more stuff

2025-07-05 20:50:15 +00:00 · 2025-02-01 16:10:16 -05:00
parent ea3ab18cca
commit 1226eafef2
34 changed files with 291 additions and 308 deletions
--- a/platforms/nixos/modules/nmasur/presets/services/lightdm.nix
+++ b/platforms/nixos/modules/nmasur/presets/services/lightdm.nix
@ -10,7 +10,13 @@ in

 {

-  options.nmasur.presets.services.lightdm.enable = lib.mkEnableOption "Lightdm display manager";
+  options.nmasur.presets.services.lightdm = {
+    enable = lib.mkEnableOption "Lightdm display manager";
+    wallpaper = {
+      type = lib.types.path;
+      description = "Wallpaper background image file";
+    };
+  };

  config = lib.mkIf cfg.enable {

@ -21,7 +27,7 @@ in
      displayManager = {
        lightdm = {
          enable = true;
-          background = config.wallpaper;
+          background = cfg.wallpaper;

          # Show default user
          # Also make sure /var/lib/AccountsService/users/<user> has SystemAccount=false
--- a/platforms/nixos/modules/nmasur/presets/services/logind.nix
+++ b/platforms/nixos/modules/nmasur/presets/services/logind.nix
@ -0,0 +1,18 @@
+{ config, lib, ... }:
+
+let
+  cfg = config.nmasur.presets.services.logind;
+in
+{
+
+  options.nmasur.presets.services.logind.enable = lib.mkEnableOption "Logind power key management";
+
+  config = lib.mkIf cfg.enable {
+
+    # Use power button to sleep instead of poweroff
+    services.logind.powerKey = "suspend";
+    services.logind.powerKeyLongPress = "poweroff";
+
+  };
+
+}
--- a/platforms/nixos/modules/nmasur/profiles/base.nix
+++ b/platforms/nixos/modules/nmasur/profiles/base.nix
@ -15,21 +15,34 @@ in
  config = lib.mkIf cfg.enable {

    # Allows us to declaritively set password
-    users.mutableUsers = false;
+    users.mutableUsers = lib.mkDefault false;

    # Define a user account. Don't forget to set a password with ‘passwd’.
    users.users.${config.user} = {

      # Create a home directory for human user
-      isNormalUser = true;
+      isNormalUser = lib.mkDefault true;

      # Automatically create a password to start
-      hashedPassword = config.passwordHash;
+      hashedPassword = lib.mkDefault config.passwordHash;

-      extraGroups = [
+      extraGroups = lib.mkDefault [
        "wheel" # Sudo privileges
      ];
    };

+    # Include home-manager config in NixOS
+    home-manager = {
+      sharedModules = [ ../../../../home-manager ];
+
+      # Use the system-level nixpkgs instead of Home Manager's
+      useGlobalPkgs = lib.mkDefault true;
+
+      # Install packages to /etc/profiles instead of ~/.nix-profile, useful when
+      # using multiple profiles for one user
+      useUserPackages = lib.mkDefault true;
+
+    };
+
  };
 }
--- a/platforms/nixos/modules/nmasur/profiles/on-premises.nix
+++ b/platforms/nixos/modules/nmasur/profiles/on-premises.nix
@ -15,24 +15,27 @@ in

  config = lib.mkIf cfg.enable {

+    # Configure physical power buttons
+    nmasur.presets.services.logind.enable = lib.mkDefault true;
+
    # Enable automatic timezone updates based on location
-    services.tzupdate.enable = true;
+    services.tzupdate.enable = lib.mkDefault true;

    # Allow reading from Windows drives
    boot.supportedFilesystems = [ "ntfs" ];

    # Enable fstrim, which tracks free space on SSDs for garbage collection
    # More info: https://www.reddit.com/r/NixOS/comments/rbzhb1/if_you_have_a_ssd_dont_forget_to_enable_fstrim/
-    services.fstrim.enable = true;
+    services.fstrim.enable = lib.mkDefault true;

-    networking.useDHCP = !config.networking.networkmanager.enable;
+    networking.useDHCP = lib.mkDefault (!config.networking.networkmanager.enable);

    networking.wireless = {
      # Enables wireless support via wpa_supplicant.
-      enable = !config.networking.networkmanager.enable;
+      enable = lib.mkDefault (!config.networking.networkmanager.enable);

      # Allows the user to control the WiFi settings.
-      userControlled.enable = true;
+      userControlled.enable = lib.mkDefault true;
    };

    # Wake up tempest with a command
@ -40,5 +43,25 @@ in
      (pkgs.writeShellScriptBin "wake-tempest" "${pkgs.wakeonlan}/bin/wakeonlan --ip=192.168.1.255 74:56:3C:40:37:5D")
    ];

+    # Prevent wake from keyboard
+    powerManagement.powerDownCommands = lib.mkDefault ''
+      set +e
+
+      # Fix for Gigabyte motherboard
+      # /r/archlinux/comments/y7b97e/my_computer_wakes_up_immediately_after_i_suspend/isu99sr/
+      # Disable if enabled
+      if (grep "GPP0.*enabled" /proc/acpi/wakeup >/dev/null); then
+          echo GPP0 | ${pkgs.doas}/bin/doas tee /proc/acpi/wakeup
+      fi
+
+      sleep 2
+
+      set -e
+    '';
+    services.udev.extraRules = lib.mkDefault ''
+      ACTION=="add", SUBSYSTEM=="usb", DRIVER=="usb", ATTR{power/wakeup}="disabled"
+      ACTION=="add", SUBSYSTEM=="i2c", ATTR{power/wakeup}="disabled"
+    '';
+
  };
 }
--- a/platforms/nixos/modules/nmasur/profiles/server.nix
+++ b/platforms/nixos/modules/nmasur/profiles/server.nix
@ -1,6 +1,5 @@
 {
  config,
-  pkgs,
  lib,
  ...
 }:
@ -15,38 +14,13 @@ in

  config = lib.mkIf cfg.enable {

-    networking.firewall.allowPing = true;
+    networking.firewall.allowPing = lib.mkDefault true;

    # Implement a simple fail2ban service for sshd
-    services.sshguard.enable = true;
+    services.sshguard.enable = lib.mkDefault true;

    # Servers need a bootloader or they won't start
-    boot.loader.systemd-boot.enable = true;
-    boot.loader.efi.canTouchEfiVariables = true;
-
-    # Use power button to sleep instead of poweroff
-    services.logind.powerKey = "suspend";
-    services.logind.powerKeyLongPress = "poweroff";
-
-    # Prevent wake from keyboard
-    powerManagement.powerDownCommands = ''
-      set +e
-
-      # Fix for Gigabyte motherboard
-      # /r/archlinux/comments/y7b97e/my_computer_wakes_up_immediately_after_i_suspend/isu99sr/
-      # Disable if enabled
-      if (grep "GPP0.*enabled" /proc/acpi/wakeup >/dev/null); then
-          echo GPP0 | ${pkgs.doas}/bin/doas tee /proc/acpi/wakeup
-      fi
-
-      sleep 2
-
-      set -e
-    '';
-    services.udev.extraRules = ''
-      ACTION=="add", SUBSYSTEM=="usb", DRIVER=="usb", ATTR{power/wakeup}="disabled"
-      ACTION=="add", SUBSYSTEM=="i2c", ATTR{power/wakeup}="disabled"
-    '';
-
+    boot.loader.systemd-boot.enable = lib.mkDefault true;
+    boot.loader.efi.canTouchEfiVariables = lib.mkDefault true;
  };
 }
--- a/platforms/nixos/modules/nmasur/profiles/shared-media.nix
+++ b/platforms/nixos/modules/nmasur/profiles/shared-media.nix
@ -1,6 +1,5 @@
 {
  config,
-  pkgs,
  lib,
  ...
 }:
--- a/platforms/nixos/modules/nmasur/profiles/wsl.nix
+++ b/platforms/nixos/modules/nmasur/profiles/wsl.nix
@ -9,12 +9,12 @@ in

  config = lib.mkIf cfg.enable {

-    # Replace config directory with our repo, since it sources from config on
-    # every launch
-    system.activationScripts.configDir.text = ''
-      rm -rf /etc/nixos
-      ln --symbolic --no-dereference --force ${config.dotfilesPath} /etc/nixos
-    '';
+    # # Replace config directory with our repo, since it sources from config on
+    # # every launch
+    # system.activationScripts.configDir.text = ''
+    #   rm -rf /etc/nixos
+    #   ln --symbolic --no-dereference --force ${config.dotfilesPath} /etc/nixos
+    # '';

  };