jalil/configuration.nix
1
1
Fork 0
Code Issues 2 Pull requests 2 Projects Activity Actions

refactor(modules/nixos): move stuff around
All checks were successful
/ check (push) Successful in 9s
Details
/ check-renovaterc (push) Successful in 3s
Details
/ build-packages (push) Successful in 14s
Details
/ build-vm (push) Successful in 1s
Details
/ report-size (push) Successful in 4s
Details

Browse source 
This makes the module a bit clearer and easier to extend.
This commit is contained in:
Jalil David Salamé Messina 2025-03-21 17:50:23 +01:00
parent 673f989e99
commit 917d131cde
Signed by: jalil
GPG key ID: F016B9E770737A0B
9 changed files with 374 additions and 359 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
flake-modules/docs.nix
View file

@ -10,13 +10,13 @@
toplevelOption: option:
option // { visible = option.visible && builtins.elemAt option.loc 0 == toplevelOption; };
home-eval = lib.evalModules {
modules = [ (modules + "/hm/options.nix") ];
modules = [ "${modules}/hm/options.nix" ];
specialArgs = {
inherit pkgs;
};
};
nvim-eval = lib.evalModules { modules = [ (modules + "/nixvim/options.nix") ]; };
nixos-eval = lib.evalModules { modules = [ (modules + "/nixos/options.nix") ]; };
nvim-eval = lib.evalModules { modules = [ "${modules}/nixvim/options.nix" ]; };
nixos-eval = lib.evalModules { modules = [ "${modules}/nixos/options.nix" ]; };
home-markdown =
(pkgs.nixosOptionsDoc {
inherit (home-eval) options;
@ -56,7 +56,7 @@
'';
nativeBuildInputs = [ pkgs.mdbook-toc ];
buildPhase = "${pkgs.mdbook}/bin/mdbook build --dest-dir $out";
buildPhase = "${pkgs.mdbook}/bin/mdbook build --dest-dir \"$out\"";
};
};
};

27
modules/lib.nix Normal file
View file

@ -0,0 +1,27 @@
{ lib }:
let
inherit (lib) types;
in
{
# Like mkEnableOption but defaults to true
mkDisableOption =
option:
(lib.mkEnableOption option)
// {
default = true;
example = false;
};
# A option that accepts an image (and shows it in the docs)
mkImageOption =
{
description,
url,
sha256 ? "",
}:
lib.mkOption {
inherit description;
type = types.path;
default = builtins.fetchurl { inherit url sha256; };
defaultText = lib.literalMD "![${description}](${url})";
};
}

185
modules/nixos/default.nix
View file

@ -1,11 +1,6 @@
{
config,
pkgs,
lib,
...
}:
{ pkgs, lib, ... }@args:
let
cfg = config.jconfig;
cfg = args.config.jconfig;
keysFromGithub = lib.attrsets.mapAttrs' (username: sha256: {
name = "pubkeys/${username}";
value = {
@ -20,108 +15,88 @@ in
{
imports = [
./options.nix
./gui
{ stylix = import ./stylix-config.nix { inherit config pkgs; }; }
./dev.nix
./gui.nix
./styling.nix
];
config = lib.mkIf cfg.enable (
lib.mkMerge [
{
boot.plymouth = {
inherit (cfg.styling) enable;
};
config = lib.mkIf cfg.enable {
# Enable unlocking the gpg-agent at boot (configured through home.nix)
security.pam.services.login.gnupg.enable = true;
# Enable unlocking the gpg-agent at boot (configured through home.nix)
security.pam.services.login.gnupg.enable = true;
environment.systemPackages = [
# CLI tools
pkgs.fd
pkgs.ripgrep
pkgs.du-dust
pkgs.curl
pkgs.zip
pkgs.unzip
];
environment.systemPackages = [
# CLI tools
pkgs.fd
pkgs.ripgrep
pkgs.du-dust
pkgs.curl
pkgs.zip
pkgs.unzip
programs = {
# Shell prompt
starship = {
enable = true;
settings = lib.mkMerge [
{
format = "$time$all";
add_newline = false;
cmd_duration.min_time = 500;
cmd_duration.show_milliseconds = true;
time.disabled = false;
status = {
format = "[$signal_name$common_meaning$maybe_int](red)";
symbol = "[](bold red)";
disabled = false;
};
sudo.disabled = false;
}
# Add nerdfont symbols
(lib.mkIf cfg.styling.enable (import ./starship-nerdfont-symbols.nix))
# Remove the `in`s and `on`s from the prompt
(import ./starship-shorter-text.nix)
];
};
# Default shell
zsh.enable = true;
};
# Enable dev documentation
documentation.dev = {
inherit (cfg.dev) enable;
};
programs = {
# Shell prompt
starship = {
enable = true;
settings = lib.mkMerge [
{
format = "$time$all";
add_newline = false;
cmd_duration.min_time = 500;
cmd_duration.show_milliseconds = true;
time.disabled = false;
status = {
format = "[$signal_name$common_meaning$maybe_int](red)";
symbol = "[](bold red)";
disabled = false;
};
sudo.disabled = false;
}
# Add nerdfont symbols
(lib.mkIf cfg.styling.enable (import ./starship-nerdfont-symbols.nix))
# Remove the `in`s and `on`s from the prompt
(lib.mkIf cfg.styling.enable (import ./starship-shorter-text.nix))
];
};
# Default shell
zsh.enable = true;
};
environment.etc = keysFromGithub;
services = {
# Enable printer autodiscovery if printing is enabled
avahi = {
inherit (config.services.printing) enable;
nssmdns4 = true;
openFirewall = true;
};
openssh.authorizedKeysFiles = builtins.map (path: "/etc/${path}") (
builtins.attrNames keysFromGithub
);
};
users.defaultUserShell = pkgs.zsh;
# Open ports for spotifyd
networking.firewall = {
allowedUDPPorts = [ 5353 ];
allowedTCPPorts = [ 2020 ];
};
# Nix Settings
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
# run between 0 and 45min after boot if run was missed
randomizedDelaySec = "45min";
};
settings = {
use-xdg-base-directories = true;
auto-optimise-store = true;
experimental-features = [
"nix-command"
"flakes"
];
};
};
}
# dev configuration
(lib.mkIf cfg.dev.enable {
users.extraUsers = lib.mkIf cfg.dev.jupyter.enable { jupyter.group = "jupyter"; };
services.jupyter = {
inherit (cfg.dev.jupyter) enable;
group = "jupyter";
user = "jupyter";
};
})
]
);
environment.etc = keysFromGithub;
services = {
# Enable printer autodiscovery if printing is enabled
avahi = {
inherit (args.config.services.printing) enable;
nssmdns4 = true;
openFirewall = true;
};
openssh.authorizedKeysFiles = builtins.map (keys: "/etc/${keys}") (
builtins.attrNames keysFromGithub
);
};
users.defaultUserShell = pkgs.zsh;
# Open ports for spotifyd
networking.firewall = {
allowedUDPPorts = [ 5353 ];
allowedTCPPorts = [ 2020 ];
};
# Nix Settings
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
# run between 0 and 45min after boot if run was missed
randomizedDelaySec = "45min";
};
settings = {
use-xdg-base-directories = true;
auto-optimise-store = true;
experimental-features = [
"nix-command"
"flakes"
];
};
};
};
}

18
modules/nixos/dev.nix Normal file
View file

@ -0,0 +1,18 @@
{ lib, config, ... }:
let
cfg = config.jconfig.dev;
in
{
config = lib.mkIf (config.jconfig.enable && cfg.enable) {
# Enable dev documentation
documentation.dev = { inherit (cfg) enable; };
users.extraUsers = lib.mkIf cfg.jupyter.enable { jupyter.group = "jupyter"; };
services.jupyter = {
inherit (cfg.jupyter) enable;
group = "jupyter";
user = "jupyter";
};
};
}

117
modules/nixos/gui.nix Normal file
View file

@ -0,0 +1,117 @@
{ lib, pkgs, ... }@args:
let
cfg = args.config.jconfig.gui;
enable = args.config.jconfig.enable && cfg.enable;
linuxOlderThan6_3 = lib.versionOlder args.config.boot.kernelPackages.kernel.version "6.3";
in
{
config =
lib.flip lib.pipe
[ lib.mkMerge (lib.mkIf enable) ]
[
{
environment.systemPackages = [
pkgs.adwaita-icon-theme
pkgs.adwaita-qt
pkgs.nordzy-cursor-theme
pkgs.pinentry-qt
];
# Fix xdg-portals issue issue: https://github.com/NixOS/nixpkgs/issues/189851
systemd.user.extraConfig = ''
DefaultEnvironment="PATH=/run/wrappers/bin:/etc/profiles/per-user/%u/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"
'';
fonts.fontDir.enable = true;
programs = {
dconf.enable = true;
sway = {
enable = cfg.sway;
# No extra packages (by default it adds foot, dmenu, and other stuff)
extraPackages = [ ];
wrapperFeatures = {
base = true;
gtk = true;
};
};
};
security = {
polkit.enable = true;
rtkit.enable = true; # Recommended for pipewire
};
services = {
flatpak.enable = true;
# Audio
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
wireplumber.enable = true;
};
# Dbus
dbus.enable = true;
# Virtual Filesystem (for PCManFM)
gvfs.enable = true;
};
xdg.portal = {
# XDG portals
enable = true;
wlr.enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
config.preferred = {
# Default to the gtk portal
default = "gtk";
# Use wlr for screenshots and screen recording
"org.freedesktop.impl.portal.Screenshot" = "wlr";
};
# Consider using darkman like upstream
};
hardware = {
graphics.enable = true;
uinput.enable = true;
steam-hardware.enable = cfg.steamHardwareSupport;
};
}
(lib.mkIf cfg.ydotool.enable {
environment.systemPackages = [ pkgs.ydotool ];
systemd.user.services.ydotool = {
enable = cfg.ydotool.autoStart;
wantedBy = [ "default.target" ];
description = "Generic command-line automation tool";
documentation = [
"man:ydotool(1)"
"man:ydotoold(8)"
];
serviceConfig = {
Type = "simple";
Restart = "always";
ExecStart = "${pkgs.ydotool}/bin/ydotoold";
ExecReload = "${pkgs.util-linux}/bin/kill -HUP $MAINPID";
KillMode = "process";
TimeoutSec = 180;
};
};
})
(lib.mkIf (linuxOlderThan6_3 && cfg."8bitdoFix") {
# Udev rules to start or stop systemd service when controller is connected or disconnected
services.udev.extraRules = # udev
''
# May vary depending on your controller model, find product id using 'lsusb'
SUBSYSTEM=="usb", ATTR{idVendor}=="2dc8", ATTR{idProduct}=="3106", ATTR{manufacturer}=="8BitDo", RUN+="${pkgs.systemd}/bin/systemctl start 8bitdo-ultimate-xinput@2dc8:3106"
# This device (2dc8:3016) is "connected" when the above device disconnects
SUBSYSTEM=="usb", ATTR{idVendor}=="2dc8", ATTR{idProduct}=="3016", ATTR{manufacturer}=="8BitDo", RUN+="${pkgs.systemd}/bin/systemctl stop 8bitdo-ultimate-xinput@2dc8:3106"
'';
# Systemd service which starts xboxdrv in xbox360 mode
systemd.services."8bitdo-ultimate-xinput@" = {
unitConfig.Description = "8BitDo Ultimate Controller XInput mode xboxdrv daemon";
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.xboxdrv}/bin/xboxdrv --mimic-xpad --silent --type xbox360 --device-by-id %I --force-feedback";
};
};
})
];
}

118
modules/nixos/gui/default.nix
View file

@ -1,118 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.jconfig.gui;
enable = config.jconfig.enable && cfg.enable;
linuxOlderThan6_3 = lib.versionOlder config.boot.kernelPackages.kernel.version "6.3";
in
{
config = lib.mkMerge [
(lib.mkIf enable {
environment.systemPackages = [
pkgs.adwaita-icon-theme
pkgs.adwaita-qt
pkgs.nordzy-cursor-theme
pkgs.pinentry-qt
] ++ lib.optional cfg.ydotool.enable pkgs.ydotool;
systemd = {
user.services.ydotool = lib.mkIf cfg.ydotool.enable {
enable = cfg.ydotool.autoStart;
wantedBy = [ "default.target" ];
description = "Generic command-line automation tool";
documentation = [
"man:ydotool(1)"
"man:ydotoold(8)"
];
serviceConfig = {
Type = "simple";
Restart = "always";
ExecStart = "${pkgs.ydotool}/bin/ydotoold";
ExecReload = "${pkgs.util-linux}/bin/kill -HUP $MAINPID";
KillMode = "process";
TimeoutSec = 180;
};
};
# Fix xdg-portals issue issue: https://github.com/NixOS/nixpkgs/issues/189851
user.extraConfig = ''
DefaultEnvironment="PATH=/run/wrappers/bin:/etc/profiles/per-user/%u/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"
'';
};
fonts.fontDir.enable = true;
programs = {
dconf.enable = true;
sway = {
enable = cfg.sway;
# No extra packages (by default it adds foot, dmenu, and other stuff)
extraPackages = [ ];
wrapperFeatures = {
base = true;
gtk = true;
};
};
};
security = {
polkit.enable = true;
rtkit.enable = true; # Recommended for pipewire
};
services = {
flatpak.enable = true;
# Audio
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
wireplumber.enable = true;
};
# Dbus
dbus.enable = true;
# Virtual Filesystem (for PCManFM)
gvfs.enable = true;
};
xdg.portal = {
# XDG portals
enable = true;
wlr.enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
config.preferred = {
# Default to the gtk portal
default = "gtk";
# Use wlr for screenshots and screen recording
"org.freedesktop.impl.portal.Screenshot" = "wlr";
};
# Consider using darkman like upstream
};
hardware = {
graphics.enable = true;
uinput.enable = true;
steam-hardware.enable = cfg.steamHardwareSupport;
};
})
(lib.mkIf (enable && linuxOlderThan6_3 && cfg."8bitdoFix") {
# Udev rules to start or stop systemd service when controller is connected or disconnected
services.udev.extraRules = # udev
''
# May vary depending on your controller model, find product id using 'lsusb'
SUBSYSTEM=="usb", ATTR{idVendor}=="2dc8", ATTR{idProduct}=="3106", ATTR{manufacturer}=="8BitDo", RUN+="${pkgs.systemd}/bin/systemctl start 8bitdo-ultimate-xinput@2dc8:3106"
# This device (2dc8:3016) is "connected" when the above device disconnects
SUBSYSTEM=="usb", ATTR{idVendor}=="2dc8", ATTR{idProduct}=="3016", ATTR{manufacturer}=="8BitDo", RUN+="${pkgs.systemd}/bin/systemctl stop 8bitdo-ultimate-xinput@2dc8:3106"
'';
# Systemd service which starts xboxdrv in xbox360 mode
systemd.services."8bitdo-ultimate-xinput@" = {
unitConfig.Description = "8BitDo Ultimate Controller XInput mode xboxdrv daemon";
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.xboxdrv}/bin/xboxdrv --mimic-xpad --silent --type xbox360 --device-by-id %I --force-feedback";
};
};
})
];
}

181
modules/nixos/options.nix
View file

@ -1,106 +1,95 @@
{ lib, ... }:
let
inherit (lib) types;
# Like mkEnableOption but defaults to true
mkDisableOption =
option:
(lib.mkEnableOption option)
// {
default = true;
example = false;
};
mkImageOption =
{
description,
url,
sha256 ? "",
}:
lib.mkOption {
inherit description;
type = types.path;
default = builtins.fetchurl { inherit url sha256; };
defaultText = lib.literalMD "![${description}](${url})";
};
gui.options = {
enable = lib.mkEnableOption "jalil's default gui configuration.";
# Fix for using Xinput mode on 8bitdo Ultimate C controller
# Inspired by https://aur.archlinux.org/packages/8bitdo-ultimate-controller-udev
# Adapted from: https://gist.github.com/interdependence/28452fbfbe692986934fbe1e54c920d4
"8bitdoFix" = mkDisableOption "a fix for 8bitdo controllers";
steamHardwareSupport = mkDisableOption "steam hardware support";
ydotool = lib.mkOption {
description = "Jalil's default ydotool configuration.";
default = { };
type = types.submodule {
options.enable = mkDisableOption "ydotool";
options.autoStart = mkDisableOption "autostarting ydotool at login";
};
};
sway = mkDisableOption "sway";
};
styling.options = {
enable = mkDisableOption "jalil's default styling (disables stylix)";
wallpaper = mkImageOption {
description = "The wallpaper to use.";
url = "https://raw.githubusercontent.com/lunik1/nixos-logo-gruvbox-wallpaper/d4937c424fad79c1136a904599ba689fcf8d0fad/png/gruvbox-dark-rainbow.png";
sha256 = "036gqhbf6s5ddgvfbgn6iqbzgizssyf7820m5815b2gd748jw8zc";
};
bootLogo = mkImageOption {
description = "The logo used by plymouth at boot.";
# http://xenia-linux-site.glitch.me/images/cathodegaytube-splash.png
url = "https://efimero.github.io/xenia-images/cathodegaytube-splash.png";
sha256 = "qKugUfdRNvMwSNah+YmMepY3Nj6mWlKFh7jlGlAQDo8=";
};
};
config.options = {
enable = lib.mkEnableOption "jalil's default configuration.";
dev = lib.mkOption {
description = "Options for setting up a dev environment";
default = { };
type = types.submodule {
options.enable = lib.mkEnableOption "dev configuration";
options.jupyter.enable = lib.mkEnableOption "jupyter configuration";
};
};
gui = lib.mkOption {
description = "Jalil's default configuration for a NixOS gui.";
default = { };
type = types.submodule gui;
};
styling = lib.mkOption {
description = "Jalil's styling options";
default = { };
type = types.submodule styling;
};
importSSHKeysFromGithub = lib.mkOption {
description = ''
Import public ssh keys from a github username.
This will fetch the keys from https://github.com/$${username}.keys.
The format is `"$${github-username}" = $${sha256-hash}`. The example
will try to fetch the keys from <https://github.com/jalil-salame.keys>.
**Warning**: this will interfere with services like gitea that override
the default ssh behaviour. In that case you want to use
`users.users.<name>.openssh.authorizedKeys.keyFiles` on the users you
want to allow ssh logins.
'';
default = { };
example = {
"jalil-salame" = "sha256:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
};
type = types.attrsOf types.str;
};
};
inherit (import ../lib.nix { inherit lib; })
mkDisableOption
mkImageOption
;
in
{
options.jconfig = lib.mkOption {
description = "Jalil's default NixOS configuration.";
default = { };
type = types.submodule config;
type = types.submodule {
options = {
enable = lib.mkEnableOption "jalil's default configuration.";
importSSHKeysFromGithub = lib.mkOption {
description = ''
Import public ssh keys from a github username.
This will fetch the keys from https://github.com/$${username}.keys.
The format is `"$${github-username}" = $${sha256-hash}`. The example
will try to fetch the keys from <https://github.com/jalil-salame.keys>.
**Warning**: this will interfere with services like gitea that override
the default ssh behaviour. In that case you want to use
`users.users.<name>.openssh.authorizedKeys.keyFiles` on the users you
want to allow ssh logins.
'';
default = { };
example = {
"jalil-salame" = "sha256:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
};
type = types.attrsOf types.str;
};
dev = lib.mkOption {
description = "Options for setting up a dev environment";
default = { };
type = types.submodule {
options = {
enable = lib.mkEnableOption "dev configuration";
jupyter.enable = lib.mkEnableOption "jupyter configuration";
};
};
};
gui = lib.mkOption {
description = "Jalil's default configuration for a NixOS gui.";
default = { };
type = types.submodule {
options = {
enable = lib.mkEnableOption "jalil's default gui configuration.";
# Fix for using Xinput mode on 8bitdo Ultimate C controller
# Inspired by https://aur.archlinux.org/packages/8bitdo-ultimate-controller-udev
# Adapted from: https://gist.github.com/interdependence/28452fbfbe692986934fbe1e54c920d4
"8bitdoFix" = mkDisableOption "a fix for 8bitdo controllers";
steamHardwareSupport = mkDisableOption "steam hardware support";
ydotool = lib.mkOption {
description = "Jalil's default ydotool configuration.";
default = { };
type = types.submodule {
options.enable = mkDisableOption "ydotool";
options.autoStart = mkDisableOption "autostarting ydotool at login";
};
};
sway = mkDisableOption "sway";
};
};
};
styling = lib.mkOption {
description = "Jalil's styling options";
default = { };
type = types.submodule {
options = {
enable = mkDisableOption "jalil's default styling (disables stylix)";
wallpaper = mkImageOption {
description = "The wallpaper to use.";
url = "https://raw.githubusercontent.com/lunik1/nixos-logo-gruvbox-wallpaper/d4937c424fad79c1136a904599ba689fcf8d0fad/png/gruvbox-dark-rainbow.png";
sha256 = "036gqhbf6s5ddgvfbgn6iqbzgizssyf7820m5815b2gd748jw8zc";
};
bootLogo = mkImageOption {
description = "The logo used by plymouth at boot.";
# http://xenia-linux-site.glitch.me/images/cathodegaytube-splash.png
url = "https://efimero.github.io/xenia-images/cathodegaytube-splash.png";
sha256 = "qKugUfdRNvMwSNah+YmMepY3Nj6mWlKFh7jlGlAQDo8=";
};
};
};
};
};
};
};
}

43
modules/nixos/styling.nix Normal file
View file

@ -0,0 +1,43 @@
{ lib, pkgs, ... }@args:
let
cfg = args.config.jconfig.styling;
enable = args.config.jconfig.enable && cfg.enable;
in
{
config = lib.mkIf enable {
boot.plymouth = { inherit (cfg) enable; };
stylix = {
inherit (cfg) enable;
image = cfg.wallpaper;
base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml";
polarity = "dark";
fonts = {
monospace = {
name = "JetBrains Mono";
package = pkgs.jetbrains-mono;
};
sansSerif = {
name = "Noto Sans";
package = pkgs.noto-fonts;
};
serif = {
name = "Noto Serif";
package = pkgs.noto-fonts;
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
sizes.popups = 12;
};
targets = {
plymouth = {
logoAnimated = false;
logo = cfg.bootLogo;
};
nixvim.enable = false;
};
};
};
}

36
modules/nixos/stylix-config.nix
View file

@ -1,36 +0,0 @@
{ config, pkgs }:
let
cfg = config.jconfig.styling;
in
{
inherit (cfg) enable;
image = cfg.wallpaper;
base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml";
polarity = "dark";
fonts = {
monospace = {
name = "JetBrains Mono";
package = pkgs.jetbrains-mono;
};
sansSerif = {
name = "Noto Sans";
package = pkgs.noto-fonts;
};
serif = {
name = "Noto Serif";
package = pkgs.noto-fonts;
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
sizes.popups = 12;
};
targets = {
plymouth = {
logoAnimated = false;
logo = cfg.bootLogo;
};
nixvim.enable = false;
};
}