diff --git a/hosts/default.nix b/hosts/default.nix index bcc0f60..d2e1d5a 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -37,7 +37,6 @@ inputs.attic.nixosModules.atticd inputs.lix-module.nixosModules.default self.nixosModules.settei - self.nixosModules.common sharedOptions { disabledModules = [ @@ -54,7 +53,6 @@ inputs.home-manager.darwinModules.home-manager inputs.lix-module.nixosModules.default self.darwinModules.settei - self.darwinModules.common sharedOptions ]; specialArgs.configurationName = "base"; diff --git a/modules/system/common/default.nix b/modules/system/common/default.nix deleted file mode 100644 index 6ba5f86..0000000 --- a/modules/system/common/default.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ isLinux }: -{ - config, - configurationName, - lib, - pkgs, - inputs, - inputs', - username, - ... -}: -let - sharedConfig = { - settei = { - username = lib.mkDefault "niko"; - sane-defaults = { - enable = lib.mkDefault true; - }; - flake-qol.enable = true; - tailscale = { - enable = true; - tailnet = "discus-macaroni.ts.net"; - }; - user = { - enable = lib.mkDefault true; - # TODO: Move to settei or leave here? - extraArgs.machineName = configurationName; - config.imports = [ inputs.settei.homeModules.settei ]; - }; - }; - - programs.fish.enable = true; - users.users.${username}.shell = pkgs.fish; - - time.timeZone = lib.mkDefault "Europe/Warsaw"; - - # NixOS' fish module doesn't allow setting what package to use for fish, - # so I need to override the fish package. - nixpkgs.overlays = [ (_: _: { inherit (inputs'.settei.packages) fish; }) ]; - # TODO: Move to home/common/desktop - settei.unfree.allowedPackages = [ "signal-desktop" ]; - - nix.settings.allow-import-from-derivation = false; - }; - - linuxConfig = lib.optionalAttrs isLinux { - system.stateVersion = "22.05"; - - # https://github.com/NixOS/nixpkgs/issues/254807 - boot.swraid.enable = false; - - i18n.defaultLocale = lib.mkDefault "en_US.UTF-8"; - - settei.user.config = { - services.ssh-agent.enable = true; - }; - - services.prometheus.exporters.node = { - enable = true; - enabledCollectors = [ "systemd" ]; - }; - }; - - darwinConfig = lib.optionalAttrs (!isLinux) { - system.stateVersion = 4; - - # Every macOS ARM machine can emulate x86. - nix.settings.extra-platforms = lib.mkIf pkgs.stdenv.isAarch64 [ "x86_64-darwin" ]; - }; -in -{ - _file = ./default.nix; - - imports = [ - (import ./hercules.nix { inherit isLinux; }) - (import ./user.nix { inherit isLinux; }) - (import ./github-runner.nix { inherit isLinux; }) - (import ./incus.nix { inherit isLinux; }) - ]; - - config = lib.mkMerge [ - sharedConfig - linuxConfig - darwinConfig - ]; -} diff --git a/modules/system/common/user.nix b/modules/system/common/user.nix deleted file mode 100644 index 236ef68..0000000 --- a/modules/system/common/user.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ isLinux }: -{ config, lib, ... }: -let - sharedConfig = { }; - - linuxConfig = lib.optionalAttrs isLinux { boot.kernel.sysctl."kernel.yama.ptrace_scope" = 0; }; - - darwinConfig = lib.optionalAttrs (!isLinux) { }; - - finalConfig = lib.mkMerge [ - sharedConfig - linuxConfig - darwinConfig - ]; -in -{ - _file = ./user.nix; - - config = lib.mkIf config.settei.user.enable finalConfig; -} diff --git a/modules/system/default.nix b/modules/system/default.nix index d0df531..bca0a95 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -16,7 +16,6 @@ inherit (config) perInput; inherit isLinux; }; - common = import ./common { inherit isLinux; }; } ); } diff --git a/modules/system/settei/default.nix b/modules/system/settei/default.nix index e554482..a352333 100644 --- a/modules/system/settei/default.nix +++ b/modules/system/settei/default.nix @@ -4,8 +4,13 @@ isLinux, }: { + config, + configurationName, lib, - options, + pkgs, + inputs, + inputs', + username, ... }: { @@ -19,9 +24,27 @@ (import ./tailscale.nix { inherit isLinux; }) (import ./containers.nix { inherit isLinux; }) ./unfree.nix + (import ./hercules.nix { inherit isLinux; }) + (import ./github-runner.nix { inherit isLinux; }) + (import ./incus.nix { inherit isLinux; }) + (import ./monitoring.nix { inherit isLinux; }) ]; options.settei = with lib; { - username = mkOption { type = types.str; }; + username = mkOption { + type = types.str; + default = "niko"; + }; + }; + + config = { + programs.fish.enable = true; + users.users.${username}.shell = pkgs.fish; + + time.timeZone = lib.mkDefault "Europe/Warsaw"; + + # NixOS' fish module doesn't allow setting what package to use for fish, + # so I need to override the fish package. + nixpkgs.overlays = [ (_: _: { inherit (inputs'.settei.packages) fish; }) ]; }; } diff --git a/modules/system/settei/flake-qol.nix b/modules/system/settei/flake-qol.nix index 73deec4..38a5228 100644 --- a/modules/system/settei/flake-qol.nix +++ b/modules/system/settei/flake-qol.nix @@ -12,7 +12,9 @@ in _file = ./flake-qol.nix; options.settei.flake-qol = with lib; { - enable = mkEnableOption "QoL defaults when using flakes"; + enable = mkEnableOption "QoL defaults when using flakes" // { + default = true; + }; reexportAsArgs = mkOption { type = types.bool; default = true; diff --git a/modules/system/common/github-runner.nix b/modules/system/settei/github-runner.nix similarity index 100% rename from modules/system/common/github-runner.nix rename to modules/system/settei/github-runner.nix diff --git a/modules/system/common/hercules.nix b/modules/system/settei/hercules.nix similarity index 100% rename from modules/system/common/hercules.nix rename to modules/system/settei/hercules.nix diff --git a/modules/system/common/incus.nix b/modules/system/settei/incus.nix similarity index 100% rename from modules/system/common/incus.nix rename to modules/system/settei/incus.nix diff --git a/modules/system/settei/monitoring.nix b/modules/system/settei/monitoring.nix new file mode 100644 index 0000000..fde88fb --- /dev/null +++ b/modules/system/settei/monitoring.nix @@ -0,0 +1,20 @@ +{ isLinux }: +{ lib, ... }: +let + linuxConfig = lib.optionalAttrs isLinux { + services.prometheus.exporters.node = { + enable = true; + enabledCollectors = [ "systemd" ]; + }; + }; + + darwinConfig = lib.optionalAttrs (!isLinux) { }; +in +{ + _file = ./monitoring.nix; + + config = lib.mkMerge [ + linuxConfig + darwinConfig + ]; +} diff --git a/modules/system/settei/sane-defaults.nix b/modules/system/settei/sane-defaults.nix index 7746c4f..3c44e89 100644 --- a/modules/system/settei/sane-defaults.nix +++ b/modules/system/settei/sane-defaults.nix @@ -1,12 +1,19 @@ { isLinux }: -{ config, lib, ... }@args: +{ + config, + pkgs, + lib, + ... +}@args: let cfg = config.settei.sane-defaults; inherit (config.settei) username; options = { settei.sane-defaults = with lib; { - enable = mkEnableOption "Personal sane defaults (but they should make sense for anyone)"; + enable = mkEnableOption "Personal sane defaults (but they should make sense for anyone)" // { + default = true; + }; allSshKeys = mkOption { type = types.attrsOf types.singleLineStr; default = { }; @@ -52,13 +59,14 @@ let trusted-users = lib.optionals (!adminNeedsPassword) [ username ]; use-xdg-base-directories = true; auto-allocate-uids = true; + allow-import-from-derivation = false; extra-substituters = [ - "https://hyprland.cachix.org" + "https://cache.nrab.lol" "https://cache.garnix.io" "https://nix-community.cachix.org" + "https://hyprland.cachix.org" "https://hercules-ci.cachix.org" "https://nrabulinski.cachix.org" - "https://cache.nrab.lol" ]; extra-trusted-public-keys = [ "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" @@ -93,14 +101,25 @@ let # TODO: Actually this should be extraRules which makes wheel users without any password set # be able to use sudo with no password security.sudo.wheelNeedsPassword = false; + + system.stateVersion = "22.05"; + + # https://github.com/NixOS/nixpkgs/issues/254807 + boot.swraid.enable = false; + + i18n.defaultLocale = lib.mkDefault "en_US.UTF-8"; + boot.kernel.sysctl."kernel.yama.ptrace_scope" = 0; }; darwinConfig = lib.optionalAttrs (!isLinux) { + system.stateVersion = 4; services.nix-daemon.enable = true; security.pam.enableSudoTouchIdAuth = true; users.users.${username}.home = "/Users/${username}"; + # Every macOS ARM machine can emulate x86. + nix.settings.extra-platforms = lib.mkIf pkgs.stdenv.isAarch64 [ "x86_64-darwin" ]; }; in { diff --git a/modules/system/settei/tailscale.nix b/modules/system/settei/tailscale.nix index ded880a..fb35752 100644 --- a/modules/system/settei/tailscale.nix +++ b/modules/system/settei/tailscale.nix @@ -11,8 +11,13 @@ let cfg = config.settei.tailscale; options.settei.tailscale = { - enable = mkEnableOption "Tailscale configuration"; - tailnet = mkOption { type = types.str; }; + enable = mkEnableOption "Tailscale configuration" // { + default = true; + }; + tailnet = mkOption { + type = types.str; + default = "discus-macaroni.ts.net"; + }; ipv4 = mkOption { type = types.str; }; ipv6 = mkOption { type = types.str; }; }; diff --git a/modules/system/settei/user.nix b/modules/system/settei/user.nix index 79856bc..7d0637a 100644 --- a/modules/system/settei/user.nix +++ b/modules/system/settei/user.nix @@ -2,6 +2,8 @@ config, options, lib, + inputs, + configurationName, ... }@args: let @@ -13,7 +15,9 @@ in _file = ./user.nix; options.settei.user = with lib; { - enable = mkEnableOption "User-specific configuration"; + enable = mkEnableOption "User-specific configuration" // { + default = true; + }; config = mkOption { type = types.deferredModule; default = { }; @@ -31,12 +35,16 @@ in home-manager.useUserPackages = true; home-manager.extraSpecialArgs = { inherit (args) inputs inputs'; + machineName = configurationName; } // cfg.extraArgs; home-manager.users.${username} = { _file = ./user.nix; - imports = [ cfg.config ]; + imports = [ + inputs.settei.homeModules.settei + cfg.config + ]; home = { inherit username; @@ -45,6 +53,7 @@ in }; programs.home-manager.enable = true; + services.ssh-agent.enable = true; }; }; in