diff --git a/apps/default.nix b/apps/default.nix
index 6c977d0..aa13880 100644
--- a/apps/default.nix
+++ b/apps/default.nix
@@ -59,9 +59,8 @@
program = "${
(import ../modules/neovim/package {
inherit pkgs;
- colors = import ../modules/colorscheme/gruvbox/neovim-gruvbox.nix {
- inherit pkgs;
- };
+ colors =
+ import ../colorscheme/gruvbox/neovim-gruvbox.nix { inherit pkgs; };
})
}/bin/nvim";
};
diff --git a/modules/colorscheme/everforest/default.nix b/colorscheme/everforest/default.nix
similarity index 100%
rename from modules/colorscheme/everforest/default.nix
rename to colorscheme/everforest/default.nix
diff --git a/modules/colorscheme/gruvbox/default.nix b/colorscheme/gruvbox/default.nix
similarity index 100%
rename from modules/colorscheme/gruvbox/default.nix
rename to colorscheme/gruvbox/default.nix
diff --git a/modules/colorscheme/gruvbox/neovim-gruvbox.nix b/colorscheme/gruvbox/neovim-gruvbox.nix
similarity index 100%
rename from modules/colorscheme/gruvbox/neovim-gruvbox.nix
rename to colorscheme/gruvbox/neovim-gruvbox.nix
diff --git a/modules/colorscheme/nord/default.nix b/colorscheme/nord/default.nix
similarity index 100%
rename from modules/colorscheme/nord/default.nix
rename to colorscheme/nord/default.nix
diff --git a/modules/colorscheme/nord/neovim.lua b/colorscheme/nord/neovim.lua
similarity index 100%
rename from modules/colorscheme/nord/neovim.lua
rename to colorscheme/nord/neovim.lua
diff --git a/flake.nix b/flake.nix
index ef16b31..8eff23d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -104,7 +104,7 @@
fullName = "Noah Masur";
gitName = fullName;
gitEmail = "7386960+nmasur@users.noreply.github.com";
- mailServer = "noahmasur.com";
+ mail.server = "noahmasur.com";
dotfilesRepo = "git@github.com:nmasur/dotfiles";
};
@@ -154,9 +154,8 @@
neovim = let pkgs = import nixpkgs { inherit system overlays; };
in import ./modules/neovim/package {
inherit pkgs;
- colors = import ./modules/colorscheme/gruvbox/neovim-gruvbox.nix {
- inherit pkgs;
- };
+ colors =
+ import ./colorscheme/gruvbox/neovim-gruvbox.nix { inherit pkgs; };
};
});
diff --git a/hosts/desktop/default.nix b/hosts/desktop/default.nix
index 89d134c..c2ece6d 100644
--- a/hosts/desktop/default.nix
+++ b/hosts/desktop/default.nix
@@ -10,6 +10,7 @@ nixpkgs.lib.nixosSystem {
globals
home-manager.nixosModules.home-manager
{
+ physical = true;
networking.hostName = "desktop";
nixpkgs.overlays = [ nur.overlay ];
# Set registry to flake packages, used for nix X commands
@@ -17,32 +18,32 @@ nixpkgs.lib.nixosSystem {
identityFile = "/home/${globals.user}/.ssh/id_ed25519";
gui.enable = true;
theme = {
- colors = (import ../../modules/colorscheme/gruvbox).dark;
+ colors = (import ../../colorscheme/gruvbox).dark;
dark = true;
};
wallpaper = "${wallpapers}/gruvbox/road.jpg";
gtk.theme.name = nixpkgs.lib.mkDefault "Adwaita-dark";
passwordHash = nixpkgs.lib.fileContents ../../private/password.sha512;
+
+ media.enable = true;
+ firefox.enable = true;
+ kitty.enable = true;
+ "1password".enable = true;
+ discord.enable = true;
+ nautilus.enable = true;
+ obsidian.enable = true;
+ mail.aerc.enable = true;
+ mail.himalaya.enable = true;
+ gaming.enable = true;
+ gaming.steam.enable = true;
+ gaming.legendary.enable = true;
+ keybase.enable = true;
+ mullvad.enable = true;
+ nixlang.enable = true;
+ dotfiles.enable = true;
}
./hardware-configuration.nix
- ../common.nix
- ../../modules/hardware
- ../../modules/nixos
- ../../modules/graphical
- ../../modules/applications/media.nix
- ../../modules/applications/firefox.nix
- ../../modules/applications/kitty.nix
- ../../modules/applications/1password.nix
- ../../modules/applications/discord.nix
- ../../modules/applications/nautilus.nix
- ../../modules/applications/obsidian.nix
- ../../modules/mail
- ../../modules/gaming/steam.nix
- ../../modules/gaming/legendary.nix
- ../../modules/repositories/notes.nix
- ../../modules/services/keybase.nix
- ../../modules/services/mullvad.nix
- ../../modules/programming/nix.nix
+ ../../modules
];
}
diff --git a/hosts/macbook/default.nix b/hosts/macbook/default.nix
index d350cc6..cd5d2da 100644
--- a/hosts/macbook/default.nix
+++ b/hosts/macbook/default.nix
@@ -7,6 +7,7 @@ darwin.lib.darwinSystem {
system = "x86_64-darwin";
specialArgs = { };
modules = [
+ ../../modules
(globals // {
user = "Noah.Masur";
gitName = "Noah-Masur_1701";
@@ -14,30 +15,30 @@ darwin.lib.darwinSystem {
})
home-manager.darwinModules.home-manager
{
+ networking.hostName = "noah-masur-mac";
identityFile = "/Users/Noah.Masur/.ssh/id_ed25519";
gui.enable = true;
theme = {
- colors = (import ../../modules/colorscheme/gruvbox).dark;
+ colors = (import ../../colorscheme/gruvbox).dark;
dark = true;
};
- mailUser = globals.user;
- networking.hostName = "noah-masur-mac";
+ mail.user = globals.user;
nixpkgs.overlays = [ firefox-darwin.overlay ] ++ overlays;
# Set registry to flake packages, used for nix X commands
nix.registry.nixpkgs.flake = nixpkgs;
+
+ mail.aerc.enable = true;
+ mail.himalaya.enable = true;
+ kitty.enable = true;
+ discord.enable = true;
+ firefox.enable = true;
+ dotfiles.enable = true;
+ nixlang.enable = true;
+ terraform.enable = true;
+ python.enable = true;
+ lua.enable = true;
+ kubernetes.enable = true;
+ "1password".enable = true;
}
- ../common.nix
- ../../modules/darwin
- ../../modules/mail
- ../../modules/applications/alacritty.nix
- ../../modules/applications/kitty.nix
- ../../modules/applications/discord.nix
- ../../modules/applications/firefox.nix
- ../../modules/repositories/notes.nix
- ../../modules/programming/nix.nix
- ../../modules/programming/terraform.nix
- ../../modules/programming/python.nix
- ../../modules/programming/lua.nix
- ../../modules/programming/kubernetes.nix
];
}
diff --git a/hosts/oracle/default.nix b/hosts/oracle/default.nix
index 8bdbd64..265b03e 100644
--- a/hosts/oracle/default.nix
+++ b/hosts/oracle/default.nix
@@ -11,11 +11,14 @@ nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
specialArgs = { };
modules = [
- (removeAttrs globals [ "mailServer" ])
+ ./hardware-configuration.nix
+ ../../modules
+ (removeAttrs globals [ "mail.server" ])
home-manager.nixosModules.home-manager
{
+ server = true;
gui.enable = false;
- theme = { colors = (import ../../modules/colorscheme/gruvbox).dark; };
+ theme = { colors = (import ../../colorscheme/gruvbox).dark; };
nixpkgs.overlays = overlays;
# FQDNs for various services
@@ -33,7 +36,7 @@ nixpkgs.lib.nixosSystem {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
# Nextcloud backup config
- backupS3 = {
+ backup.s3 = {
endpoint = "s3.us-west-002.backblazeb2.com";
bucket = "noahmasur-backup";
accessKeyId = "0026b0e73b2e2c80000000005";
@@ -72,20 +75,16 @@ nixpkgs.lib.nixosSystem {
# Grant access to Transmission directories from Jellyfin
users.users.jellyfin.extraGroups = [ "transmission" ];
+
+ # Proxy traffic with Cloudflare
+ cloudflare.enable = true;
+
+ # Setup Minecraft server
+ gaming.minecraft-server.enable = true;
+
+ # Clone dotfiles
+ dotfiles.enable = true;
+
}
- ./hardware-configuration.nix
- ../common.nix
- ../../modules/nixos
- ../../modules/hardware/server.nix
- ../../modules/services/sshd.nix
- ../../modules/services/calibre.nix
- ../../modules/services/jellyfin.nix
- ../../modules/services/nextcloud.nix
- ../../modules/services/cloudflare.nix
- ../../modules/services/transmission.nix
- ../../modules/services/prometheus.nix
- ../../modules/services/vaultwarden.nix
- ../../modules/services/gitea.nix
- ../../modules/gaming/minecraft-server.nix
];
}
diff --git a/hosts/wsl/default.nix b/hosts/wsl/default.nix
index 3c428c4..b9b8250 100644
--- a/hosts/wsl/default.nix
+++ b/hosts/wsl/default.nix
@@ -10,6 +10,7 @@ nixpkgs.lib.nixosSystem {
globals
wsl.nixosModules.wsl
home-manager.nixosModules.home-manager
+ ../../modules
{
networking.hostName = "wsl";
# Set registry to flake packages, used for nix X commands
@@ -17,7 +18,7 @@ nixpkgs.lib.nixosSystem {
identityFile = "/home/${globals.user}/.ssh/id_ed25519";
gui.enable = false;
theme = {
- colors = (import ../../modules/colorscheme/gruvbox).dark;
+ colors = (import ../../colorscheme/gruvbox).dark;
dark = true;
};
passwordHash = nixpkgs.lib.fileContents ../../private/password.sha512;
@@ -30,13 +31,12 @@ nixpkgs.lib.nixosSystem {
interop.includePath =
false; # Including Windows PATH will slow down Neovim command mode
};
+
+ mail.aerc.enable = true;
+ mail.himalaya.enable = true;
+ dotfiles.enable = true;
+ nixlang.enable = true;
+ lua.enable = true;
}
- ../common.nix
- ../../modules/wsl
- ../../modules/nixos
- ../../modules/mail
- ../../modules/repositories/notes.nix
- ../../modules/programming/nix.nix
- ../../modules/programming/lua.nix
];
}
diff --git a/modules/applications/1password.nix b/modules/applications/1password.nix
index e57f90b..9a31c03 100644
--- a/modules/applications/1password.nix
+++ b/modules/applications/1password.nix
@@ -1,10 +1,20 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.gui.enable {
- unfreePackages = [ "1password" "_1password-gui" ];
- home-manager.users.${config.user} = {
- home.packages = with pkgs; [ _1password-gui ];
+ options = {
+ "1password" = {
+ enable = lib.mkEnableOption {
+ description = "Enable 1Password.";
+ default = false;
+ };
};
};
+ config = lib.mkIf
+ (config.gui.enable && config."1password".enable && pkgs.stdenv.isLinux) {
+ unfreePackages = [ "1password" "_1password-gui" ];
+ home-manager.users.${config.user} = {
+ home.packages = with pkgs; [ _1password-gui ];
+ };
+ };
+
}
diff --git a/modules/applications/alacritty.nix b/modules/applications/alacritty.nix
index ab6302e..e5e5310 100644
--- a/modules/applications/alacritty.nix
+++ b/modules/applications/alacritty.nix
@@ -1,6 +1,15 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.gui.enable {
+ options = {
+ alacritty = {
+ enable = lib.mkEnableOption {
+ description = "Enable Alacritty.";
+ default = false;
+ };
+ };
+ };
+
+ config = lib.mkIf (config.gui.enable && config.alacritty.enable) {
home-manager.users.${config.user} = {
xsession.windowManager.i3.config.terminal = "alacritty";
programs.rofi.terminal = "${pkgs.alacritty}/bin/alacritty";
diff --git a/modules/applications/calibre.nix b/modules/applications/calibre.nix
index 09e643a..1a65f0f 100644
--- a/modules/applications/calibre.nix
+++ b/modules/applications/calibre.nix
@@ -1,6 +1,15 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.gui.enable {
+ options = {
+ calibre = {
+ enable = lib.mkEnableOption {
+ description = "Enable Calibre.";
+ default = false;
+ };
+ };
+ };
+
+ config = lib.mkIf (config.gui.enable && config.calibre.enable) {
home-manager.users.${config.user} = {
home.packages = with pkgs; [ calibre ];
# home.sessionVariables = { CALIBRE_USE_DARK_PALETTE = 1; };
diff --git a/modules/applications/discord.nix b/modules/applications/discord.nix
index 91d7783..444967c 100644
--- a/modules/applications/discord.nix
+++ b/modules/applications/discord.nix
@@ -1,6 +1,15 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.gui.enable {
+ options = {
+ discord = {
+ enable = lib.mkEnableOption {
+ description = "Enable Discord.";
+ default = false;
+ };
+ };
+ };
+
+ config = lib.mkIf (config.gui.enable && config.discord.enable) {
unfreePackages = [ "discord" ];
home-manager.users.${config.user} = {
home.packages = with pkgs; [ discord ];
diff --git a/modules/applications/firefox.nix b/modules/applications/firefox.nix
index 9d8d569..537181d 100644
--- a/modules/applications/firefox.nix
+++ b/modules/applications/firefox.nix
@@ -1,13 +1,26 @@
{ config, pkgs, lib, ... }:
{
- config = lib.mkIf config.gui.enable {
- unfreePackages = [ "onepassword-password-manager" "okta-browser-plugin" ];
+ options = {
+ firefox = {
+ enable = lib.mkEnableOption {
+ description = "Enable Firefox.";
+ default = false;
+ };
+ };
+ };
+
+ config = lib.mkIf (config.gui.enable && config.firefox.enable) {
+
+ unfreePackages = [
+ (lib.mkIf config."1password".enable "onepassword-password-manager")
+ "okta-browser-plugin"
+ ];
home-manager.users.${config.user} = {
- programs.firefox = rec {
+ programs.firefox = {
enable = true;
package =
if pkgs.stdenv.isDarwin then pkgs.firefox-bin else pkgs.firefox;
@@ -17,7 +30,7 @@
multi-account-containers
facebook-container
temporary-containers
- onepassword-password-manager
+ (lib.mkIf config."1password".enable onepassword-password-manager)
okta-browser-plugin
sponsorblock
reddit-enhancement-suite
diff --git a/modules/applications/kitty.nix b/modules/applications/kitty.nix
index dd4d727..8de7236 100644
--- a/modules/applications/kitty.nix
+++ b/modules/applications/kitty.nix
@@ -1,6 +1,15 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.gui.enable {
+ options = {
+ kitty = {
+ enable = lib.mkEnableOption {
+ description = "Enable Kitty.";
+ default = false;
+ };
+ };
+ };
+
+ config = lib.mkIf (config.gui.enable && config.kitty.enable) {
home-manager.users.${config.user} = {
# xsession.windowManager.i3.config.terminal = "kitty";
# programs.rofi.terminal = "${pkgs.kitty}/bin/kitty";
diff --git a/modules/applications/media.nix b/modules/applications/media.nix
index c7e69a4..c2a1620 100644
--- a/modules/applications/media.nix
+++ b/modules/applications/media.nix
@@ -1,6 +1,15 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.gui.enable {
+ options = {
+ media = {
+ enable = lib.mkEnableOption {
+ description = "Enable media programs.";
+ default = false;
+ };
+ };
+ };
+
+ config = lib.mkIf (config.gui.enable && config.media.enable) {
home-manager.users.${config.user}.home.packages = with pkgs; [
mpv # Video viewer
sxiv # Image viewer
diff --git a/modules/applications/nautilus.nix b/modules/applications/nautilus.nix
index 7406a4c..3c81b0b 100644
--- a/modules/applications/nautilus.nix
+++ b/modules/applications/nautilus.nix
@@ -1,7 +1,16 @@
{ config, pkgs, lib, ... }: {
+ options = {
+ nautilus = {
+ enable = lib.mkEnableOption {
+ description = "Enable Nautilus file manager.";
+ default = false;
+ };
+ };
+ };
+
# Install Nautilus file manager
- config = lib.mkIf config.gui.enable {
+ config = lib.mkIf (config.gui.enable && config.nautilus.enable) {
home-manager.users.${config.user} = {
home.packages = with pkgs; [
gnome.nautilus
diff --git a/modules/applications/obsidian.nix b/modules/applications/obsidian.nix
index 7f18e12..6a35f6b 100644
--- a/modules/applications/obsidian.nix
+++ b/modules/applications/obsidian.nix
@@ -1,6 +1,15 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.gui.enable {
+ options = {
+ obsidian = {
+ enable = lib.mkEnableOption {
+ description = "Enable Obsidian.";
+ default = false;
+ };
+ };
+ };
+
+ config = lib.mkIf (config.gui.enable && config.obsidian.enable) {
unfreePackages = [ "obsidian" ];
home-manager.users.${config.user} = {
home.packages = with pkgs; [ obsidian ];
diff --git a/modules/applications/qbittorrent.nix b/modules/applications/qbittorrent.nix
index 4447bb8..9750648 100644
--- a/modules/applications/qbittorrent.nix
+++ b/modules/applications/qbittorrent.nix
@@ -1,6 +1,15 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.gui.enable {
+ options = {
+ qbittorrent = {
+ enable = lib.mkEnableOption {
+ description = "Enable qBittorrent.";
+ default = false;
+ };
+ };
+ };
+
+ config = lib.mkIf (config.gui.enable && config.qbittorrent.enable) {
home-manager.users.${config.user} = {
diff --git a/modules/colorscheme/gruvbox/neovim.lua b/modules/colorscheme/gruvbox/neovim.lua
deleted file mode 100644
index 086b0cb..0000000
--- a/modules/colorscheme/gruvbox/neovim.lua
+++ /dev/null
@@ -1,13 +0,0 @@
-local M = {}
-
-M.packer = function(use)
- use({
- "lifepillar/vim-gruvbox8",
- config = function()
- vim.g.gruvbox_italicize_strings = 0
- vim.cmd("colorscheme gruvbox8")
- end,
- })
-end
-
-return M
diff --git a/modules/darwin/alacritty.nix b/modules/darwin/alacritty.nix
index 2100727..0dcab47 100644
--- a/modules/darwin/alacritty.nix
+++ b/modules/darwin/alacritty.nix
@@ -1,7 +1,7 @@
{ config, pkgs, lib, ... }: {
# MacOS-specific settings for Alacritty
- home-manager.users.${config.user} = {
+ home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
programs.alacritty.settings = {
font.size = lib.mkForce 20.0;
shell.program = "${pkgs.fish}/bin/fish";
diff --git a/modules/darwin/fonts.nix b/modules/darwin/fonts.nix
index 09892c1..1edf526 100644
--- a/modules/darwin/fonts.nix
+++ b/modules/darwin/fonts.nix
@@ -1,6 +1,6 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user} = {
+ home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
home.packages = with pkgs;
[ (nerdfonts.override { fonts = [ "VictorMono" ]; }) ];
diff --git a/modules/darwin/hammerspoon.nix b/modules/darwin/hammerspoon.nix
index caf56b4..ebfc5e6 100644
--- a/modules/darwin/hammerspoon.nix
+++ b/modules/darwin/hammerspoon.nix
@@ -1,28 +1,32 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
# Hammerspoon - MacOS custom automation scripting
- home-manager.users.${config.user} = {
- xdg.configFile."hammerspoon/init.lua".source = ./hammerspoon/init.lua;
- xdg.configFile."hammerspoon/Spoons/ControlEscape.spoon".source =
- ./hammerspoon/Spoons/ControlEscape.spoon;
- xdg.configFile."hammerspoon/Spoons/DismissAlerts.spoon".source =
- ./hammerspoon/Spoons/DismissAlerts.spoon;
- xdg.configFile."hammerspoon/Spoons/Launcher.spoon/init.lua".source =
- pkgs.substituteAll {
- src = ./hammerspoon/Spoons/Launcher.spoon/init.lua;
- firefox = "${pkgs.firefox-bin}/Applications/Firefox.app";
- discord = "${pkgs.discord}/Applications/Discord.app";
- kitty = "${pkgs.kitty}/Applications/kitty.app";
- };
- xdg.configFile."hammerspoon/Spoons/MoveWindow.spoon".source =
- ./hammerspoon/Spoons/MoveWindow.spoon;
+ config = lib.mkIf pkgs.stdenv.isDarwin {
+
+ home-manager.users.${config.user} = {
+ xdg.configFile."hammerspoon/init.lua".source = ./hammerspoon/init.lua;
+ xdg.configFile."hammerspoon/Spoons/ControlEscape.spoon".source =
+ ./hammerspoon/Spoons/ControlEscape.spoon;
+ xdg.configFile."hammerspoon/Spoons/DismissAlerts.spoon".source =
+ ./hammerspoon/Spoons/DismissAlerts.spoon;
+ xdg.configFile."hammerspoon/Spoons/Launcher.spoon/init.lua".source =
+ pkgs.substituteAll {
+ src = ./hammerspoon/Spoons/Launcher.spoon/init.lua;
+ firefox = "${pkgs.firefox-bin}/Applications/Firefox.app";
+ discord = "${pkgs.discord}/Applications/Discord.app";
+ kitty = "${pkgs.kitty}/Applications/kitty.app";
+ };
+ xdg.configFile."hammerspoon/Spoons/MoveWindow.spoon".source =
+ ./hammerspoon/Spoons/MoveWindow.spoon;
+ };
+
+ homebrew.casks = [ "hammerspoon" ];
+
+ system.activationScripts.postUserActivation.text = ''
+ defaults write org.hammerspoon.Hammerspoon MJConfigFile "~/.config/hammerspoon/init.lua"
+ '';
+
};
- homebrew.casks = [ "hammerspoon" ];
-
- system.activationScripts.postUserActivation.text = ''
- defaults write org.hammerspoon.Hammerspoon MJConfigFile "~/.config/hammerspoon/init.lua"
- '';
-
}
diff --git a/modules/darwin/homebrew.nix b/modules/darwin/homebrew.nix
index 317cd27..40731ab 100644
--- a/modules/darwin/homebrew.nix
+++ b/modules/darwin/homebrew.nix
@@ -1,52 +1,55 @@
-{ config, ... }: {
+{ config, pkgs, lib, ... }: {
# Homebrew - Mac-specific packages that aren't in Nix
+ config = lib.mkIf pkgs.stdenv.isDarwin {
- # Requires Homebrew to be installed
- system.activationScripts.preUserActivation.text = ''
- if ! xcode-select --version 2>/dev/null; then
- $DRY_RUN_CMD xcode-select --install
- fi
- if ! /usr/local/bin/brew --version 2>/dev/null; then
- $DRY_RUN_CMD /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
- fi
- '';
+ # Requires Homebrew to be installed
+ system.activationScripts.preUserActivation.text = ''
+ if ! xcode-select --version 2>/dev/null; then
+ $DRY_RUN_CMD xcode-select --install
+ fi
+ if ! /usr/local/bin/brew --version 2>/dev/null; then
+ $DRY_RUN_CMD /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+ fi
+ '';
- homebrew = {
- enable = true;
- onActivation = {
- autoUpdate = false; # Don't update during rebuild
- cleanup = "zap"; # Uninstall all programs not declared
- upgrade = true;
+ homebrew = {
+ enable = true;
+ onActivation = {
+ autoUpdate = false; # Don't update during rebuild
+ cleanup = "zap"; # Uninstall all programs not declared
+ upgrade = true;
+ };
+ global = {
+ brewfile = true; # Run brew bundle from anywhere
+ lockfiles = false; # Don't save lockfile (since running from anywhere)
+ };
+ taps = [
+ "homebrew/cask" # Required for casks
+ "homebrew/cask-drivers" # Used for Logitech G-Hub
+ ];
+ brews = [
+ "trash" # Delete files and folders to trash instead of rm
+ "openjdk" # Required by Apache Directory Studio
+ ];
+ casks = [
+ "1password" # 1Password packaging on Nix is broken for macOS
+ "scroll-reverser" # Different scroll style for mouse vs. trackpad
+ "meetingbar" # Show meetings in menu bar
+ "gitify" # Git notifications in menu bar
+ "logitech-g-hub" # Mouse and keyboard management
+ "mimestream" # Gmail client
+ "obsidian" # Obsidian packaging on Nix is not available for macOS
+ "steam" # Not packaged for Nix
+ "apache-directory-studio" # Packaging on Nix is not available for macOS
+ ];
};
- global = {
- brewfile = true; # Run brew bundle from anywhere
- lockfiles = false; # Don't save lockfile (since running from anywhere)
+
+ home-manager.users.${config.user} = {
+
+ programs.fish.shellAbbrs.t = "trash";
+
};
- taps = [
- "homebrew/cask" # Required for casks
- "homebrew/cask-drivers" # Used for Logitech G-Hub
- ];
- brews = [
- "trash" # Delete files and folders to trash instead of rm
- "openjdk" # Required by Apache Directory Studio
- ];
- casks = [
- "1password" # 1Password packaging on Nix is broken for macOS
- "scroll-reverser" # Different scroll style for mouse vs. trackpad
- "meetingbar" # Show meetings in menu bar
- "gitify" # Git notifications in menu bar
- "logitech-g-hub" # Mouse and keyboard management
- "mimestream" # Gmail client
- "obsidian" # Obsidian packaging on Nix is not available for macOS
- "steam" # Not packaged for Nix
- "apache-directory-studio" # Packaging on Nix is not available for macOS
- ];
- };
-
- home-manager.users.${config.user} = {
-
- programs.fish.shellAbbrs.t = "trash";
};
diff --git a/modules/darwin/kitty.nix b/modules/darwin/kitty.nix
index 7fb840a..7cd61e2 100644
--- a/modules/darwin/kitty.nix
+++ b/modules/darwin/kitty.nix
@@ -1,7 +1,7 @@
{ config, pkgs, lib, ... }: {
# MacOS-specific settings for Kitty
- home-manager.users.${config.user} = {
+ home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
programs.kitty = {
darwinLaunchOptions = [ "--start-as=fullscreen" ];
font.size = lib.mkForce 20;
diff --git a/modules/darwin/networking.nix b/modules/darwin/networking.nix
index 9d72aff..9d191e1 100644
--- a/modules/darwin/networking.nix
+++ b/modules/darwin/networking.nix
@@ -1,9 +1,11 @@
-{ config, ... }: {
+{ config, pkgs, lib, ... }: {
- networking = {
- computerName = "${config.fullName}'\\''s Mac";
- # Adjust if necessary
- # hostName = "";
+ config = lib.mkIf pkgs.stdenv.isDarwin {
+ networking = {
+ computerName = "${config.fullName}'\\''s Mac";
+ # Adjust if necessary
+ # hostName = "";
+ };
};
}
diff --git a/modules/darwin/nixpkgs.nix b/modules/darwin/nixpkgs.nix
index 7330c27..d1b4778 100644
--- a/modules/darwin/nixpkgs.nix
+++ b/modules/darwin/nixpkgs.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user} = {
+ home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
programs.fish = {
shellAbbrs = {
diff --git a/modules/darwin/system.nix b/modules/darwin/system.nix
index a9083c6..2212c04 100644
--- a/modules/darwin/system.nix
+++ b/modules/darwin/system.nix
@@ -1,182 +1,186 @@
-{ pkgs, ... }: {
+{ pkgs, lib, ... }: {
- services.nix-daemon.enable = true;
+ config = lib.mkIf pkgs.stdenv.isDarwin {
- environment.shells = [ pkgs.fish ];
+ services.nix-daemon.enable = true;
- security.pam.enableSudoTouchIdAuth = true;
+ environment.shells = [ pkgs.fish ];
- system = {
+ security.pam.enableSudoTouchIdAuth = true;
- keyboard = {
- remapCapsLockToControl = true;
- enableKeyMapping = true; # Allows for skhd
- };
+ system = {
- defaults = {
- NSGlobalDomain = {
-
- # Set to dark mode
- AppleInterfaceStyle = "Dark";
-
- # Don't change from dark to light automatically
- # AppleInterfaceSwitchesAutomatically = false;
-
- # Enable full keyboard access for all controls (e.g. enable Tab in modal dialogs)
- AppleKeyboardUIMode = 3;
-
- # Automatically show and hide the menu bar
- _HIHideMenuBar = true;
-
- # Expand save panel by default
- NSNavPanelExpandedStateForSaveMode = true;
-
- # Expand print panel by default
- PMPrintingExpandedStateForPrint = true;
-
- # Replace press-and-hold with key repeat
- ApplePressAndHoldEnabled = false;
-
- # Set a fast key repeat rate
- KeyRepeat = 2;
-
- # Shorten delay before key repeat begins
- InitialKeyRepeat = 12;
-
- # Save to local disk by default, not iCloud
- NSDocumentSaveNewDocumentsToCloud = false;
-
- # Disable autocorrect capitalization
- NSAutomaticCapitalizationEnabled = false;
-
- # Disable autocorrect smart dashes
- NSAutomaticDashSubstitutionEnabled = false;
-
- # Disable autocorrect adding periods
- NSAutomaticPeriodSubstitutionEnabled = false;
-
- # Disable autocorrect smart quotation marks
- NSAutomaticQuoteSubstitutionEnabled = false;
-
- # Disable autocorrect spellcheck
- NSAutomaticSpellingCorrectionEnabled = false;
+ keyboard = {
+ remapCapsLockToControl = true;
+ enableKeyMapping = true; # Allows for skhd
};
- dock = {
- # Automatically show and hide the dock
- autohide = true;
+ defaults = {
+ NSGlobalDomain = {
- # Add translucency in dock for hidden applications
- showhidden = true;
+ # Set to dark mode
+ AppleInterfaceStyle = "Dark";
- # Enable spring loading on all dock items
- enable-spring-load-actions-on-all-items = true;
+ # Don't change from dark to light automatically
+ # AppleInterfaceSwitchesAutomatically = false;
- # Highlight hover effect in dock stack grid view
- mouse-over-hilite-stack = true;
+ # Enable full keyboard access for all controls (e.g. enable Tab in modal dialogs)
+ AppleKeyboardUIMode = 3;
- mineffect = "genie";
- orientation = "bottom";
- show-recents = false;
- tilesize = 44;
- };
+ # Automatically show and hide the menu bar
+ _HIHideMenuBar = true;
- finder = {
+ # Expand save panel by default
+ NSNavPanelExpandedStateForSaveMode = true;
- # Default Finder window set to column view
- FXPreferredViewStyle = "clmv";
+ # Expand print panel by default
+ PMPrintingExpandedStateForPrint = true;
- # Finder search in current folder by default
- FXDefaultSearchScope = "SCcf";
+ # Replace press-and-hold with key repeat
+ ApplePressAndHoldEnabled = false;
- # Disable warning when changing file extension
- FXEnableExtensionChangeWarning = false;
+ # Set a fast key repeat rate
+ KeyRepeat = 2;
- # Allow quitting of Finder application
- QuitMenuItem = true;
+ # Shorten delay before key repeat begins
+ InitialKeyRepeat = 12;
+
+ # Save to local disk by default, not iCloud
+ NSDocumentSaveNewDocumentsToCloud = false;
+
+ # Disable autocorrect capitalization
+ NSAutomaticCapitalizationEnabled = false;
+
+ # Disable autocorrect smart dashes
+ NSAutomaticDashSubstitutionEnabled = false;
+
+ # Disable autocorrect adding periods
+ NSAutomaticPeriodSubstitutionEnabled = false;
+
+ # Disable autocorrect smart quotation marks
+ NSAutomaticQuoteSubstitutionEnabled = false;
+
+ # Disable autocorrect spellcheck
+ NSAutomaticSpellingCorrectionEnabled = false;
+ };
+
+ dock = {
+ # Automatically show and hide the dock
+ autohide = true;
+
+ # Add translucency in dock for hidden applications
+ showhidden = true;
+
+ # Enable spring loading on all dock items
+ enable-spring-load-actions-on-all-items = true;
+
+ # Highlight hover effect in dock stack grid view
+ mouse-over-hilite-stack = true;
+
+ mineffect = "genie";
+ orientation = "bottom";
+ show-recents = false;
+ tilesize = 44;
+ };
+
+ finder = {
+
+ # Default Finder window set to column view
+ FXPreferredViewStyle = "clmv";
+
+ # Finder search in current folder by default
+ FXDefaultSearchScope = "SCcf";
+
+ # Disable warning when changing file extension
+ FXEnableExtensionChangeWarning = false;
+
+ # Allow quitting of Finder application
+ QuitMenuItem = true;
+
+ };
+
+ # Disable "Are you sure you want to open" dialog
+ LaunchServices.LSQuarantine = false;
+
+ # Disable trackpad tap to click
+ trackpad.Clicking = false;
+
+ # universalaccess = {
+
+ # # Zoom in with Control + Scroll Wheel
+ # closeViewScrollWheelToggle = true;
+ # closeViewZoomFollowsFocus = true;
+ # };
+
+ # Where to save screenshots
+ screencapture.location = "~/Downloads";
};
- # Disable "Are you sure you want to open" dialog
- LaunchServices.LSQuarantine = false;
+ # Settings that don't have an option in nix-darwin
+ activationScripts.postActivation.text = ''
+ echo "Disable disk image verification"
+ defaults write com.apple.frameworks.diskimages skip-verify -bool true
+ defaults write com.apple.frameworks.diskimages skip-verify-locked -bool true
+ defaults write com.apple.frameworks.diskimages skip-verify-remote -bool true
- # Disable trackpad tap to click
- trackpad.Clicking = false;
+ echo "Avoid creating .DS_Store files on network volumes"
+ defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool true
- # universalaccess = {
+ echo "Disable the warning before emptying the Trash"
+ defaults write com.apple.finder WarnOnEmptyTrash -bool false
- # # Zoom in with Control + Scroll Wheel
- # closeViewScrollWheelToggle = true;
- # closeViewZoomFollowsFocus = true;
- # };
+ echo "Require password immediately after sleep or screen saver begins"
+ defaults write com.apple.screensaver askForPassword -int 1
+ defaults write com.apple.screensaver askForPasswordDelay -int 0
- # Where to save screenshots
- screencapture.location = "~/Downloads";
+ echo "Allow apps from anywhere"
+ SPCTL=$(spctl --status)
+ if ! [ "$SPCTL" = "assessments disabled" ]; then
+ sudo spctl --master-disable
+ fi
+
+ '';
+
+ # User-level settings
+ activationScripts.postUserActivation.text = ''
+ echo "Show the ~/Library folder"
+ chflags nohidden ~/Library
+
+ echo "Enable dock magnification"
+ defaults write com.apple.dock magnification -bool true
+
+ echo "Set dock magnification size"
+ defaults write com.apple.dock largesize -int 48
+
+ echo "Define dock icon function"
+ __dock_item() {
+ printf "%s%s%s%s%s" \
+ "tile-datafile-data" \
+ "_CFURLString" \
+ "$1" \
+ "_CFURLStringType0" \
+ ""
+ }
+
+ echo "Choose and order dock icons"
+ defaults write com.apple.dock persistent-apps -array \
+ "$(__dock_item /Applications/1Password.app)" \
+ "$(__dock_item /Applications/Slack.app)" \
+ "$(__dock_item /System/Applications/Calendar.app)" \
+ "$(__dock_item ${pkgs.firefox-bin}/Applications/Firefox.app)" \
+ "$(__dock_item /System/Applications/Messages.app)" \
+ "$(__dock_item /System/Applications/Mail.app)" \
+ "$(__dock_item /Applications/Mimestream.app)" \
+ "$(__dock_item /Applications/zoom.us.app)" \
+ "$(__dock_item ${pkgs.discord}/Applications/Discord.app)" \
+ "$(__dock_item /Applications/Obsidian.app)" \
+ "$(__dock_item ${pkgs.kitty}/Applications/kitty.app)" \
+ "$(__dock_item /System/Applications/System\ Settings.app)"
+ '';
};
- # Settings that don't have an option in nix-darwin
- activationScripts.postActivation.text = ''
- echo "Disable disk image verification"
- defaults write com.apple.frameworks.diskimages skip-verify -bool true
- defaults write com.apple.frameworks.diskimages skip-verify-locked -bool true
- defaults write com.apple.frameworks.diskimages skip-verify-remote -bool true
-
- echo "Avoid creating .DS_Store files on network volumes"
- defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool true
-
- echo "Disable the warning before emptying the Trash"
- defaults write com.apple.finder WarnOnEmptyTrash -bool false
-
- echo "Require password immediately after sleep or screen saver begins"
- defaults write com.apple.screensaver askForPassword -int 1
- defaults write com.apple.screensaver askForPasswordDelay -int 0
-
- echo "Allow apps from anywhere"
- SPCTL=$(spctl --status)
- if ! [ "$SPCTL" = "assessments disabled" ]; then
- sudo spctl --master-disable
- fi
-
- '';
-
- # User-level settings
- activationScripts.postUserActivation.text = ''
- echo "Show the ~/Library folder"
- chflags nohidden ~/Library
-
- echo "Enable dock magnification"
- defaults write com.apple.dock magnification -bool true
-
- echo "Set dock magnification size"
- defaults write com.apple.dock largesize -int 48
-
- echo "Define dock icon function"
- __dock_item() {
- printf "%s%s%s%s%s" \
- "tile-datafile-data" \
- "_CFURLString" \
- "$1" \
- "_CFURLStringType0" \
- ""
- }
-
- echo "Choose and order dock icons"
- defaults write com.apple.dock persistent-apps -array \
- "$(__dock_item /Applications/1Password.app)" \
- "$(__dock_item /Applications/Slack.app)" \
- "$(__dock_item /System/Applications/Calendar.app)" \
- "$(__dock_item ${pkgs.firefox-bin}/Applications/Firefox.app)" \
- "$(__dock_item /System/Applications/Messages.app)" \
- "$(__dock_item /System/Applications/Mail.app)" \
- "$(__dock_item /Applications/Mimestream.app)" \
- "$(__dock_item /Applications/zoom.us.app)" \
- "$(__dock_item ${pkgs.discord}/Applications/Discord.app)" \
- "$(__dock_item /Applications/Obsidian.app)" \
- "$(__dock_item ${pkgs.kitty}/Applications/kitty.app)" \
- "$(__dock_item /System/Applications/System\ Settings.app)"
- '';
-
};
}
diff --git a/modules/darwin/tmux.nix b/modules/darwin/tmux.nix
index 16372e2..95b585a 100644
--- a/modules/darwin/tmux.nix
+++ b/modules/darwin/tmux.nix
@@ -1,6 +1,8 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user} = {
+ options.tmux.enable = lib.mkEnableOption "Tmux terminal multiplexer";
+
+ home-manager.users.${config.user} = lib.mkIf config.tmux.enable {
programs.tmux = {
enable = true;
diff --git a/modules/darwin/user.nix b/modules/darwin/user.nix
index a5dc1cb..4ffb691 100644
--- a/modules/darwin/user.nix
+++ b/modules/darwin/user.nix
@@ -1,15 +1,21 @@
{ config, pkgs, lib, ... }: {
- users.users."${config.user}" = {
- # macOS user
- home = config.homePath;
- shell = pkgs.fish; # Default shell
+ config = lib.mkIf pkgs.stdenv.isDarwin {
- };
+ users.users."${config.user}" = {
+ # macOS user
+ home = config.homePath;
+ shell = pkgs.fish; # Default shell
+
+ };
+
+ # Used for aerc
+ home-manager.users.${config.user} = {
+ home.sessionVariables = {
+ XDG_CONFIG_HOME = "${config.homePath}/.config";
+ };
+ };
- # Used for aerc
- home-manager.users.${config.user} = {
- home.sessionVariables = { XDG_CONFIG_HOME = "${config.homePath}/.config"; };
};
}
diff --git a/modules/darwin/utilities.nix b/modules/darwin/utilities.nix
index 07d0a80..90dd067 100644
--- a/modules/darwin/utilities.nix
+++ b/modules/darwin/utilities.nix
@@ -15,7 +15,7 @@ let
in {
- home-manager.users.${config.user} = {
+ home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
home.packages = with pkgs; [
# visidata # CSV inspector
diff --git a/hosts/common.nix b/modules/default.nix
similarity index 92%
rename from hosts/common.nix
rename to modules/default.nix
index 16eb8e2..e5526b7 100644
--- a/hosts/common.nix
+++ b/modules/default.nix
@@ -1,7 +1,20 @@
{ config, lib, pkgs, ... }: {
- imports =
- [ ../modules/shell ../modules/neovim ../modules/repositories/dotfiles.nix ];
+ imports = [
+ ./applications
+ ./darwin
+ ./gaming
+ ./graphical
+ ./hardware
+ ./mail
+ ./neovim
+ ./nixos
+ ./programming
+ ./repositories
+ ./services
+ ./shell
+ ./wsl
+ ];
options = {
user = lib.mkOption {
@@ -36,7 +49,7 @@
colors = lib.mkOption {
type = lib.types.attrs;
description = "Base16 color scheme.";
- default = (import ../modules/colorscheme/gruvbox).dark;
+ default = (import ../colorscheme/gruvbox).dark;
};
dark = lib.mkOption {
type = lib.types.bool;
diff --git a/modules/gaming/default.nix b/modules/gaming/default.nix
index e074730..1b459de 100644
--- a/modules/gaming/default.nix
+++ b/modules/gaming/default.nix
@@ -1,6 +1,16 @@
-{ config, ... }: {
+{ config, pkgs, lib, ... }: {
- config = {
+ imports = [
+ ./leagueoflegends.nix
+ ./legendary.nix
+ ./lutris.nix
+ ./minecraft-server.nix
+ ./steam.nix
+ ];
+
+ options.gaming.enable = lib.mkEnableOption "Enable gaming features.";
+
+ config = lib.mkIf (config.gaming.enable && pkgs.stdenv.isLinux) {
hardware.opengl = {
enable = true;
driSupport32Bit = true;
diff --git a/modules/gaming/leagueoflegends.nix b/modules/gaming/leagueoflegends.nix
index 3121923..2950d47 100644
--- a/modules/gaming/leagueoflegends.nix
+++ b/modules/gaming/leagueoflegends.nix
@@ -1,30 +1,32 @@
{ config, pkgs, lib, ... }: {
- options.gaming.leagueoflegends = lib.mkEnableOption "League of Legends";
+ options.gaming.leagueoflegends.enable =
+ lib.mkEnableOption "League of Legends";
- config = lib.mkIf config.gaming.leagueoflegends {
+ config =
+ lib.mkIf (config.gaming.leagueoflegends.enable && pkgs.stdenv.isLinux) {
- # League of Legends anti-cheat requirement
- boot.kernel.sysctl = { "abi.vsyscall32" = 0; };
+ # League of Legends anti-cheat requirement
+ boot.kernel.sysctl = { "abi.vsyscall32" = 0; };
- environment.systemPackages = with pkgs; [
+ environment.systemPackages = with pkgs; [
- # Lutris requirement to install the game
- lutris
- amdvlk
- wineWowPackages.stable
- # vulkan-tools
+ # Lutris requirement to install the game
+ lutris
+ amdvlk
+ wineWowPackages.stable
+ # vulkan-tools
- # Required according to https://lutris.net/games/league-of-legends/
- openssl
- gnome.zenity
+ # Required according to https://lutris.net/games/league-of-legends/
+ openssl
+ gnome.zenity
- # Don't remember if this is required
- dconf
+ # Don't remember if this is required
+ dconf
- ];
+ ];
- environment.sessionVariables = { QT_X11_NO_MITSHM = "1"; };
+ environment.sessionVariables = { QT_X11_NO_MITSHM = "1"; };
- };
+ };
}
diff --git a/modules/gaming/legendary.nix b/modules/gaming/legendary.nix
index f8ce849..018635e 100644
--- a/modules/gaming/legendary.nix
+++ b/modules/gaming/legendary.nix
@@ -4,9 +4,10 @@ let home-packages = config.home-manager.users.${config.user}.home.packages;
in {
- imports = [ ./. ];
+ options.gaming.legendary.enable =
+ lib.mkEnableOption "Legendary Epic Games launcher.";
- config = {
+ config = lib.mkIf config.gaming.legendary.enable {
environment.systemPackages = with pkgs; [
legendary-gl
rare # GUI for Legendary (not working)
diff --git a/modules/gaming/lutris.nix b/modules/gaming/lutris.nix
index a8cac00..d2783e3 100644
--- a/modules/gaming/lutris.nix
+++ b/modules/gaming/lutris.nix
@@ -1,8 +1,8 @@
{ config, pkgs, lib, ... }: {
- options.gaming.lutris = lib.mkEnableOption "Lutris";
+ options.gaming.lutris.enable = lib.mkEnableOption "Lutris game installer.";
- config = lib.mkIf config.gaming.lutris {
+ config = lib.mkIf config.gaming.lutris.enable {
environment.systemPackages = with pkgs; [
lutris
amdvlk # Vulkan drivers (probably already installed)
diff --git a/modules/gaming/minecraft-server.nix b/modules/gaming/minecraft-server.nix
index 822cdab..34c6562 100644
--- a/modules/gaming/minecraft-server.nix
+++ b/modules/gaming/minecraft-server.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ config, pkgs, lib, ... }:
let
@@ -9,137 +9,144 @@ let
in {
- unfreePackages = [ "minecraft-server" ];
+ options.gaming.minecraft-server.enable =
+ lib.mkEnableOption "Minecraft Server.";
- services.minecraft-server = {
- enable = true;
- eula = true;
- declarative = true;
- whitelist = { };
- openFirewall = false;
- serverProperties = {
- server-port = localPort;
- difficulty = "normal";
- gamemode = "survival";
- white-list = false;
- enforce-whitelist = false;
- level-name = "world";
- motd = "Welcome!";
- pvp = true;
- player-idle-timeout = 30;
- generate-structures = true;
- max-players = 20;
- snooper-enabled = false;
- spawn-npcs = true;
- spawn-animals = true;
- spawn-monsters = true;
- allow-nether = true;
- allow-flight = false;
- enable-rcon = true;
- "rcon.port" = rconPort;
- "rcon.password" = rconPassword;
+ config = lib.mkIf config.gaming.minecraft-server.enable {
+
+ unfreePackages = [ "minecraft-server" ];
+
+ services.minecraft-server = {
+ enable = true;
+ eula = true;
+ declarative = true;
+ whitelist = { };
+ openFirewall = false;
+ serverProperties = {
+ server-port = localPort;
+ difficulty = "normal";
+ gamemode = "survival";
+ white-list = false;
+ enforce-whitelist = false;
+ level-name = "world";
+ motd = "Welcome!";
+ pvp = true;
+ player-idle-timeout = 30;
+ generate-structures = true;
+ max-players = 20;
+ snooper-enabled = false;
+ spawn-npcs = true;
+ spawn-animals = true;
+ spawn-monsters = true;
+ allow-nether = true;
+ allow-flight = false;
+ enable-rcon = true;
+ "rcon.port" = rconPort;
+ "rcon.password" = rconPassword;
+ };
};
- };
- networking.firewall.allowedTCPPorts = [ publicPort ];
+ networking.firewall.allowedTCPPorts = [ publicPort ];
- ## Automatically start and stop Minecraft server based on player connections
+ ## Automatically start and stop Minecraft server based on player connections
- # Adapted shamelessly from:
- # https://dataswamp.org/~solene/2022-08-20-on-demand-minecraft-with-systemd.html
+ # Adapted shamelessly from:
+ # https://dataswamp.org/~solene/2022-08-20-on-demand-minecraft-with-systemd.html
- # Prevent Minecraft from starting by default
- systemd.services.minecraft-server = { wantedBy = pkgs.lib.mkForce [ ]; };
+ # Prevent Minecraft from starting by default
+ systemd.services.minecraft-server = { wantedBy = pkgs.lib.mkForce [ ]; };
- # Listen for connections on the public port, to trigger the actual
- # listen-minecraft service.
- systemd.sockets.listen-minecraft = {
- wantedBy = [ "sockets.target" ];
- requires = [ "network.target" ];
- listenStreams = [ "${toString publicPort}" ];
- };
+ # Listen for connections on the public port, to trigger the actual
+ # listen-minecraft service.
+ systemd.sockets.listen-minecraft = {
+ wantedBy = [ "sockets.target" ];
+ requires = [ "network.target" ];
+ listenStreams = [ "${toString publicPort}" ];
+ };
- # Proxy traffic to local port, and trigger hook-minecraft
- systemd.services.listen-minecraft = {
- path = [ pkgs.systemd ];
- requires = [ "hook-minecraft.service" "listen-minecraft.socket" ];
- after = [ "hook-minecraft.service" "listen-minecraft.socket" ];
- serviceConfig.ExecStart =
- "${pkgs.systemd.out}/lib/systemd/systemd-socket-proxyd 127.0.0.1:${
- toString localPort
- }";
- };
-
- # Start Minecraft if required and wait for it to be available
- # Then unlock the listen-minecraft.service
- systemd.services.hook-minecraft = {
- path = with pkgs; [ systemd libressl busybox ];
-
- # Start Minecraft and the auto-shutdown timer
- script = ''
- systemctl start minecraft-server.service
- systemctl start stop-minecraft.timer
- '';
-
- # Keep checking until the service is available
- postStart = ''
- for i in $(seq 60); do
- if ${pkgs.libressl.nc}/bin/nc -z 127.0.0.1 ${
+ # Proxy traffic to local port, and trigger hook-minecraft
+ systemd.services.listen-minecraft = {
+ path = [ pkgs.systemd ];
+ requires = [ "hook-minecraft.service" "listen-minecraft.socket" ];
+ after = [ "hook-minecraft.service" "listen-minecraft.socket" ];
+ serviceConfig.ExecStart =
+ "${pkgs.systemd.out}/lib/systemd/systemd-socket-proxyd 127.0.0.1:${
toString localPort
- } > /dev/null ; then
+ }";
+ };
+
+ # Start Minecraft if required and wait for it to be available
+ # Then unlock the listen-minecraft.service
+ systemd.services.hook-minecraft = {
+ path = with pkgs; [ systemd libressl busybox ];
+
+ # Start Minecraft and the auto-shutdown timer
+ script = ''
+ systemctl start minecraft-server.service
+ systemctl start stop-minecraft.timer
+ '';
+
+ # Keep checking until the service is available
+ postStart = ''
+ for i in $(seq 60); do
+ if ${pkgs.libressl.nc}/bin/nc -z 127.0.0.1 ${
+ toString localPort
+ } > /dev/null ; then
+ exit 0
+ fi
+ ${pkgs.busybox.out}/bin/sleep 1
+ done
+ exit 1
+ '';
+ };
+
+ # Run a player check on a schedule for auto-shutdown
+ systemd.timers.stop-minecraft = {
+ timerConfig = {
+ OnCalendar = "*-*-* *:*:0/20"; # Every 20 seconds
+ Unit = "stop-minecraft.service";
+ };
+ };
+
+ # If no players are connected, then stop services and prepare to resume again
+ systemd.services.stop-minecraft = {
+ serviceConfig.Type = "oneshot";
+ script = ''
+ # Check when service was launched
+ servicestartsec=$(
+ date -d \
+ "$(systemctl show \
+ --property=ActiveEnterTimestamp \
+ minecraft-server.service \
+ | cut -d= -f2)" \
+ +%s)
+
+ # Calculate elapsed time
+ serviceelapsedsec=$(( $(date +%s) - servicestartsec))
+
+ # Ignore if service just started
+ if [ $serviceelapsedsec -lt 180 ]
+ then
+ echo "Server was just started"
exit 0
fi
- ${pkgs.busybox.out}/bin/sleep 1
- done
- exit 1
- '';
- };
- # Run a player check on a schedule for auto-shutdown
- systemd.timers.stop-minecraft = {
- timerConfig = {
- OnCalendar = "*-*-* *:*:0/20"; # Every 20 seconds
- Unit = "stop-minecraft.service";
+ PLAYERS=$(
+ printf "list\n" \
+ | ${pkgs.rcon.out}/bin/rcon -m \
+ -H 127.0.0.1 -p ${builtins.toString rconPort} -P ${rconPassword} \
+ )
+
+ if echo "$PLAYERS" | grep "are 0 of a"
+ then
+ echo "Stopping server"
+ systemctl stop minecraft-server.service
+ systemctl stop hook-minecraft.service
+ systemctl stop stop-minecraft.timer
+ fi
+ '';
};
- };
- # If no players are connected, then stop services and prepare to resume again
- systemd.services.stop-minecraft = {
- serviceConfig.Type = "oneshot";
- script = ''
- # Check when service was launched
- servicestartsec=$(
- date -d \
- "$(systemctl show \
- --property=ActiveEnterTimestamp \
- minecraft-server.service \
- | cut -d= -f2)" \
- +%s)
-
- # Calculate elapsed time
- serviceelapsedsec=$(( $(date +%s) - servicestartsec))
-
- # Ignore if service just started
- if [ $serviceelapsedsec -lt 180 ]
- then
- echo "Server was just started"
- exit 0
- fi
-
- PLAYERS=$(
- printf "list\n" \
- | ${pkgs.rcon.out}/bin/rcon -m \
- -H 127.0.0.1 -p ${builtins.toString rconPort} -P ${rconPassword} \
- )
-
- if echo "$PLAYERS" | grep "are 0 of a"
- then
- echo "Stopping server"
- systemctl stop minecraft-server.service
- systemctl stop hook-minecraft.service
- systemctl stop stop-minecraft.timer
- fi
- '';
};
}
diff --git a/modules/gaming/steam.nix b/modules/gaming/steam.nix
index 61cf5c5..896c27e 100644
--- a/modules/gaming/steam.nix
+++ b/modules/gaming/steam.nix
@@ -1,8 +1,8 @@
{ config, pkgs, lib, ... }: {
- imports = [ ./. ];
+ options.gaming.steam.enable = lib.mkEnableOption "Steam game launcher.";
- config = {
+ config = lib.mkIf (config.gaming.steam.enable && pkgs.stdenv.isLinux) {
hardware.steam-hardware.enable = true;
unfreePackages = [ "steam" "steam-original" "steamcmd" "steam-run" ];
environment.systemPackages = with pkgs; [
diff --git a/modules/graphical/dmenu.nix b/modules/graphical/dmenu.nix
index 9ada181..962f8ae 100644
--- a/modules/graphical/dmenu.nix
+++ b/modules/graphical/dmenu.nix
@@ -2,7 +2,9 @@
{
- config = lib.mkIf config.services.xserver.enable {
+ options.gui.dmenu.enable = lib.mkEnableOption "dmenu launcher.";
+
+ config = lib.mkIf (config.services.xserver.enable && config.dmenu.enable) {
home-manager.users.${config.user}.home.packages = [ pkgs.dmenu ];
gui.launcherCommand = "${pkgs.dmenu}/bin/dmenu_run";
diff --git a/modules/graphical/fonts.nix b/modules/graphical/fonts.nix
index 55d6245..9fb8191 100644
--- a/modules/graphical/fonts.nix
+++ b/modules/graphical/fonts.nix
@@ -4,7 +4,7 @@ let fontName = "Victor Mono";
in {
- config = lib.mkIf config.gui.enable {
+ config = lib.mkIf (config.gui.enable && pkgs.stdenv.isLinux) {
fonts.fonts = with pkgs; [
victor-mono # Used for Vim and Terminal
diff --git a/modules/graphical/i3.nix b/modules/graphical/i3.nix
index a7d368b..dfaaed4 100644
--- a/modules/graphical/i3.nix
+++ b/modules/graphical/i3.nix
@@ -9,7 +9,7 @@ let
in {
- config = {
+ config = lib.mkIf pkgs.stdenv.isLinux {
services.xserver.windowManager = {
i3 = {
diff --git a/modules/graphical/picom.nix b/modules/graphical/picom.nix
index 47db1fa..819c8f3 100644
--- a/modules/graphical/picom.nix
+++ b/modules/graphical/picom.nix
@@ -1,6 +1,6 @@
-{ config, lib, ... }: {
+{ config, pkgs, lib, ... }: {
- config = lib.mkIf (config.services.xserver.enable) {
+ config = lib.mkIf (pkgs.stdenv.isLinux && config.services.xserver.enable) {
home-manager.users.${config.user} = {
services.picom = {
diff --git a/modules/graphical/polybar.nix b/modules/graphical/polybar.nix
index 9098326..d8457a9 100644
--- a/modules/graphical/polybar.nix
+++ b/modules/graphical/polybar.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.services.xserver.enable {
+ config = lib.mkIf (pkgs.stdenv.isLinux && config.services.xserver.enable) {
toggleBarCommand = "polybar-msg cmd toggle";
diff --git a/modules/graphical/rofi.nix b/modules/graphical/rofi.nix
index 5a8674a..7a580c6 100644
--- a/modules/graphical/rofi.nix
+++ b/modules/graphical/rofi.nix
@@ -2,7 +2,7 @@
{
- config = lib.mkIf config.services.xserver.enable {
+ config = lib.mkIf (pkgs.stdenv.isLinux && config.services.xserver.enable) {
home-manager.users.${config.user} = {
diff --git a/modules/graphical/xorg.nix b/modules/graphical/xorg.nix
index 868a299..fab1510 100644
--- a/modules/graphical/xorg.nix
+++ b/modules/graphical/xorg.nix
@@ -15,11 +15,13 @@
};
config = let
+
gtkTheme = {
name = config.gtk.theme.name;
package = pkgs."${config.gtk.theme.package}";
};
- in lib.mkIf config.gui.enable {
+
+ in lib.mkIf (pkgs.stdenv.isLinux && config.gui.enable) {
# Enable the X11 windowing system.
services.xserver = {
diff --git a/modules/hardware/audio.nix b/modules/hardware/audio.nix
index 6d0f234..72e32cd 100644
--- a/modules/hardware/audio.nix
+++ b/modules/hardware/audio.nix
@@ -30,7 +30,7 @@ let
in {
- config = lib.mkIf config.gui.enable {
+ config = lib.mkIf (pkgs.stdenv.isLinux && config.gui.enable) {
sound.enable = true;
# Enable PipeWire
diff --git a/modules/hardware/boot.nix b/modules/hardware/boot.nix
index d92941f..3d30be8 100644
--- a/modules/hardware/boot.nix
+++ b/modules/hardware/boot.nix
@@ -1,6 +1,6 @@
-{ config, ... }: {
+{ config, pkgs, lib, ... }: {
- boot.loader = {
+ boot.loader = lib.mkIf (config.physical && pkgs.stdenv.isLinux) {
grub = {
enable = true;
diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix
index fd15c7e..781e7f7 100644
--- a/modules/hardware/default.nix
+++ b/modules/hardware/default.nix
@@ -1,4 +1,4 @@
-{ ... }: {
+{ lib, ... }: {
imports = [
./audio.nix
@@ -11,4 +11,9 @@
./wifi.nix
];
+ options = {
+ physical = lib.mkEnableOption "Whether this machine is a physical device.";
+ server = lib.mkEnableOption "Whether this machine is a server.";
+ };
+
}
diff --git a/modules/hardware/monitors.nix b/modules/hardware/monitors.nix
index 3ae0e6c..297c475 100644
--- a/modules/hardware/monitors.nix
+++ b/modules/hardware/monitors.nix
@@ -3,51 +3,52 @@
# Timezone required for Redshift schedule
imports = [ ../nixos/timezone.nix ];
- config = lib.mkIf config.gui.enable {
+ config =
+ lib.mkIf (config.gui.enable && config.physical && pkgs.stdenv.isLinux) {
- environment.systemPackages = with pkgs;
- [
- ddcutil # Monitor brightness control
- ];
+ environment.systemPackages = with pkgs;
+ [
+ ddcutil # Monitor brightness control
+ ];
- # Reduce blue light at night
- services.redshift = {
- enable = true;
- brightness = {
- day = "1.0";
- night = "1.0";
+ # Reduce blue light at night
+ services.redshift = {
+ enable = true;
+ brightness = {
+ day = "1.0";
+ night = "1.0";
+ };
};
+
+ # Detect monitors (brightness) for ddcutil
+ hardware.i2c.enable = true;
+
+ # Grant main user access to external monitors
+ users.users.${config.user}.extraGroups = [ "i2c" ];
+
+ services.xserver.displayManager = {
+
+ # Put the login screen on the left monitor
+ lightdm.greeters.gtk.extraConfig = ''
+ active-monitor=0
+ '';
+
+ # Set up screen position and rotation
+ setupCommands = ''
+ ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-0 \
+ --mode 1920x1200 \
+ --pos 1920x0 \
+ --rotate left \
+ --output HDMI-0 \
+ --primary \
+ --mode 1920x1080 \
+ --pos 0x560 \
+ --rotate normal \
+ --output DVI-0 --off \
+ --output DVI-1 --off \
+ '';
+ };
+
};
- # Detect monitors (brightness) for ddcutil
- hardware.i2c.enable = true;
-
- # Grant main user access to external monitors
- users.users.${config.user}.extraGroups = [ "i2c" ];
-
- services.xserver.displayManager = {
-
- # Put the login screen on the left monitor
- lightdm.greeters.gtk.extraConfig = ''
- active-monitor=0
- '';
-
- # Set up screen position and rotation
- setupCommands = ''
- ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-0 \
- --mode 1920x1200 \
- --pos 1920x0 \
- --rotate left \
- --output HDMI-0 \
- --primary \
- --mode 1920x1080 \
- --pos 0x560 \
- --rotate normal \
- --output DVI-0 --off \
- --output DVI-1 --off \
- '';
- };
-
- };
-
}
diff --git a/modules/hardware/mouse.nix b/modules/hardware/mouse.nix
index cb3d7f5..cf75074 100644
--- a/modules/hardware/mouse.nix
+++ b/modules/hardware/mouse.nix
@@ -1,21 +1,22 @@
{ config, pkgs, lib, ... }: {
- config = lib.mkIf config.gui.enable {
+ config =
+ lib.mkIf (config.gui.enable && config.physical && pkgs.stdenv.isLinux) {
- # Mouse customization
- services.ratbagd.enable = true;
+ # Mouse customization
+ services.ratbagd.enable = true;
- environment.systemPackages = with pkgs; [
- libratbag # Mouse adjustments
- piper # Mouse adjustments GUI
- ];
+ environment.systemPackages = with pkgs; [
+ libratbag # Mouse adjustments
+ piper # Mouse adjustments GUI
+ ];
+
+ services.xserver.libinput.mouse = {
+ # Disable mouse acceleration
+ accelProfile = "flat";
+ accelSpeed = "1.15";
+ };
- services.xserver.libinput.mouse = {
- # Disable mouse acceleration
- accelProfile = "flat";
- accelSpeed = "1.15";
};
- };
-
}
diff --git a/modules/hardware/networking.nix b/modules/hardware/networking.nix
index 4fb79a6..a9017bd 100644
--- a/modules/hardware/networking.nix
+++ b/modules/hardware/networking.nix
@@ -1,10 +1,14 @@
-{ ... }: {
+{ config, pkgs, lib, ... }: {
- # The global useDHCP flag is deprecated, therefore explicitly set to false here.
- # Per-interface useDHCP will be mandatory in the future, so this generated config
- # replicates the default behaviour.
- networking.useDHCP = false;
- networking.interfaces.enp0s31f6.useDHCP = true;
- networking.interfaces.wlp3s0.useDHCP = true;
+ config = lib.mkIf (config.physical && pkgs.stdenv.isLinux) {
+
+ # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+ # Per-interface useDHCP will be mandatory in the future, so this generated config
+ # replicates the default behaviour.
+ networking.useDHCP = false;
+ networking.interfaces.enp0s31f6.useDHCP = true;
+ networking.interfaces.wlp3s0.useDHCP = true;
+
+ };
}
diff --git a/modules/hardware/server.nix b/modules/hardware/server.nix
index 7647b8e..67ea035 100644
--- a/modules/hardware/server.nix
+++ b/modules/hardware/server.nix
@@ -1,7 +1,11 @@
-{ config, ... }: {
+{ config, pkgs, lib, ... }: {
- # Servers need a bootloader or they won't start
- boot.loader.systemd-boot.enable = true;
- boot.loader.efi.canTouchEfiVariables = true;
+ config = lib.mkIf (pkgs.stdenv.isLinux && config.server) {
+
+ # Servers need a bootloader or they won't start
+ boot.loader.systemd-boot.enable = true;
+ boot.loader.efi.canTouchEfiVariables = true;
+
+ };
}
diff --git a/modules/hardware/sleep.nix b/modules/hardware/sleep.nix
index 3b7d4bb..1a1aa5f 100644
--- a/modules/hardware/sleep.nix
+++ b/modules/hardware/sleep.nix
@@ -1,8 +1,12 @@
-{ ... }: {
+{ config, pkgs, lib, ... }: {
- # Prevent wake from keyboard
- powerManagement.powerDownCommands = ''
- for wakeup in /sys/bus/usb/devices/1-*/power/wakeup; do echo disabled > $wakeup; done
- '';
+ config = lib.mkIf (config.physical && pkgs.stdenv.isLinux) {
+
+ # Prevent wake from keyboard
+ powerManagement.powerDownCommands = ''
+ for wakeup in /sys/bus/usb/devices/1-*/power/wakeup; do echo disabled > $wakeup; done
+ '';
+
+ };
}
diff --git a/modules/hardware/wifi.nix b/modules/hardware/wifi.nix
index 290044e..10fd4f9 100644
--- a/modules/hardware/wifi.nix
+++ b/modules/hardware/wifi.nix
@@ -1,9 +1,13 @@
-{ ... }: {
+{ config, pkgs, lib, ... }: {
- # Enables wireless support via wpa_supplicant.
- networking.wireless.enable = true;
+ config = lib.mkIf (config.physical && config.isLinux) {
- # Allows the user to control the WiFi settings.
- networking.wireless.userControlled.enable = true;
+ # Enables wireless support via wpa_supplicant.
+ networking.wireless.enable = true;
+
+ # Allows the user to control the WiFi settings.
+ networking.wireless.userControlled.enable = true;
+
+ };
}
diff --git a/modules/mail/aerc.nix b/modules/mail/aerc.nix
index 39ca79a..c85d62b 100644
--- a/modules/mail/aerc.nix
+++ b/modules/mail/aerc.nix
@@ -1,6 +1,8 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
- config = {
+ options.mail.aerc.enable = lib.mkEnableOption "Aerc email.";
+
+ config = lib.mkIf config.mail.aerc.enable {
home-manager.users.${config.user} = {
diff --git a/modules/mail/default.nix b/modules/mail/default.nix
index 61a7117..24ac7e1 100644
--- a/modules/mail/default.nix
+++ b/modules/mail/default.nix
@@ -3,18 +3,18 @@
imports = [ ./himalaya.nix ./aerc.nix ];
options = {
- mailUser = lib.mkOption {
+ mail.user = lib.mkOption {
type = lib.types.str;
description = "User name for the email address.";
default = config.user;
};
- mailServer = lib.mkOption {
+ mail.server = lib.mkOption {
type = lib.types.str;
description = "Server name for the email address.";
};
};
- config = {
+ config = lib.mkIf (config.mail.user != null && config.mail.server != null) {
home-manager.users.${config.user} = {
programs.mbsync = { enable = true; };
@@ -25,13 +25,13 @@
accounts.email = {
maildirBasePath = "${config.homePath}/mail";
accounts = {
- home = let address = "${config.mailUser}@${config.mailServer}";
+ home = let address = "${config.mail.user}@${config.mail.server}";
in {
userName = address;
realName = config.fullName;
primary = true;
inherit address;
- aliases = map (mailUser: "${mailUser}@${config.mailServer}") [
+ aliases = map (user: "${user}@${config.mail.server}") [
"me"
"hey"
"admin"
diff --git a/modules/mail/himalaya.nix b/modules/mail/himalaya.nix
index 4363dd5..bf627b1 100644
--- a/modules/mail/himalaya.nix
+++ b/modules/mail/himalaya.nix
@@ -1,6 +1,8 @@
-{ config, ... }: {
+{ config, lib, ... }: {
- config = {
+ options.mail.himalaya.enable = lib.mkEnableOption "Himalaya email.";
+
+ config = lib.mkIf config.mail.himalaya.enable {
home-manager.users.${config.user} = {
diff --git a/modules/neovim/default.nix b/modules/neovim/default.nix
index c435342..cf23eb3 100644
--- a/modules/neovim/default.nix
+++ b/modules/neovim/default.nix
@@ -9,31 +9,36 @@ let
in {
- home-manager.users.${config.user} =
+ options.neovim.enable = lib.mkEnableOption "Neovim.";
- {
+ config = lib.mkIf config.neovim.enable {
+ home-manager.users.${config.user} =
- home.packages = [ neovim ];
+ {
- programs.git.extraConfig.core.editor = "nvim";
- home.sessionVariables = {
- EDITOR = "nvim";
- MANPAGER = "nvim +Man!";
- };
- programs.fish = {
- shellAliases = { vim = "nvim"; };
- shellAbbrs = {
- v = lib.mkForce "nvim";
- vl = lib.mkForce "nvim -c 'normal! `0' -c 'bdelete 1'";
- vll = "nvim -c 'Telescope oldfiles'";
+ home.packages = [ neovim ];
+
+ programs.git.extraConfig.core.editor = "nvim";
+ home.sessionVariables = {
+ EDITOR = "nvim";
+ MANPAGER = "nvim +Man!";
};
+ programs.fish = {
+ shellAliases = { vim = "nvim"; };
+ shellAbbrs = {
+ v = lib.mkForce "nvim";
+ vl = lib.mkForce "nvim -c 'normal! `0' -c 'bdelete 1'";
+ vll = "nvim -c 'Telescope oldfiles'";
+ };
+ };
+ programs.kitty.settings.scrollback_pager = lib.mkForce ''
+ ${neovim}/bin/nvim -c 'setlocal nonumber nolist showtabline=0 foldcolumn=0|Man!' -c "autocmd VimEnter * normal G" -'';
+
};
- programs.kitty.settings.scrollback_pager = lib.mkForce ''
- ${neovim}/bin/nvim -c 'setlocal nonumber nolist showtabline=0 foldcolumn=0|Man!' -c "autocmd VimEnter * normal G" -'';
- };
+ # # Used for icons in Vim
+ # fonts.fonts = with pkgs; [ nerdfonts ];
- # # Used for icons in Vim
- # fonts.fonts = with pkgs; [ nerdfonts ];
+ };
}
diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix
index b5cc4b8..d23505b 100644
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@@ -1,9 +1,13 @@
-{ config, ... }: {
+{ config, pkgs, lib, ... }: {
imports = [ ./user.nix ./timezone.nix ./doas.nix ];
- # Pin a state version to prevent warnings
- system.stateVersion =
- config.home-manager.users.${config.user}.home.stateVersion;
+ config = lib.mkIf pkgs.stdenv.isLinux {
+
+ # Pin a state version to prevent warnings
+ system.stateVersion =
+ config.home-manager.users.${config.user}.home.stateVersion;
+
+ };
}
diff --git a/modules/nixos/doas.nix b/modules/nixos/doas.nix
index bbe48b8..f2cff94 100644
--- a/modules/nixos/doas.nix
+++ b/modules/nixos/doas.nix
@@ -1,30 +1,35 @@
# Replace sudo with doas
-{ config, ... }: {
+{ config, pkgs, lib, ... }: {
- security = {
+ config = lib.mkIf pkgs.stdenv.isLinux {
- # Remove sudo
- sudo.enable = false;
+ security = {
- # Add doas
- doas = {
- enable = true;
+ # Remove sudo
+ sudo.enable = false;
- # No password required
- wheelNeedsPassword = false;
+ # Add doas
+ doas = {
+ enable = true;
- # Pass environment variables from user to root
- # Also requires removing password here
- extraRules = [{
- groups = [ "wheel" ];
- noPass = true;
- keepEnv = true;
- }];
+ # No password required
+ wheelNeedsPassword = false;
+
+ # Pass environment variables from user to root
+ # Also requires removing password here
+ extraRules = [{
+ groups = [ "wheel" ];
+ noPass = true;
+ keepEnv = true;
+ }];
+ };
};
+
+ home-manager.users.${config.user}.programs.fish.shellAliases = {
+ sudo = "doas";
+ };
+
};
- home-manager.users.${config.user}.programs.fish.shellAliases = {
- sudo = "doas";
- };
}
diff --git a/modules/nixos/timezone.nix b/modules/nixos/timezone.nix
index 896af0b..a47ed03 100644
--- a/modules/nixos/timezone.nix
+++ b/modules/nixos/timezone.nix
@@ -1,15 +1,19 @@
-{ ... }: {
+{ config, pkgs, lib, ... }: {
- # Service to determine location for time zone
- services.geoclue2.enable = true;
- services.geoclue2.enableWifi = false; # Breaks when it can't connect
- location = { provider = "geoclue2"; };
+ config = lib.mkIf pkgs.stdenv.isLinux {
- # Enable local time based on time zone
- services.localtimed.enable = true;
+ # Service to determine location for time zone
+ services.geoclue2.enable = true;
+ services.geoclue2.enableWifi = false; # Breaks when it can't connect
+ location = { provider = "geoclue2"; };
- # Required to get localtimed to talk to geoclue2
- services.geoclue2.appConfig.localtimed.isSystem = true;
- services.geoclue2.appConfig.localtimed.isAllowed = true;
+ # Enable local time based on time zone
+ services.localtimed.enable = true;
+
+ # Required to get localtimed to talk to geoclue2
+ services.geoclue2.appConfig.localtimed.isSystem = true;
+ services.geoclue2.appConfig.localtimed.isAllowed = true;
+
+ };
}
diff --git a/modules/nixos/user.nix b/modules/nixos/user.nix
index 54a17a8..5895624 100644
--- a/modules/nixos/user.nix
+++ b/modules/nixos/user.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }: {
+{ config, pkgs, lib, ... }: {
options = {
@@ -11,7 +11,7 @@
};
- config = {
+ config = lib.mkIf (pkgs.stdenv.isLinux) {
# Allows us to declaritively set password
users.mutableUsers = false;
diff --git a/modules/programming/default.nix b/modules/programming/default.nix
new file mode 100644
index 0000000..9650fc7
--- /dev/null
+++ b/modules/programming/default.nix
@@ -0,0 +1,12 @@
+{ config, pkgs, lib, ... }: {
+
+ imports = [
+ ./haskell.nix
+ ./kubernetes.nix
+ ./lua.nix
+ ./nix.nix
+ ./python.nix
+ ./terraform.nix
+ ];
+
+}
diff --git a/modules/programming/haskell.nix b/modules/programming/haskell.nix
index 0439350..7bf3df7 100644
--- a/modules/programming/haskell.nix
+++ b/modules/programming/haskell.nix
@@ -1,8 +1,14 @@
-{ ... }: {
+{ config, pkgs, lib, ... }: {
- # Binary Cache for Haskell.nix
- nix.settings.trusted-public-keys =
- [ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ];
- nix.settings.substituters = [ "https://cache.iog.io" ];
+ options.haskell.enable = lib.mkEnableOption "Haskell programming language.";
+
+ config = lib.mkIf config.haskell.enable {
+
+ # Binary Cache for Haskell.nix
+ nix.settings.trusted-public-keys =
+ [ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ];
+ nix.settings.substituters = [ "https://cache.iog.io" ];
+
+ };
}
diff --git a/modules/programming/kubernetes.nix b/modules/programming/kubernetes.nix
index 3f4a849..8864b8b 100644
--- a/modules/programming/kubernetes.nix
+++ b/modules/programming/kubernetes.nix
@@ -1,138 +1,143 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user} = {
+ options.kubernetes.enable = lib.mkEnableOption "Kubernetes tools.";
- home.packages = with pkgs; [
- kubectl # Basic Kubernetes queries
- kubernetes-helm # Helm CLI
- fluxcd # Bootstrap clusters with Flux
- kustomize # Kustomize CLI (for Flux)
- ];
+ config = lib.mkIf config.kubernetes.enable {
+ home-manager.users.${config.user} = {
- programs.fish.shellAbbrs = {
- k = "kubectl";
- pods = "kubectl get pods -A";
- nodes = "kubectl get nodes";
- deploys = "kubectl get deployments -A";
- dash = "kube-dashboard";
- ks = "k9s";
- };
+ home.packages = with pkgs; [
+ kubectl # Basic Kubernetes queries
+ kubernetes-helm # Helm CLI
+ fluxcd # Bootstrap clusters with Flux
+ kustomize # Kustomize CLI (for Flux)
+ ];
- # Terminal Kubernetes UI
- programs.k9s = {
- enable = true;
- # settings = { k9s = { headless = true; }; };
- skin = {
- k9s = {
- body = {
- fgColor = config.theme.colors.base06;
- bgColor = config.theme.colors.base00;
- logoColor = config.theme.colors.base02; # *blue ?
- };
- # Search bar
- prompt = {
- fgColor = config.theme.colors.base06;
- bgColor = config.theme.colors.base00;
- suggestColor = config.theme.colors.base03;
- };
- # Header left side
- info = {
- fgColor = config.theme.colors.base04;
- sectionColor = config.theme.colors.base05;
- };
- dialog = {
- fgColor = config.theme.colors.base06;
- bgColor = config.theme.colors.base00;
- buttonFgColor = config.theme.colors.base06;
- buttonBgColor = config.theme.colors.base0E;
- buttonFocusFgColor = config.theme.colors.base07;
- buttonFocusBgColor = config.theme.colors.base02; # *cyan
- labelFgColor = config.theme.colors.base09;
- fieldFgColor = config.theme.colors.base06;
- };
- frame = {
- border = {
- fgColor = config.theme.colors.base01;
- focusColor = config.theme.colors.base06;
- };
- menu = {
- fgColor = config.theme.colors.base06;
- keyColor = config.theme.colors.base0E; # *magenta
- numKeyColor = config.theme.colors.base0E; # *magenta
- };
- crumbs = {
- fgColor = config.theme.colors.base06;
- bgColor = config.theme.colors.base01;
- activeColor = config.theme.colors.base03;
- };
- status = {
- newColor = config.theme.colors.base04; # *cyan
- modifyColor = config.theme.colors.base0D; # *blue
- addColor = config.theme.colors.base0B; # *green
- errorColor = config.theme.colors.base08; # *red
- highlightColor = config.theme.colors.base09; # *orange
- killColor = config.theme.colors.base03; # *comment
- completedColor = config.theme.colors.base03; # *comment
- };
- title = {
+ programs.fish.shellAbbrs = {
+ k = "kubectl";
+ pods = "kubectl get pods -A";
+ nodes = "kubectl get nodes";
+ deploys = "kubectl get deployments -A";
+ dash = "kube-dashboard";
+ ks = "k9s";
+ };
+
+ # Terminal Kubernetes UI
+ programs.k9s = {
+ enable = true;
+ # settings = { k9s = { headless = true; }; };
+ skin = {
+ k9s = {
+ body = {
fgColor = config.theme.colors.base06;
bgColor = config.theme.colors.base00;
- highlightColor = config.theme.colors.base09; # *orange
- counterColor = config.theme.colors.base0D; # *blue
- filterColor = config.theme.colors.base0E; # *magenta
+ logoColor = config.theme.colors.base02; # *blue ?
};
- };
- views = {
- charts = {
- bgColor = config.theme.colors.base00;
- defaultDialColors =
- [ config.theme.colors.base0D config.theme.colors.base08 ];
- # - *blue
- # - *red
- defaultChartColors =
- [ config.theme.colors.base0D config.theme.colors.base08 ];
- # - *blue
- # - *red
- };
- table = {
- # List of resources
+ # Search bar
+ prompt = {
fgColor = config.theme.colors.base06;
bgColor = config.theme.colors.base00;
-
- # Row selection
- cursorFgColor = config.theme.colors.base07;
- cursorBgColor = config.theme.colors.base01;
-
- # Header row
- header = {
- fgColor = config.theme.colors.base0D;
- bgColor = config.theme.colors.base00;
- sorterColor = config.theme.colors.base0A; # *selection
+ suggestColor = config.theme.colors.base03;
+ };
+ # Header left side
+ info = {
+ fgColor = config.theme.colors.base04;
+ sectionColor = config.theme.colors.base05;
+ };
+ dialog = {
+ fgColor = config.theme.colors.base06;
+ bgColor = config.theme.colors.base00;
+ buttonFgColor = config.theme.colors.base06;
+ buttonBgColor = config.theme.colors.base0E;
+ buttonFocusFgColor = config.theme.colors.base07;
+ buttonFocusBgColor = config.theme.colors.base02; # *cyan
+ labelFgColor = config.theme.colors.base09;
+ fieldFgColor = config.theme.colors.base06;
+ };
+ frame = {
+ border = {
+ fgColor = config.theme.colors.base01;
+ focusColor = config.theme.colors.base06;
};
- };
- xray = {
- fgColor = config.theme.colors.base06;
- bgColor = config.theme.colors.base00;
- cursorColor = config.theme.colors.base06;
- graphicColor = config.theme.colors.base0D;
- showIcons = false;
- };
- yaml = {
- keyColor = config.theme.colors.base0D;
- colonColor = config.theme.colors.base04;
- fgColor = config.theme.colors.base03;
- };
- logs = {
- fgColor = config.theme.colors.base06;
- bgColor = config.theme.colors.base00;
- indicator = {
+ menu = {
+ fgColor = config.theme.colors.base06;
+ keyColor = config.theme.colors.base0E; # *magenta
+ numKeyColor = config.theme.colors.base0E; # *magenta
+ };
+ crumbs = {
+ fgColor = config.theme.colors.base06;
+ bgColor = config.theme.colors.base01;
+ activeColor = config.theme.colors.base03;
+ };
+ status = {
+ newColor = config.theme.colors.base04; # *cyan
+ modifyColor = config.theme.colors.base0D; # *blue
+ addColor = config.theme.colors.base0B; # *green
+ errorColor = config.theme.colors.base08; # *red
+ highlightColor = config.theme.colors.base09; # *orange
+ killColor = config.theme.colors.base03; # *comment
+ completedColor = config.theme.colors.base03; # *comment
+ };
+ title = {
fgColor = config.theme.colors.base06;
bgColor = config.theme.colors.base00;
+ highlightColor = config.theme.colors.base09; # *orange
+ counterColor = config.theme.colors.base0D; # *blue
+ filterColor = config.theme.colors.base0E; # *magenta
+ };
+ };
+ views = {
+ charts = {
+ bgColor = config.theme.colors.base00;
+ defaultDialColors =
+ [ config.theme.colors.base0D config.theme.colors.base08 ];
+ # - *blue
+ # - *red
+ defaultChartColors =
+ [ config.theme.colors.base0D config.theme.colors.base08 ];
+ # - *blue
+ # - *red
+ };
+ table = {
+ # List of resources
+ fgColor = config.theme.colors.base06;
+ bgColor = config.theme.colors.base00;
+
+ # Row selection
+ cursorFgColor = config.theme.colors.base07;
+ cursorBgColor = config.theme.colors.base01;
+
+ # Header row
+ header = {
+ fgColor = config.theme.colors.base0D;
+ bgColor = config.theme.colors.base00;
+ sorterColor = config.theme.colors.base0A; # *selection
+ };
+ };
+ xray = {
+ fgColor = config.theme.colors.base06;
+ bgColor = config.theme.colors.base00;
+ cursorColor = config.theme.colors.base06;
+ graphicColor = config.theme.colors.base0D;
+ showIcons = false;
+ };
+ yaml = {
+ keyColor = config.theme.colors.base0D;
+ colonColor = config.theme.colors.base04;
+ fgColor = config.theme.colors.base03;
+ };
+ logs = {
+ fgColor = config.theme.colors.base06;
+ bgColor = config.theme.colors.base00;
+ indicator = {
+ fgColor = config.theme.colors.base06;
+ bgColor = config.theme.colors.base00;
+ };
};
};
};
};
};
+
};
};
diff --git a/modules/programming/lua.nix b/modules/programming/lua.nix
index e4de60f..127623d 100644
--- a/modules/programming/lua.nix
+++ b/modules/programming/lua.nix
@@ -1,8 +1,12 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user}.home.packages = with pkgs; [
- stylua # Lua formatter
- sumneko-lua-language-server # Lua LSP
- ];
+ options.lua.enable = lib.mkEnableOption "Lua programming language.";
+
+ config = lib.mkIf config.lua.enable {
+ home-manager.users.${config.user}.home.packages = with pkgs; [
+ stylua # Lua formatter
+ sumneko-lua-language-server # Lua LSP
+ ];
+ };
}
diff --git a/modules/programming/nix.nix b/modules/programming/nix.nix
index 272b227..20a297d 100644
--- a/modules/programming/nix.nix
+++ b/modules/programming/nix.nix
@@ -1,11 +1,17 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user} = {
+ options.nixlang.enable = lib.mkEnableOption "Nix programming language.";
- home.packages = with pkgs; [
- nixfmt # Nix file formatter
- nil # Nix language server
- ];
+ config = lib.mkIf config.nixlang.enable {
+
+ home-manager.users.${config.user} = {
+
+ home.packages = with pkgs; [
+ nixfmt # Nix file formatter
+ nil # Nix language server
+ ];
+
+ };
};
diff --git a/modules/programming/python.nix b/modules/programming/python.nix
index d2bde89..e3d435f 100644
--- a/modules/programming/python.nix
+++ b/modules/programming/python.nix
@@ -1,15 +1,21 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user} = {
+ options.python.enable = lib.mkEnableOption "Python programming language.";
- home.packages = with pkgs; [
- # python310 # Standard Python interpreter
- nodePackages.pyright # Python language server
- black # Python formatter
- python310Packages.flake8 # Python linter
- ];
+ config = lib.mkIf config.python.enable {
- programs.fish.shellAbbrs = { py = "python3"; };
+ home-manager.users.${config.user} = {
+
+ home.packages = with pkgs; [
+ # python310 # Standard Python interpreter
+ nodePackages.pyright # Python language server
+ black # Python formatter
+ python310Packages.flake8 # Python linter
+ ];
+
+ programs.fish.shellAbbrs = { py = "python3"; };
+
+ };
};
diff --git a/modules/programming/terraform.nix b/modules/programming/terraform.nix
index 28db982..9a5f3e1 100644
--- a/modules/programming/terraform.nix
+++ b/modules/programming/terraform.nix
@@ -1,15 +1,21 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
+
+ options.terraform.enable = lib.mkEnableOption "Terraform tools.";
+
+ config = lib.mkIf config.terraform.enable {
+
+ home-manager.users.${config.user} = {
+ programs.fish.shellAbbrs = {
+ # Terraform
+ te = "terraform";
+ };
+ home.packages = with pkgs; [
+ terraform # Terraform executable
+ terraform-ls # Language server
+ tflint # Linter
+ ];
- home-manager.users.${config.user} = {
- programs.fish.shellAbbrs = {
- # Terraform
- te = "terraform";
};
- home.packages = with pkgs; [
- terraform # Terraform executable
- terraform-ls # Language server
- tflint # Linter
- ];
};
diff --git a/modules/repositories/default.nix b/modules/repositories/default.nix
new file mode 100644
index 0000000..f3cec00
--- /dev/null
+++ b/modules/repositories/default.nix
@@ -0,0 +1,5 @@
+{ ... }: {
+
+ imports = [ ./dotfiles.nix ./notes.nix ];
+
+}
diff --git a/modules/repositories/dotfiles.nix b/modules/repositories/dotfiles.nix
index 3a21f78..edfdc5d 100644
--- a/modules/repositories/dotfiles.nix
+++ b/modules/repositories/dotfiles.nix
@@ -1,24 +1,30 @@
{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user} = {
+ options.dotfiles.enable = lib.mkEnableOption "Clone dotfiles.";
- home.activation = {
+ config = lib.mkIf config.dotfiles.enable {
- # Always clone dotfiles repository if it doesn't exist
- cloneDotfiles =
- config.home-manager.users.${config.user}.lib.dag.entryAfter
- [ "writeBoundary" ] ''
- if [ ! -d "${config.dotfilesPath}" ]; then
- $DRY_RUN_CMD mkdir --parents $VERBOSE_ARG $(dirname "${config.dotfilesPath}")
- $DRY_RUN_CMD ${pkgs.git}/bin/git clone ${config.dotfilesRepo} "${config.dotfilesPath}"
- fi
- '';
+ home-manager.users.${config.user} = {
+
+ home.activation = {
+
+ # Always clone dotfiles repository if it doesn't exist
+ cloneDotfiles =
+ config.home-manager.users.${config.user}.lib.dag.entryAfter
+ [ "writeBoundary" ] ''
+ if [ ! -d "${config.dotfilesPath}" ]; then
+ $DRY_RUN_CMD mkdir --parents $VERBOSE_ARG $(dirname "${config.dotfilesPath}")
+ $DRY_RUN_CMD ${pkgs.git}/bin/git clone ${config.dotfilesRepo} "${config.dotfilesPath}"
+ fi
+ '';
+
+ };
+
+ # Set a variable for dotfiles repo, not necessary but convenient
+ home.sessionVariables.DOTS = config.dotfilesPath;
};
- # Set a variable for dotfiles repo, not necessary but convenient
- home.sessionVariables.DOTS = config.dotfilesPath;
-
};
}
diff --git a/modules/services/backups.nix b/modules/services/backups.nix
index f07539b..83f4b4b 100644
--- a/modules/services/backups.nix
+++ b/modules/services/backups.nix
@@ -1,21 +1,22 @@
{ config, pkgs, lib, ... }: {
- imports = [ ./secrets.nix ];
-
options = {
- backupS3 = {
+ backup.s3 = {
endpoint = lib.mkOption {
type = lib.types.str;
description = "S3 endpoint for backups";
+ default = null;
};
bucket = lib.mkOption {
type = lib.types.str;
description = "S3 bucket for backups";
+ default = null;
};
accessKeyId = lib.mkOption {
type = lib.types.str;
description = "S3 access key ID for backups";
+ default = null;
};
};
diff --git a/modules/services/caddy.nix b/modules/services/caddy.nix
index 017abd8..bac9b26 100644
--- a/modules/services/caddy.nix
+++ b/modules/services/caddy.nix
@@ -1,18 +1,20 @@
{ config, pkgs, lib, ... }: {
options = {
- caddyRoutes = lib.mkOption {
+ caddy.enable = lib.mkEnableOption "Caddy reverse proxy.";
+ caddy.routes = lib.mkOption {
type = lib.types.listOf lib.types.attrs;
description = "Caddy JSON routes for http servers";
+ default = [ ];
};
- caddyBlocks = lib.mkOption {
+ caddy.blocks = lib.mkOption {
type = lib.types.listOf lib.types.attrs;
description = "Caddy JSON error blocks for http servers";
default = [ ];
};
};
- config = {
+ config = lib.mkIf (config.caddy.enable && config.caddy.routes != [ ]) {
services.caddy = {
enable = true;
@@ -20,8 +22,8 @@
configFile = pkgs.writeText "Caddyfile" (builtins.toJSON {
apps.http.servers.main = {
listen = [ ":443" ];
- routes = config.caddyRoutes;
- errors.routes = config.caddyBlocks;
+ routes = config.caddy.routes;
+ errors.routes = config.caddy.blocks;
};
});
diff --git a/modules/services/calibre.nix b/modules/services/calibre.nix
index fdb9b61..a4cb169 100644
--- a/modules/services/calibre.nix
+++ b/modules/services/calibre.nix
@@ -1,15 +1,14 @@
{ config, pkgs, lib, ... }: {
- imports = [ ./caddy.nix ./backups.nix ];
-
options = {
bookServer = lib.mkOption {
type = lib.types.str;
description = "Hostname for Calibre library";
+ default = null;
};
};
- config = {
+ config = lib.mkIf config.bookServer != null {
services.calibre-web = {
enable = true;
@@ -31,7 +30,7 @@
})
];
- caddyRoutes = [{
+ caddy.routes = [{
match = [{ host = [ config.bookServer ]; }];
handle = [{
handler = "reverse_proxy";
diff --git a/modules/services/cloudflare.nix b/modules/services/cloudflare.nix
index a743886..aac2582 100644
--- a/modules/services/cloudflare.nix
+++ b/modules/services/cloudflare.nix
@@ -1,6 +1,6 @@
# This module is necessary for hosts that are serving through Cloudflare.
-{ ... }:
+{ config, lib, ... }:
let
@@ -36,12 +36,12 @@ let
in {
- imports = [ ./caddy.nix ];
+ options.cloudflare.enable = lib.mkEnableOption "Use Cloudflare.";
- config = {
+ config = lib.mkIf config.cloudflare.enable {
# Forces Caddy to error if coming from a non-Cloudflare IP
- caddyBlocks = [{
+ caddy.blocks = [{
match = [{ not = [{ remote_ip.ranges = cloudflareIpRanges; }]; }];
handle = [{
handler = "static_response";
diff --git a/modules/services/default.nix b/modules/services/default.nix
new file mode 100644
index 0000000..9eb1d56
--- /dev/null
+++ b/modules/services/default.nix
@@ -0,0 +1,25 @@
+{ ... }: {
+
+ imports = [
+ ./backups.nix
+ ./caddy.nix
+ ./calibre.nix
+ ./cloudflare.nix
+ ./gitea.nix
+ ./gnupg.nix
+ ./honeypot.nix
+ ./jellyfin.nix
+ ./keybase.nix
+ ./mullvad.nix
+ ./n8n.nix
+ ./netdata.nix
+ ./nextcloud.nix
+ ./prometheus.nix
+ ./secrets.nix
+ ./sshd.nix
+ ./transmission.nix
+ ./vaultwarden.nix
+ ./wireguard.nix
+ ];
+
+}
diff --git a/modules/services/gitea.nix b/modules/services/gitea.nix
index abdee2d..82893e1 100644
--- a/modules/services/gitea.nix
+++ b/modules/services/gitea.nix
@@ -4,18 +4,17 @@ let giteaPath = "/var/lib/gitea"; # Default service directory
in {
- imports = [ ./caddy.nix ./backups.nix ];
-
options = {
giteaServer = lib.mkOption {
description = "Hostname for Gitea.";
type = lib.types.str;
+ default = null;
};
};
- config = {
+ config = lib.mkIf config.giteaServer != null {
services.gitea = {
enable = true;
httpPort = 3001;
@@ -47,7 +46,7 @@ in {
networking.firewall.allowedTCPPorts = [ 122 ];
- caddyRoutes = [{
+ caddy.routes = [{
match = [{ host = [ config.giteaServer ]; }];
handle = [{
handler = "reverse_proxy";
diff --git a/modules/services/gnupg.nix b/modules/services/gnupg.nix
index d36f262..5324c39 100644
--- a/modules/services/gnupg.nix
+++ b/modules/services/gnupg.nix
@@ -1,6 +1,8 @@
{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user} = {
+ options.gpg.enable = lib.mkEnableOption "GnuPG encryption.";
+
+ home-manager.users.${config.user} = lib.mkIf config.gpg.enable {
programs.gpg.enable = true;
services.gpg-agent = {
enable = true;
diff --git a/modules/services/honeypot.nix b/modules/services/honeypot.nix
index b8e79b6..c298e30 100644
--- a/modules/services/honeypot.nix
+++ b/modules/services/honeypot.nix
@@ -1,4 +1,4 @@
-{ lib, pkgs, ... }:
+{ config, lib, pkgs, ... }:
# Currently has some issues that don't make this viable.
@@ -38,7 +38,9 @@ let
in {
- networking.firewall = {
+ options.honeypot.enable = lib.mkEnableOption "Honeypot fail2ban system.";
+
+ networking.firewall = lib.mkIf config.honeypot.enable {
extraPackages = [ pkgs.ipset ];
# allowedTCPPorts = portsToBlock;
diff --git a/modules/services/jellyfin.nix b/modules/services/jellyfin.nix
index eaf62bc..ffb0587 100644
--- a/modules/services/jellyfin.nix
+++ b/modules/services/jellyfin.nix
@@ -4,14 +4,15 @@
streamServer = lib.mkOption {
type = lib.types.str;
description = "Hostname for Jellyfin library";
+ default = null;
};
};
- config = {
+ config = lib.mkIf config.streamServer != null {
services.jellyfin.enable = true;
- caddyRoutes = [{
+ caddy.routes = [{
match = [{ host = [ config.streamServer ]; }];
handle = [{
handler = "reverse_proxy";
diff --git a/modules/services/keybase.nix b/modules/services/keybase.nix
index a30fc70..220495d 100644
--- a/modules/services/keybase.nix
+++ b/modules/services/keybase.nix
@@ -1,28 +1,34 @@
{ config, pkgs, lib, ... }: {
- services.keybase.enable = true;
- services.kbfs = {
- enable = true;
- # enableRedirector = true;
- mountPoint = "/run/user/1000/keybase/kbfs";
- };
- security.wrappers.keybase-redirector = {
- setuid = true;
- owner = "root";
- group = "root";
- source = "${pkgs.kbfs}/bin/redirector";
- };
+ options.keybase.enable = lib.mkEnableOption "Keybase.";
- home-manager.users.${config.user} = {
- home.packages = [ (lib.mkIf config.gui.enable pkgs.keybase-gui) ];
- home.file = let
- ignorePatterns = ''
- keybase/
- kbfs/'';
- in {
- ".rgignore".text = ignorePatterns;
- ".fdignore".text = ignorePatterns;
+ config = lib.mkIf config.keybase.enable {
+
+ services.keybase.enable = true;
+ services.kbfs = {
+ enable = true;
+ # enableRedirector = true;
+ mountPoint = "/run/user/1000/keybase/kbfs";
};
+ security.wrappers.keybase-redirector = {
+ setuid = true;
+ owner = "root";
+ group = "root";
+ source = "${pkgs.kbfs}/bin/redirector";
+ };
+
+ home-manager.users.${config.user} = {
+ home.packages = [ (lib.mkIf config.gui.enable pkgs.keybase-gui) ];
+ home.file = let
+ ignorePatterns = ''
+ keybase/
+ kbfs/'';
+ in {
+ ".rgignore".text = ignorePatterns;
+ ".fdignore".text = ignorePatterns;
+ };
+ };
+
};
}
diff --git a/modules/services/mullvad.nix b/modules/services/mullvad.nix
index bdf844e..ca97d0e 100644
--- a/modules/services/mullvad.nix
+++ b/modules/services/mullvad.nix
@@ -1,6 +1,12 @@
-{ pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
- services.mullvad-vpn.enable = true;
- environment.systemPackages = [ pkgs.mullvad-vpn ];
+ options.mullvad.enable = lib.mkEnableOption "Mullvad VPN.";
+
+ config = lib.mkIf config.mullvad.enable {
+
+ services.mullvad-vpn.enable = true;
+ environment.systemPackages = [ pkgs.mullvad-vpn ];
+
+ };
}
diff --git a/modules/services/n8n.nix b/modules/services/n8n.nix
index fe0c5ea..5bc73db 100644
--- a/modules/services/n8n.nix
+++ b/modules/services/n8n.nix
@@ -1,21 +1,33 @@
-{ ... }: {
+{ config, pkgs, lib, ... }: {
- services.n8n = {
- enable = true;
- settings = {
- n8n = {
- listenAddress = "127.0.0.1";
- port = 5678;
- };
+ options = {
+ n8nServer = lib.mkOption {
+ type = lib.types.str;
+ description = "Hostname for n8n automation";
+ default = null;
};
};
- caddyRoutes = [{
- match = [{ host = [ config.n8nServer ]; }];
- handle = [{
- handler = "reverse_proxy";
- upstreams = [{ dial = "localhost:5678"; }];
+ config = lib.mkIf config.n8nServer != null {
+
+ services.n8n = {
+ enable = true;
+ settings = {
+ n8n = {
+ listenAddress = "127.0.0.1";
+ port = 5678;
+ };
+ };
+ };
+
+ caddy.routes = [{
+ match = [{ host = [ config.n8nServer ]; }];
+ handle = [{
+ handler = "reverse_proxy";
+ upstreams = [{ dial = "localhost:5678"; }];
+ }];
}];
- }];
+
+ };
}
diff --git a/modules/services/netdata.nix b/modules/services/netdata.nix
index cc14d8d..5082c4c 100644
--- a/modules/services/netdata.nix
+++ b/modules/services/netdata.nix
@@ -1,6 +1,8 @@
{ config, pkgs, lib, ... }: {
- config = {
+ options.netdata.enable = lib.mkEnableOption "Netdata metrics.";
+
+ config = lib.mkIf config.netdata.enable {
services.netdata = {
enable = true;
diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix
index 5feb598..f1c9b28 100644
--- a/modules/services/nextcloud.nix
+++ b/modules/services/nextcloud.nix
@@ -1,17 +1,16 @@
{ config, pkgs, lib, ... }: {
- imports = [ ./caddy.nix ./secrets.nix ./backups.nix ];
-
options = {
nextcloudServer = lib.mkOption {
type = lib.types.str;
description = "Hostname for Nextcloud";
+ default = null;
};
};
- config = {
+ config = lib.mkIf config.nextcloudServer != null {
services.nextcloud = {
enable = true;
@@ -32,7 +31,7 @@
}];
# Point Caddy to Nginx
- caddyRoutes = [{
+ caddy.routes = [{
match = [{ host = [ config.nextcloudServer ]; }];
handle = [{
handler = "reverse_proxy";
diff --git a/modules/services/prometheus.nix b/modules/services/prometheus.nix
index 15e91ee..495aaad 100644
--- a/modules/services/prometheus.nix
+++ b/modules/services/prometheus.nix
@@ -3,9 +3,10 @@
options.metricsServer = lib.mkOption {
type = lib.types.str;
description = "Hostname of the Grafana server.";
+ default = null;
};
- config = {
+ config = lib.mkIf config.metricsServer != null {
services.grafana.enable = true;
@@ -21,7 +22,7 @@
}];
};
- caddyRoutes = [{
+ caddy.routes = [{
match = [{ host = [ config.metricsServer ]; }];
handle = [{
handler = "reverse_proxy";
diff --git a/modules/services/secrets.nix b/modules/services/secrets.nix
index d596c70..0a8ff7f 100644
--- a/modules/services/secrets.nix
+++ b/modules/services/secrets.nix
@@ -47,7 +47,7 @@
};
- config = {
+ config = lib.mkIf (pkgs.stdenv.isLinux && !config.wsl.enable) {
# Create a default directory to place secrets
diff --git a/modules/services/sshd.nix b/modules/services/sshd.nix
index 099589e..9eb4265 100644
--- a/modules/services/sshd.nix
+++ b/modules/services/sshd.nix
@@ -12,7 +12,7 @@
};
};
- config = {
+ config = lib.mkIf (pkgs.stdenv.isLinux && !config.wsl.enable) {
services.openssh = {
enable = true;
ports = [ 22 ];
diff --git a/modules/services/transmission.nix b/modules/services/transmission.nix
index 8c7e667..a1bbd7e 100644
--- a/modules/services/transmission.nix
+++ b/modules/services/transmission.nix
@@ -1,11 +1,10 @@
{ config, pkgs, lib, ... }: {
- imports = [ ./wireguard.nix ./secrets.nix ];
-
options = {
transmissionServer = lib.mkOption {
type = lib.types.str;
description = "Hostname for Transmission";
+ default = null;
};
};
@@ -13,7 +12,7 @@
namespace = config.networking.wireguard.interfaces.wg0.interfaceNamespace;
vpnIp = lib.strings.removeSuffix "/32"
(builtins.head config.networking.wireguard.interfaces.wg0.ips);
- in {
+ in lib.mkIf (config.wireguard.enable && config.transmissionServer != null) {
# Setup transmission
services.transmission = {
diff --git a/modules/services/vaultwarden.nix b/modules/services/vaultwarden.nix
index d9cf20f..b9a3e28 100644
--- a/modules/services/vaultwarden.nix
+++ b/modules/services/vaultwarden.nix
@@ -4,18 +4,17 @@ let vaultwardenPath = "/var/lib/bitwarden_rs"; # Default service directory
in {
- imports = [ ./caddy.nix ./secrets.nix ./backups.nix ];
-
options = {
vaultwardenServer = lib.mkOption {
description = "Hostname for Vaultwarden.";
type = lib.types.str;
+ default = null;
};
};
- config = {
+ config = lib.mkIf config.vaultwardenServer != null {
services.vaultwarden = {
enable = true;
config = {
diff --git a/modules/services/wireguard.nix b/modules/services/wireguard.nix
index 9b1003d..1701f26 100644
--- a/modules/services/wireguard.nix
+++ b/modules/services/wireguard.nix
@@ -1,8 +1,8 @@
{ config, pkgs, lib, ... }: {
- imports = [ ./secrets.nix ];
+ options.wireguard.enable = lib.mkEnableOption "Wireguard VPN setup.";
- config = {
+ config = lib.mkIf (pkgs.stdenv.isLinux && config.wireguard.enable) {
networking.wireguard = {
enable = true;
diff --git a/modules/shell/charm.nix b/modules/shell/charm.nix
index 4cdd071..2a22fd1 100644
--- a/modules/shell/charm.nix
+++ b/modules/shell/charm.nix
@@ -1,6 +1,8 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, lib, ... }: {
- home-manager.users.${config.user} = {
+ options.charm.enable = lib.mkEnableOption "Charm utilities.";
+
+ home-manager.users.${config.user} = lib.mkIf config.charm.enable {
home.packages = with pkgs; [
glow # Markdown previews
diff --git a/modules/wsl/default.nix b/modules/wsl/default.nix
index 73c04ba..a9b1240 100644
--- a/modules/wsl/default.nix
+++ b/modules/wsl/default.nix
@@ -1,19 +1,23 @@
-{ config, lib, ... }: {
+{ config, pkgs, lib, ... }: {
- # Systemd doesn't work in WSL so these must be disabled
- services.geoclue2.enable = lib.mkForce false;
- location = { provider = lib.mkForce "manual"; };
- services.localtimed.enable = lib.mkForce false;
+ config = lib.mkIf (pkgs.stdenv.isLinux && config.wsl.enable) {
- # Used by NeoVim for clipboard sharing with Windows
- # home-manager.users.${config.user}.home.sessionPath =
- # [ "/mnt/c/Program Files/win32yank/" ];
+ # Systemd doesn't work in WSL so these must be disabled
+ services.geoclue2.enable = lib.mkForce false;
+ location = { provider = lib.mkForce "manual"; };
+ services.localtimed.enable = lib.mkForce false;
- # Replace config directory with our repo, since it sources from config on
- # every launch
- system.activationScripts.configDir.text = ''
- rm -rf /etc/nixos
- ln --symbolic --no-dereference --force ${config.dotfilesPath} /etc/nixos
- '';
+ # Used by NeoVim for clipboard sharing with Windows
+ # home-manager.users.${config.user}.home.sessionPath =
+ # [ "/mnt/c/Program Files/win32yank/" ];
+
+ # Replace config directory with our repo, since it sources from config on
+ # every launch
+ system.activationScripts.configDir.text = ''
+ rm -rf /etc/nixos
+ ln --symbolic --no-dereference --force ${config.dotfilesPath} /etc/nixos
+ '';
+
+ };
}