.bind]; + }) + + # Technitium DNS Server Configuration + (lib.mkIf cfg.technitium.enable { + # Create a systemd service for Technitium + systemd.services.technitium-dns = { + description = "Technitium DNS Server"; + wantedBy = ["multi-user.target"]; + + serviceConfig = { + ExecStart = "${pkgs.technitium}/bin/dns-server-start.sh"; + Restart = "on-failure"; + }; + + # Environment configuration + environment = + { + DNS_LISTEN_ADDRESS = cfg.technitium.settings.address; + DNS_LISTEN_PORT = toString cfg.technitium.settings.port; + } + // lib.mapAttrs' ( + name: value: + lib.nameValuePair "DNS_${lib.toUpper name}" (toString value) + ) + cfg.technitium.settings.extraOptions; + }; + + networking.firewall = { + allowedTCPPorts = [cfg.technitium.settings.port]; + allowedUDPPorts = [cfg.technitium.settings.port]; + }; + + environment.systemPackages = [pkgs.technitium]; + }) + ]; +} diff --git a/modules/pwrMgmt/README.md b/modules/pwrMgmt/README.md new file mode 100644 index 0000000..04349d0 --- /dev/null +++ b/modules/pwrMgmt/README.md @@ -0,0 +1,48 @@ +# Power management modules + +This directory houses my own custom defined power management settings. These are set in the machine-specific configurations (typically). + +## Examples + +Given that this configuration is in the `machine/` directory (where hostname is the name of the computer your configuring): + +### Desktop configuration + +```nix + imports = [ + ../../pwrMgmt + # other configuration files here... + ]; + + customPowerManagement = { + enable = true; + cpuFreqGovernor = "performance"; + powertop.enable = false; + }; +``` + +### Laptop configuration + +```nix + imports = [ + ../../pwrMgmt + # other configuration files here... + ]; + + customPowerManagement = { + enable = true; + cpuFreqGovernor = "powersave"; + powertop = { + enable = true; + autotuneOnBoot = true; + }; + battery = { + enable = true; + startChargeThreshold = 40; + stopChargeThreshold = 75; + }; + }; + +``` + +Remember, these are just examples. Please suit these examples to fit your specific hardware. diff --git a/modules/pwrMgmt/default.nix b/modules/pwrMgmt/default.nix new file mode 100644 index 0000000..8a9f2b9 --- /dev/null +++ b/modules/pwrMgmt/default.nix @@ -0,0 +1,73 @@ +{ + config, + lib, + ... +}: let + # Define a more flexible power management module + cfg = config.pwrMgnt; +in { + # Define options for customizable power management + options.pwrMgnt = { + enable = lib.mkEnableOption "Custom power management configuration"; + + cpuFreqGovernor = lib.mkOption { + type = lib.types.enum [ + "performance" + "powersave" + "ondemand" + "conservative" + ]; + default = "performance"; + description = "CPU frequency scaling governor to use"; + }; + + # PowerTop Configuration + powertop = { + enable = lib.mkEnableOption "PowerTop power management tool"; + + autotuneOnBoot = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Automatically tune power settings on boot"; + }; + }; + + # Battery-specific settings (for laptops) + battery = { + enable = lib.mkEnableOption "Battery-specific power management"; + + startChargeThreshold = lib.mkOption { + type = lib.types.int; + default = 20; + description = "Percentage at which to start charging"; + }; + + stopChargeThreshold = lib.mkOption { + type = lib.types.int; + default = 80; + description = "Percentage at which to stop charging"; + }; + }; + }; + + config = lib.mkIf cfg.enable { + powerManagement = { + enable = true; + cpuFreqGovernor = cfg.cpuFreqGovernor; + }; + + services.powertop.enable = cfg.powertop.enable; + systemd.services.battery-charge-threshold = lib.mkIf cfg.battery.enable { + description = "Set battery charge thresholds"; + wantedBy = ["multi-user.target"]; + script = '' + if [ -f /sys/class/power_supply/BAT0/charge_start_threshold ]; then + echo ${toString cfg.battery.startChargeThreshold} > /sys/class/power_supply/BAT0/charge_start_threshold + fi + if [ -f /sys/class/power_supply/BAT0/charge_stop_threshold ]; then + echo ${toString cfg.battery.stopChargeThreshold} > /sys/class/power_supply/BAT0/charge_stop_threshold + fi + ''; + }; + }; +} diff --git a/modules/sound/README.md b/modules/sound/README.md new file mode 100644 index 0000000..2859c8c --- /dev/null +++ b/modules/sound/README.md @@ -0,0 +1,19 @@ +# Sound and audio modules + +This directory houses all sound and audio modules for a given system. + +## Pipewire + +Pipewire is the new kid on the block, and frankly, this new kid cleans the streets. With Pulseaudio and ALSA compatibility, this is basically the _defacto_ audio solution for every Linux workstation. + +Although, for some use cases, expect me to write a Pulseaudio or an ALSA module here soon :P + +All that's needed to get this working to import the `./pipewire.nix` into your machine's configuration. + +## Shairport + +This is a program where your computer is enabled with AirPlay! How cool is that?? + +All that's needed to get this working to import the `./shairport.nix` into your machine's configuration. + +Note that this _only_ works with Pipewire. diff --git a/modules/virtualization/README.md b/modules/virtualization/README.md new file mode 100644 index 0000000..807ab08 --- /dev/null +++ b/modules/virtualization/README.md @@ -0,0 +1,51 @@ +# Virtualization modules + +This directory houses all virtualization and container related enablement. Cloud native anyone?? + +## Hardware virtualization + +This is for running virtual machines on the bare metal. + +All that's needed to get this working to import the `./hardware.nix` into your machine's configuration. + +## Docker (OCI containers) + +This is for running the Docker runtime (rootful or rootless, rootful by default) to run OCI containers. + +All that's needed to get this working to import the `./docker.nix` into your machine's configuration. + +Note: I don't use Docker too much as I use Podman for development. I'd check the Podman documentation. + +## Podman/Buildah (OCI containers) + +This is for running the Podman runtime (rootless) to run OCI containers. + +You will need to import `./podman.nix` into your machine configuration. Additionally, there's some added configuration to suit your needs. + +Example: + +```nix + podman = { + podman = { + enable = true; + extraPackages = with pkgs; [ + docker-credential-helpers + toolbox + cosign + crane + podman-tui + podman-desktop + ]; + }; + }; +``` + +To get a full, comprehensive list of what you can do with the podman module, please check out (podman.nix)[./podman.nix]! + +## Kubernetes + +Coming soon! + +## LXC/LXD + +I don't have anything in the way of a nix configuration for LXC/LXD as I don't have a use-case for them. Come back later! diff --git a/modules/virtualization/docker.nix b/modules/virtualization/docker.nix index 25f7831..ab223bf 100644 --- a/modules/virtualization/docker.nix +++ b/modules/virtualization/docker.nix @@ -2,5 +2,6 @@ virtualisation.docker = { enable = true; enableOnBoot = true; + rootless = false; }; } diff --git a/modules/virtualization/podman.nix b/modules/virtualization/podman.nix index b9e685a..495c4fd 100644 --- a/modules/virtualization/podman.nix +++ b/modules/virtualization/podman.nix @@ -1,7 +1,39 @@ -{...}: { - virtualisation.podman = { - enable = true; - dockerSocket.enable = true; - defaultNetwork.settings.dns_enabled = true; +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.containers; +in { + options.containers = { + podman = { + enable = lib.mkEnableOption "Podman container runtime"; + dockerCompat = lib.mkEnableOption "Enable Docker compatibility"; + extraPackages = lib.mkOption { + type = lib.types.listOf lib.types.package; + default = []; + description = "Additional packages to install when Podman is enabled"; + }; + }; + }; + + config = lib.mkIf cfg.podman.enable { + virtualisation.podman = { + enable = true; + dockerCompat = cfg.podman.dockerCompat; + enableOnBoot = true; + defaultNetwork.settings.dns_enabled = true; + }; + + environment.systemPackages = + [ + pkgs.podman-compose + pkgs.buildah + pkgs.skopeo + pkgs.dive + pkgs.container-diff + ] + ++ cfg.podman.extraPackages; }; } -- 2.45.2 From ea8607eb411dc7ebb8d64ba5d0ca9c2cb389ce06 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Sun, 15 Dec 2024 22:37:43 -0500 Subject: [PATCH 03/10] small changes --- modules/machine/cloud/configuration.nix | 6 ++-- modules/machine/cloud/default.nix | 6 ---- modules/machine/sephiroth/configuration.nix | 1 - modules/machine/sephiroth/default.nix | 6 ---- modules/virtualization/podman.nix | 37 +++++++++++---------- 5 files changed, 21 insertions(+), 35 deletions(-) delete mode 100644 modules/machine/cloud/default.nix delete mode 100644 modules/machine/sephiroth/default.nix diff --git a/modules/machine/cloud/configuration.nix b/modules/machine/cloud/configuration.nix index 4ebc39f..cf41780 100644 --- a/modules/machine/cloud/configuration.nix +++ b/modules/machine/cloud/configuration.nix @@ -3,9 +3,7 @@ pkgs, userName, ... -}: let - timeZone = null; -in { +}: { imports = [ ../../apps/flatpak.nix ../../pwrMgmt @@ -27,7 +25,7 @@ in { hardware.bluetooth.enable = true; # Set your timezone - time.timeZone = timeZone ? "America/Detroit"; + time.timeZone = "America/Detroit"; # Enable touchpad services.libinput.enable = true; diff --git a/modules/machine/cloud/default.nix b/modules/machine/cloud/default.nix deleted file mode 100644 index 187a110..0000000 --- a/modules/machine/cloud/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{...}: { - imports = [ - ./configuration.nix - ./hardware-configuration.nix - ]; -} diff --git a/modules/machine/sephiroth/configuration.nix b/modules/machine/sephiroth/configuration.nix index 26c7a51..e9c2dae 100644 --- a/modules/machine/sephiroth/configuration.nix +++ b/modules/machine/sephiroth/configuration.nix @@ -171,7 +171,6 @@ enable = true; dockerCompat = false; extraPackages = with pkgs; [ - podman-tui docker-credential-helpers cosign crane diff --git a/modules/machine/sephiroth/default.nix b/modules/machine/sephiroth/default.nix deleted file mode 100644 index fcb07f3..0000000 --- a/modules/machine/sephiroth/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{...}: { - imports = [ - ./apps.nix - ./configuration.nix - ]; -} diff --git a/modules/virtualization/podman.nix b/modules/virtualization/podman.nix index 495c4fd..de34445 100644 --- a/modules/virtualization/podman.nix +++ b/modules/virtualization/podman.nix @@ -18,22 +18,23 @@ in { }; }; - config = lib.mkIf cfg.podman.enable { - virtualisation.podman = { - enable = true; - dockerCompat = cfg.podman.dockerCompat; - enableOnBoot = true; - defaultNetwork.settings.dns_enabled = true; - }; - - environment.systemPackages = - [ - pkgs.podman-compose - pkgs.buildah - pkgs.skopeo - pkgs.dive - pkgs.container-diff - ] - ++ cfg.podman.extraPackages; - }; + config = lib.mkIf cfg.enable (lib.attrsets.optionalAttrs (config.nixpkgs.hostPlatform.isLinux) { + virtualisation.podman = { + enable = true; + dockerCompat = cfg.dockerCompat; + enableOnBoot = true; + defaultNetwork.settings.dns_enabled = true; + }; + } + // { + environment.systemPackages = + [ + pkgs.podman-compose + pkgs.buildah + pkgs.skopeo + pkgs.dive + pkgs.container-diff + ] + ++ cfg.extraPackages; + }); } -- 2.45.2 From 1e3ffdf0a3b4b1e8f746d8eef9b7e28cbc1682b2 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Wed, 18 Dec 2024 13:07:02 -0500 Subject: [PATCH 04/10] created defaults, created common fonts, modified root flake nix --- flake.lock | 30 ++++++++++----------- flake.nix | 6 ++--- modules/common/default.nix | 7 +++++ modules/common/fonts.nix | 14 ++++++++++ modules/machine/cloud/configuration.nix | 10 ------- modules/machine/cloud/default.nix | 6 +++++ modules/machine/sephiroth/configuration.nix | 4 +-- modules/machine/sephiroth/default.nix | 6 +++++ 8 files changed, 52 insertions(+), 31 deletions(-) create mode 100644 modules/common/default.nix create mode 100644 modules/common/fonts.nix create mode 100644 modules/machine/cloud/default.nix create mode 100644 modules/machine/sephiroth/default.nix diff --git a/flake.lock b/flake.lock index 087431b..89834cd 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1730448474, - "narHash": "sha256-qE/cYKBhzxHMtKtLK3hlSR3uzO1pWPGLrBuQK7r0CHc=", + "lastModified": 1733570843, + "narHash": "sha256-sQJAxY1TYWD1UyibN/FnN97paTFuwBw3Vp3DNCyKsMk=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "683d0c4cd1102dcccfa3f835565378c7f3cbe05e", + "rev": "a35b08d09efda83625bef267eb24347b446c80b8", "type": "github" }, "original": { @@ -28,11 +28,11 @@ ] }, "locked": { - "lastModified": 1730490306, - "narHash": "sha256-AvCVDswOUM9D368HxYD25RsSKp+5o0L0/JHADjLoD38=", + "lastModified": 1734344598, + "narHash": "sha256-wNX3hsScqDdqKWOO87wETUEi7a/QlPVgpC/Lh5rFOuA=", "owner": "nix-community", "repo": "home-manager", - "rev": "1743615b61c7285976f85b303a36cdf88a556503", + "rev": "83ecd50915a09dca928971139d3a102377a8d242", "type": "github" }, "original": { @@ -62,11 +62,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1728031945, - "narHash": "sha256-NRkLjdMtVfC6dD1gEbYZWFEtbmC2xfD6ft1IP7l76Vw=", + "lastModified": 1734338723, + "narHash": "sha256-BpJs2QnVwdE4Btsx2BcBmdsq86H7QJYv2GmoOkr1ii4=", "owner": "Mic92", "repo": "nix-ld", - "rev": "4524c512e8729ccb5a1b9239d01e1474cbf074a2", + "rev": "911665df070e3d6c970e5a248fc4a38550bd5689", "type": "github" }, "original": { @@ -77,11 +77,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1727634051, - "narHash": "sha256-S5kVU7U82LfpEukbn/ihcyNt2+EvG7Z5unsKW9H/yFA=", + "lastModified": 1733015953, + "narHash": "sha256-t4BBVpwG9B4hLgc6GUBuj3cjU7lP/PJfpTHuSqE+crk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "06cf0e1da4208d3766d898b7fdab6513366d45b9", + "rev": "ac35b104800bff9028425fec3b6e8a41de2bbfff", "type": "github" }, "original": { @@ -93,11 +93,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1726243404, - "narHash": "sha256-sjiGsMh+1cWXb53Tecsm4skyFNag33GPbVgCdfj3n9I=", + "lastModified": 1734424634, + "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "345c263f2f53a3710abe117f28a5cb86d0ba4059", + "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 97fe803..1332fc5 100644 --- a/flake.nix +++ b/flake.nix @@ -37,8 +37,7 @@ hostname = "sephiroth"; }; modules = [ - ./modules/common/core.nix - ./modules/common/users.nix + ./modules/common ./modules/machine/sephiroth home-manager.darwinModules.home-manager @@ -61,8 +60,7 @@ modules = [ nix-flatpak.nixosModules.nix-flatpak nix-ld.nixosModules.nix-ld - ./modules/common/core.nix - ./modules/common/users.nix + ./modules/common ./modules/machine/cloud home-manager.nixosModules.home-manager diff --git a/modules/common/default.nix b/modules/common/default.nix new file mode 100644 index 0000000..18cfde2 --- /dev/null +++ b/modules/common/default.nix @@ -0,0 +1,7 @@ +{...}: { + imports = [ + ./core.nix + ./fonts.nix + ./users.nix + ]; +} diff --git a/modules/common/fonts.nix b/modules/common/fonts.nix new file mode 100644 index 0000000..57e2517 --- /dev/null +++ b/modules/common/fonts.nix @@ -0,0 +1,14 @@ +{ + pkgs, + lib, +}: { + fonts.packages = with pkgs; + [ + noto-fonts + noto-fonts-emoji + liberation_ttf + noto-fonts-cjk + monaspace + ] + ++ builtins.filter lib.attrsets.isDerivation (builtins.attrValues pkgs.nerd-fonts); +} diff --git a/modules/machine/cloud/configuration.nix b/modules/machine/cloud/configuration.nix index cf41780..43b1870 100644 --- a/modules/machine/cloud/configuration.nix +++ b/modules/machine/cloud/configuration.nix @@ -48,16 +48,6 @@ patchelf ]; - # Install system-wide fonts - fonts.packages = with pkgs; [ - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - liberation_ttf - monaspace - nerdfonts - ]; - # Set the EDITOR global environment variable to neovim environment.variables.EDITOR = "nvim"; diff --git a/modules/machine/cloud/default.nix b/modules/machine/cloud/default.nix new file mode 100644 index 0000000..187a110 --- /dev/null +++ b/modules/machine/cloud/default.nix @@ -0,0 +1,6 @@ +{...}: { + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; +} diff --git a/modules/machine/sephiroth/configuration.nix b/modules/machine/sephiroth/configuration.nix index e9c2dae..bb08290 100644 --- a/modules/machine/sephiroth/configuration.nix +++ b/modules/machine/sephiroth/configuration.nix @@ -168,9 +168,9 @@ system.stateVersion = 5; containers.podman = { - enable = true; - dockerCompat = false; + enable = false; extraPackages = with pkgs; [ + podman docker-credential-helpers cosign crane diff --git a/modules/machine/sephiroth/default.nix b/modules/machine/sephiroth/default.nix new file mode 100644 index 0000000..fcb07f3 --- /dev/null +++ b/modules/machine/sephiroth/default.nix @@ -0,0 +1,6 @@ +{...}: { + imports = [ + ./apps.nix + ./configuration.nix + ]; +} -- 2.45.2 From b6653cee0b53b3369c7eca9e7d4a7d66d11db5e4 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Wed, 18 Dec 2024 20:09:08 -0500 Subject: [PATCH 05/10] darwin compatible commit, touching up on modules, common system ietms --- modules/common/default.nix | 6 +++- modules/common/fonts.nix | 18 +++++------ modules/machine/cloud/configuration.nix | 23 ++++++------- modules/machine/sephiroth/configuration.nix | 3 +- modules/virtualization/podman.nix | 36 ++++++++------------- 5 files changed, 39 insertions(+), 47 deletions(-) diff --git a/modules/common/default.nix b/modules/common/default.nix index 18cfde2..195ad06 100644 --- a/modules/common/default.nix +++ b/modules/common/default.nix @@ -1,4 +1,8 @@ -{...}: { +{ + pkgs, + lib, + ... +}: { imports = [ ./core.nix ./fonts.nix diff --git a/modules/common/fonts.nix b/modules/common/fonts.nix index 57e2517..0e805af 100644 --- a/modules/common/fonts.nix +++ b/modules/common/fonts.nix @@ -1,14 +1,14 @@ { pkgs, lib, + ... }: { - fonts.packages = with pkgs; - [ - noto-fonts - noto-fonts-emoji - liberation_ttf - noto-fonts-cjk - monaspace - ] - ++ builtins.filter lib.attrsets.isDerivation (builtins.attrValues pkgs.nerd-fonts); + fonts.packages = with pkgs; [ + nerdfonts + noto-fonts + noto-fonts-emoji + liberation_ttf + noto-fonts-cjk-sans + monaspace + ]; } diff --git a/modules/machine/cloud/configuration.nix b/modules/machine/cloud/configuration.nix index 43b1870..85913ee 100644 --- a/modules/machine/cloud/configuration.nix +++ b/modules/machine/cloud/configuration.nix @@ -44,7 +44,6 @@ firefox wttrbar cliphist - xivlauncher patchelf ]; @@ -108,18 +107,16 @@ powertop.enable = false; }; - podman = { - podman = { - enable = true; - extraPackages = with pkgs; [ - docker-credential-helpers - toolbox - cosign - crane - podman-tui - podman-desktop - ]; - }; + containers.podman = { + enable = true; + extraPackages = with pkgs; [ + docker-credential-helpers + toolbox + cosign + crane + podman-tui + podman-desktop + ]; }; customNetworking = { diff --git a/modules/machine/sephiroth/configuration.nix b/modules/machine/sephiroth/configuration.nix index bb08290..c27465e 100644 --- a/modules/machine/sephiroth/configuration.nix +++ b/modules/machine/sephiroth/configuration.nix @@ -168,9 +168,8 @@ system.stateVersion = 5; containers.podman = { - enable = false; + enable = true; extraPackages = with pkgs; [ - podman docker-credential-helpers cosign crane diff --git a/modules/virtualization/podman.nix b/modules/virtualization/podman.nix index de34445..44ee576 100644 --- a/modules/virtualization/podman.nix +++ b/modules/virtualization/podman.nix @@ -4,37 +4,29 @@ pkgs, ... }: let - cfg = config.containers; + cfg = config.containers.podman; in { options.containers = { podman = { enable = lib.mkEnableOption "Podman container runtime"; - dockerCompat = lib.mkEnableOption "Enable Docker compatibility"; + extraPackages = lib.mkOption { type = lib.types.listOf lib.types.package; default = []; - description = "Additional packages to install when Podman is enabled"; + description = "Additional container-related packages to install"; }; }; }; - config = lib.mkIf cfg.enable (lib.attrsets.optionalAttrs (config.nixpkgs.hostPlatform.isLinux) { - virtualisation.podman = { - enable = true; - dockerCompat = cfg.dockerCompat; - enableOnBoot = true; - defaultNetwork.settings.dns_enabled = true; - }; - } - // { - environment.systemPackages = - [ - pkgs.podman-compose - pkgs.buildah - pkgs.skopeo - pkgs.dive - pkgs.container-diff - ] - ++ cfg.extraPackages; - }); + config = lib.mkIf cfg.enable { + environment.systemPackages = + [ + pkgs.podman + pkgs.podman-compose + pkgs.buildah + pkgs.skopeo + pkgs.dive + ] + ++ cfg.extraPackages; + }; } -- 2.45.2 From 39afe2d114ae2265051bc72e9848fa5b0b62e409 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Wed, 18 Dec 2024 20:09:28 -0500 Subject: [PATCH 06/10] wip: home stuff --- home/default.nix | 2 +- home/packages/common.nix | 6 +++++- home/packages/server.nix | 0 home/packages/workstation.nix | 0 home/shell.nix | 2 -- 5 files changed, 6 insertions(+), 4 deletions(-) create mode 100644 home/packages/server.nix create mode 100644 home/packages/workstation.nix diff --git a/home/default.nix b/home/default.nix index 84f605a..851d96f 100644 --- a/home/default.nix +++ b/home/default.nix @@ -50,7 +50,7 @@ in { size = 22; }; - stateVersion = "24.05"; + stateVersion = "24.11"; }; # Let Home Manager install and manage itself. diff --git a/home/packages/common.nix b/home/packages/common.nix index 74bd718..4df3734 100644 --- a/home/packages/common.nix +++ b/home/packages/common.nix @@ -1,4 +1,8 @@ -{pkgs, ...}: { +{ + lib, + pkgs, + ... +}: { home.packages = with pkgs; [ nnn # terminal file manager diff --git a/home/packages/server.nix b/home/packages/server.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/packages/workstation.nix b/home/packages/workstation.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/shell.nix b/home/shell.nix index 0704c2f..94503b5 100644 --- a/home/shell.nix +++ b/home/shell.nix @@ -22,7 +22,6 @@ # top alias top = "btm"; - htop = "btm"; }; functions = { @@ -70,7 +69,6 @@ ''; }; - programs.bash = { enable = true; initExtra = '' -- 2.45.2 From fe049f0594249f7569bd62bb8ab8ecb7992a9a38 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Wed, 18 Dec 2024 20:10:01 -0500 Subject: [PATCH 07/10] change unstable nixpkgs to 24.11 nixpkgs --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 89834cd..8f97c01 100644 --- a/flake.lock +++ b/flake.lock @@ -93,16 +93,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1734424634, - "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", + "lastModified": 1734323986, + "narHash": "sha256-m/lh6hYMIWDYHCAsn81CDAiXoT3gmxXI9J987W5tZrE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", + "rev": "394571358ce82dff7411395829aa6a3aad45b907", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 1332fc5..c82c021 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "Wyatt's nix configuration suite"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=v0.4.1"; nix-ld.url = "github:Mic92/nix-ld"; home-manager = { -- 2.45.2 From 972cd76421270deaa109aa352881e9c0aa9d73a1 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Fri, 20 Dec 2024 08:25:18 -0600 Subject: [PATCH 08/10] fix flatpak module --- modules/apps/flatpak.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/apps/flatpak.nix b/modules/apps/flatpak.nix index 42c43f5..16782c8 100644 --- a/modules/apps/flatpak.nix +++ b/modules/apps/flatpak.nix @@ -3,6 +3,7 @@ pkgs, flatpakPackages ? [], flatpakRemotes ? [], + ... }: { services.flatpak = { enable = true; -- 2.45.2 From 86970a7f6c15e9a6fb361ee54d5d766c34bf28e2 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Mon, 23 Dec 2024 15:35:36 -0500 Subject: [PATCH 09/10] updated modules to work for cloud --- flake.lock | 13 +-- flake.nix | 2 +- modules/apps/flatpak.nix | 10 -- modules/apps/gaming.nix | 49 +++------ modules/graphics/default.nix | 135 ++++++++++++++++++------ modules/machine/cloud/configuration.nix | 55 ++++++---- modules/networking/core.nix | 27 +++-- modules/pwrMgmt/default.nix | 12 +-- modules/sound/shairport.nix | 2 +- modules/virtualization/podman.nix | 4 +- 10 files changed, 178 insertions(+), 131 deletions(-) diff --git a/flake.lock b/flake.lock index 8f97c01..b5e0cf8 100644 --- a/flake.lock +++ b/flake.lock @@ -28,15 +28,16 @@ ] }, "locked": { - "lastModified": 1734344598, - "narHash": "sha256-wNX3hsScqDdqKWOO87wETUEi7a/QlPVgpC/Lh5rFOuA=", + "lastModified": 1734366194, + "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", "owner": "nix-community", "repo": "home-manager", - "rev": "83ecd50915a09dca928971139d3a102377a8d242", + "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", "type": "github" }, "original": { "owner": "nix-community", + "ref": "release-24.11", "repo": "home-manager", "type": "github" } @@ -93,11 +94,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1734323986, - "narHash": "sha256-m/lh6hYMIWDYHCAsn81CDAiXoT3gmxXI9J987W5tZrE=", + "lastModified": 1734737257, + "narHash": "sha256-GIMyMt1pkkoXdCq9un859bX6YQZ/iYtukb9R5luazLM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "394571358ce82dff7411395829aa6a3aad45b907", + "rev": "1c6e20d41d6a9c1d737945962160e8571df55daa", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index c82c021..63300fe 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=v0.4.1"; nix-ld.url = "github:Mic92/nix-ld"; home-manager = { - url = "github:nix-community/home-manager"; + url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; darwin = { diff --git a/modules/apps/flatpak.nix b/modules/apps/flatpak.nix index 16782c8..f6191fe 100644 --- a/modules/apps/flatpak.nix +++ b/modules/apps/flatpak.nix @@ -16,16 +16,6 @@ } ] else flatpakRemotes; - # packages = [ - # "com.github.tchx84.Flatseal" - # "com.slack.Slack" - # "info.beyondallreason.bar" - # "io.dbeaver.DBeaverCommunity" - # "io.openrct2.OpenRCT2" - # "md.obsidian.Obsidian" - # "org.prismlauncher.PrismLauncher" - # "sh.cider.Cider" - # ]; packages = flatpakPackages; update = { auto = { diff --git a/modules/apps/gaming.nix b/modules/apps/gaming.nix index d7efb49..534b4e5 100644 --- a/modules/apps/gaming.nix +++ b/modules/apps/gaming.nix @@ -71,15 +71,10 @@ in { }; wine = { - enable = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Enable Wine support for Lutris"; - }; - + enable = lib.mkEnableOption "Enable Wine support for Lutris"; package = lib.mkOption { type = lib.types.package; - default = pkgs.wineWow; + default = pkgs.wine-staging; description = "Wine package to use with Lutris"; }; }; @@ -107,10 +102,10 @@ in { }; }; - minecraft = lib.mkOption { + minecraft = { enable = lib.mkEnableOption "Minecraft in the form of PrismLauncher, a tool for launching Minecraft"; }; - ffxiv = lib.mkOption { + ffxiv = { enable = lib.mkEnableOption "Final Fantasy XIV and it's accompanied (unofficial) launcher"; }; }; @@ -145,36 +140,20 @@ in { }; environment.systemPackages = - lib.mkIf cfg.lutris.enable ( - # Base Lutris package - [cfg.lutris.package] - ++ - # Wine packages if enabled + (lib.optionals cfg.lutris.enable ( + [cfg.lutris.package] ++ (lib.optionals cfg.lutris.wine.enable [ cfg.lutris.wine.package pkgs.winetricks - ]) - ++ - # Proton and compatibility tools + ]) ++ (lib.optionals cfg.lutris.compatibility.protonSupport [ - pkgs.proton-ge-custom - ]) - ++ - # Extra compatibility tools - cfg.lutris.compatibility.extraTools - ++ - # User-specified extra packages + pkgs.protonup-ng + pkgs.protonup-qt + ]) ++ + cfg.lutris.compatibility.extraTools ++ cfg.lutris.extraPackages - ) - lib.mkIf - cfg.minecraft.enable [pkgs.prismlauncher] - lib.mkIf - cfg.ffxiv.enable [pkgs.xivlauncher]; - - # Wine configuration - programs.wine = lib.mkIf (cfg.lutris.enable && cfg.lutris.wine.enable) { - enable = true; - package = cfg.lutris.wine.package; - }; + )) ++ + (lib.optionals cfg.minecraft.enable [pkgs.prismlauncher]) ++ + (lib.optionals cfg.ffxiv.enable [pkgs.xivlauncher]); }; } diff --git a/modules/graphics/default.nix b/modules/graphics/default.nix index 62b4668..75ca407 100644 --- a/modules/graphics/default.nix +++ b/modules/graphics/default.nix @@ -1,42 +1,107 @@ { - pkgs, - lib, config, + lib, + pkgs, ... -}: { - nixosModules.gpuHardware = {gpuVendor ? null, ...}: { - hardware.opengl = { - # Always enable OpenGL support - enable = true; +}: +with lib; let + cfg = config.graphics; +in { + options.graphics = { + gpuVendor = mkOption { + type = types.enum ["nvidia" "amd" "intel" "none"]; + default = "none"; + description = "GPU vendor to configure graphics drivers for"; + }; - # Dynamically select packages based on GPU vendor - extraPackages = with pkgs; ( - # Base packages that are always included - [ - mesa - libvdpau-va-gl - libva - libva-utils - ] - # Vendor-specific packages - ++ ( - if gpuVendor == "intel" - then [ - intel-vaapi-driver - intel-media-driver - ] - else if gpuVendor == "amd" - then [ - rocm-opencl-icd - ] - else if gpuVendor == "nvidia" - then [ - # Add Nvidia-specific packages if needed - nvidia-vaapi-driver - ] - else [] - ) - ); + enable = mkEnableOption "graphics configuration"; + + wayland = { + enable = mkEnableOption "Wayland support"; + + variableRefreshRate = mkOption { + type = types.bool; + default = false; + description = "Enable variable refresh rate (FreeSync/G-Sync) support"; + }; + }; + + vulkan = { + enable = mkEnableOption "Vulkan support"; + + debug = mkOption { + type = types.bool; + default = false; + description = "Enable Vulkan validation layers"; + }; }; }; + + config = mkIf cfg.enable (mkMerge [ + { + environment.systemPackages = with pkgs; [ + glxinfo + vulkan-tools + mesa-demos + ]; + } + + (mkIf (cfg.gpuVendor == "nvidia") { + services.xserver.videoDrivers = ["nvidia"]; + hardware.nvidia = { + package = config.boot.kernelPackages.nvidiaPackages.stable; + open = true; + modesetting.enable = true; + powerManagement.enable = true; + }; + environment.systemPackages = with pkgs; [ + nvidia-vaapi-driver + nvtopPackages.full + ]; + }) + + (mkIf (cfg.gpuVendor == "amd") { + services.xserver.videoDrivers = ["amdgpu"]; + hardware.opengl.extraPackages = with pkgs; [ + rocm-opencl-icd + rocm-opencl-runtime + amdvlk + ]; + environment.systemPackages = with pkgs; [ + radeontop + ]; + }) + + (mkIf (cfg.gpuVendor == "intel") { + services.xserver.videoDrivers = ["modesetting"]; + hardware.opengl.extraPackages = with pkgs; [ + intel-media-driver + intel-compute-runtime + ]; + }) + + (mkIf cfg.wayland.enable { + programs.xwayland.enable = true; + environment.sessionVariables = { + MOZ_ENABLE_WAYLAND = "1"; + QT_QPA_PLATFORM = "wayland"; + SDL_VIDEODRIVER = "wayland"; + }; + }) + + (mkIf cfg.vulkan.enable { + environment.systemPackages = with pkgs; + [ + vulkan-loader + vulkan-validation-layers + ] + ++ ( + if cfg.vulkan.debug + then [ + vulkan-tools + ] + else [] + ); + }) + ]); } diff --git a/modules/machine/cloud/configuration.nix b/modules/machine/cloud/configuration.nix index 85913ee..df3b495 100644 --- a/modules/machine/cloud/configuration.nix +++ b/modules/machine/cloud/configuration.nix @@ -1,17 +1,32 @@ { config, + lib, pkgs, userName, ... -}: { +}: + let flatpakPackages = [ + "com.github.tchx84.Flatseal" + "com.slack.Slack" + "info.beyondallreason.bar" + "io.dbeaver.DBeaverCommunity" + "io.openrct2.OpenRCT2" + "md.obsidian.Obsidian" + "org.prismlauncher.PrismLauncher" + "sh.cider.Cider" + ]; +in { imports = [ - ../../apps/flatpak.nix + (import ../../apps/flatpak.nix { + inherit lib pkgs flatpakPackages; + }) + ../../apps/gaming.nix + ../../graphics ../../pwrMgmt ../../sound/pipewire.nix ../../sound/shairport.nix ../../virtualization/podman.nix ../../virtualization/hardware.nix - (config.nixosModules.gpuHardware {gpuVendor = "amd";}) ]; # Enable flakes for NixOS @@ -68,8 +83,15 @@ # Enable Polkit security.polkit.enable = true; + graphics = { + enable = true; + gpuVendor = "nvidia"; # or "amd" or "intel" + wayland.enable = true; + vulkan.enable = true; + }; + # Gaming module (see ../../apps/gaming.nix) - customGaming = { + gaming = { steam = { enable = true; firewall = { @@ -83,13 +105,10 @@ enable = true; wine = { enable = true; - package = pkgs.wine; + package = pkgs.wine-staging; }; compatibility = { protonSupport = true; - extraTools = with pkgs; [ - proton-ge-custom - ]; }; extraPackages = with pkgs; [ gamemode @@ -97,17 +116,18 @@ ]; }; + ffxiv.enable = true; minecraft.enable = true; }; # Power management (see ../../pwrMgmt/default.nix) - customPowerManagement = { + pwrMgmt = { enable = true; cpuFreqGovernor = "performance"; powertop.enable = false; }; - containers.podman = { + podman = { enable = true; extraPackages = with pkgs; [ docker-credential-helpers @@ -119,9 +139,9 @@ ]; }; - customNetworking = { + networking = { firewall.enable = true; - networkManager.enable = true; + networkmanager.enable = true; }; # Enable dconf @@ -130,6 +150,9 @@ # Add username to groups "wheel" and "video" - more may be added here later users.users.${userName}.extraGroups = ["wheel" "video" "gamemode" "podman" "network"]; + # Flatpak packages (see ../../apps/flatpak.nix) + services.flatpak.packages = flatpakPackages; + # XDG stuff xdg = { portal = { @@ -150,11 +173,5 @@ }; }; - # Firewall stuff not allowed in common user and network creation - networking.firewall.enable = true; # VERY important, do not touch - networking.firewall.allowedTCPPorts = []; - networking.firewall.allowedUDPPorts = []; - networking.networkmanager.enable = true; # Linux tool for managing network connections - - system.stateVersion = "24.05"; + system.stateVersion = "24.11"; } diff --git a/modules/networking/core.nix b/modules/networking/core.nix index c7e0500..98d8ef1 100644 --- a/modules/networking/core.nix +++ b/modules/networking/core.nix @@ -1,15 +1,14 @@ { config, lib, - pkgs, ... }: let - cfg = config.customNetworking; + cfg = config.networking; in { - options.customNetworking = { + options.networking = { # Firewall Configuration firewall = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = true; description = "Enable system firewall"; @@ -18,49 +17,49 @@ in { tcpPorts = { # Predefined, default common service ports ssh = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = false; description = "Open SSH service port (22)"; }; }; web = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = false; description = "Open common web service ports (80, 443)"; }; }; smtp = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = false; description = "Open SMTP service ports (25, 465, 587)"; }; }; imap = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = false; description = "Open IMAP service ports (143, 993)"; }; }; mysql = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = false; description = "Open MySQL service port (3306)"; }; }; mssql = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = false; description = "Open Microsoft SQL Server service port (1433)"; }; }; postgres = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = false; description = "Open Postgres service port (5432)"; @@ -75,14 +74,14 @@ in { udpPorts = { dns = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = false; description = "Open DNS service port (53)"; }; }; ntp = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = false; description = "Open NTP service port (123)"; @@ -97,7 +96,7 @@ in { }; networkManager = { - enable = lib.mkOption { + enable = lib.mkEnableOption { type = lib.types.bool; default = true; description = "Enable NetworkManager for network connection management"; diff --git a/modules/pwrMgmt/default.nix b/modules/pwrMgmt/default.nix index 8a9f2b9..f460b20 100644 --- a/modules/pwrMgmt/default.nix +++ b/modules/pwrMgmt/default.nix @@ -1,15 +1,13 @@ { config, lib, + pkgs, ... }: let - # Define a more flexible power management module - cfg = config.pwrMgnt; + cfg = config.pwrMgmt; in { - # Define options for customizable power management - options.pwrMgnt = { + options.pwrMgmt = { enable = lib.mkEnableOption "Custom power management configuration"; - cpuFreqGovernor = lib.mkOption { type = lib.types.enum [ "performance" @@ -21,7 +19,6 @@ in { description = "CPU frequency scaling governor to use"; }; - # PowerTop Configuration powertop = { enable = lib.mkEnableOption "PowerTop power management tool"; @@ -32,7 +29,6 @@ in { }; }; - # Battery-specific settings (for laptops) battery = { enable = lib.mkEnableOption "Battery-specific power management"; @@ -56,7 +52,7 @@ in { cpuFreqGovernor = cfg.cpuFreqGovernor; }; - services.powertop.enable = cfg.powertop.enable; + environment.systemPackages = lib.mkIf cfg.powertop.enable [pkgs.powertop]; systemd.services.battery-charge-threshold = lib.mkIf cfg.battery.enable { description = "Set battery charge thresholds"; wantedBy = ["multi-user.target"]; diff --git a/modules/sound/shairport.nix b/modules/sound/shairport.nix index a81d82f..58843cd 100644 --- a/modules/sound/shairport.nix +++ b/modules/sound/shairport.nix @@ -1,4 +1,4 @@ -{pkgs}: { +{pkgs, ...}: { services.shairport-sync = { enable = pkgs.stdenv.isLinux; openFirewall = pkgs.stdenv.isLinux; diff --git a/modules/virtualization/podman.nix b/modules/virtualization/podman.nix index 44ee576..9dc8589 100644 --- a/modules/virtualization/podman.nix +++ b/modules/virtualization/podman.nix @@ -4,9 +4,9 @@ pkgs, ... }: let - cfg = config.containers.podman; + cfg = config.podman; in { - options.containers = { + options = { podman = { enable = lib.mkEnableOption "Podman container runtime"; -- 2.45.2 From 51d8ee28872bde88a0747358923b813bcde6cf97 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Fri, 27 Dec 2024 01:35:22 -0500 Subject: [PATCH 10/10] added latest linux kernel, added comments --- modules/machine/cloud/configuration.nix | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/modules/machine/cloud/configuration.nix b/modules/machine/cloud/configuration.nix index df3b495..cde372b 100644 --- a/modules/machine/cloud/configuration.nix +++ b/modules/machine/cloud/configuration.nix @@ -4,8 +4,8 @@ pkgs, userName, ... -}: - let flatpakPackages = [ +}: let + flatpakPackages = [ "com.github.tchx84.Flatseal" "com.slack.Slack" "info.beyondallreason.bar" @@ -32,7 +32,8 @@ in { # Enable flakes for NixOS nix.settings.experimental-features = ["nix-command" "flakes"]; - # Utilize systemd-boot + # Custom kernel/boot stuff + boot.kernelPackages = pkgs.linuxPackages_latest; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -42,9 +43,6 @@ in { # Set your timezone time.timeZone = "America/Detroit"; - # Enable touchpad - services.libinput.enable = true; - # Install packages to be installed system-wide environment.systemPackages = with pkgs; [ vim @@ -83,6 +81,7 @@ in { # Enable Polkit security.polkit.enable = true; + # Graphics module (../../graphics/default.nix) graphics = { enable = true; gpuVendor = "nvidia"; # or "amd" or "intel" @@ -127,6 +126,7 @@ in { powertop.enable = false; }; + # Podman module (see ../../virtualization/podman.nix) podman = { enable = true; extraPackages = with pkgs; [ @@ -139,6 +139,7 @@ in { ]; }; + # Core networking module (see ../../networking/core.nix) networking = { firewall.enable = true; networkmanager.enable = true; -- 2.45.2