reorganize files

2025-07-05 15:00:14 +00:00 · 2022-07-25 23:15:26 -04:00
parent 2a4a8efa48
commit 6353ac188e
35 changed files with 61 additions and 68 deletions
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -0,0 +1,9 @@
+{ config, ... }: {
+
+  imports = [ ./user.nix ./timezone.nix ./doas.nix ];
+
+  # Pin a state version to prevent warnings
+  system.stateVersion =
+    config.home-manager.users.${config.user}.home.stateVersion;
+
+}
--- a/modules/nixos/doas.nix
+++ b/modules/nixos/doas.nix
@ -0,0 +1,30 @@
+# Replace sudo with doas
+
+{ config, ... }: {
+
+  security = {
+
+    # Remove sudo
+    sudo.enable = false;
+
+    # Add doas
+    doas = {
+      enable = true;
+
+      # No password required
+      wheelNeedsPassword = false;
+
+      # Pass environment variables from user to root
+      # Also requires removing password here
+      extraRules = [{
+        groups = [ "wheel" ];
+        noPass = true;
+        keepEnv = true;
+      }];
+    };
+  };
+
+  home-manager.users.${config.user}.programs.fish.shellAliases = {
+    sudo = "doas";
+  };
+}
--- a/modules/nixos/timezone.nix
+++ b/modules/nixos/timezone.nix
@ -0,0 +1,15 @@
+{ ... }: {
+
+  # Service to determine location for time zone
+  services.geoclue2.enable = true;
+  services.geoclue2.enableWifi = false; # Breaks when it can't connect
+  location = { provider = "geoclue2"; };
+
+  # Enable local time based on time zone
+  services.localtimed.enable = true;
+
+  # Required to get localtimed to talk to geoclue2
+  services.geoclue2.appConfig.localtimed.isSystem = true;
+  services.geoclue2.appConfig.localtimed.isAllowed = true;
+
+}
--- a/modules/nixos/user.nix
+++ b/modules/nixos/user.nix
@ -0,0 +1,50 @@
+{ config, lib, ... }: {
+
+  options = {
+
+    passwordHash = lib.mkOption {
+      type = lib.types.str;
+      description = "Password created with mkpasswd -m sha-512";
+    };
+
+  };
+
+  config = {
+
+    # Allows us to declaritively set password
+    users.mutableUsers = false;
+
+    # Define a user account. Don't forget to set a password with ‘passwd’.
+    users.users.${config.user} = {
+
+      # Create a home directory for human user
+      isNormalUser = true;
+
+      # Automatically create a password to start
+      hashedPassword = config.passwordHash;
+
+      extraGroups = [
+        "wheel" # Sudo privileges
+      ];
+
+    };
+
+    home-manager.users.${config.user}.xdg = {
+      userDirs = {
+        enable = true;
+        createDirectories = true;
+        documents = "$HOME/documents";
+        download = config.userDirs.download;
+        music = "$HOME/media/music";
+        pictures = "$HOME/media/images";
+        videos = "$HOME/media/videos";
+        desktop = "$HOME/other/desktop";
+        publicShare = "$HOME/other/public";
+        templates = "$HOME/other/templates";
+        extraConfig = { XDG_DEV_DIR = "$HOME/dev"; };
+      };
+    };
+
+  };
+
+}