Continue porting darwin, make settei module(s) more reusable by others.

2023-10-02 19:30:31 +02:00 · 2023-10-02 19:30:31 +02:00 · f4890a5d74
commit f4890a5d74
parent 823721ac52
8 changed files with 32 additions and 18 deletions
--- a/modules/nixos/common/default.nix
+++ b/modules/nixos/common/default.nix
@ -2,4 +2,11 @@
  imports = [
    ./hercules.nix
  ];
+
+  config = {
+    system.stateVersion = "22.05";
+
+    # https://github.com/NixOS/nixpkgs/issues/254807
+    boot.swraid.enable = false;
+  };
 }
--- a/modules/nixos/settei/sane-defaults.nix
+++ b/modules/nixos/settei/sane-defaults.nix
@ -6,11 +6,9 @@
  ...
 } @ args: let
  cfg = config.settei.sane-defaults;
+  nmEnabled = config.networking.networkmanager.enable;
 in {
  config = lib.mkIf cfg.enable {
-    # https://github.com/NixOS/nixpkgs/issues/254807
-    boot.swraid.enable = false;
-
    hardware.enableRedistributableFirmware = true;

    services.openssh.enable = true;
@ -24,12 +22,10 @@ in {
        group = username;
        extraGroups = ["wheel"];
        openssh.authorizedKeys.keys = let
-          filteredKeys = let
-            configName' =
-              args.configurationName
-              or (throw "pass configurationName to module arguments or set users.users.${username}.openssh.authorizedKeys yourself");
-          in
-            lib.filterAttrs (name: _: name != configName') cfg.allSshKeys;
+          configName' =
+            args.configurationName
+            or (throw "pass configurationName to module arguments or set users.users.${username}.openssh.authorizedKeys yourself");
+          filteredKeys = lib.filterAttrs (name: _: name != configName') cfg.allSshKeys;
        in
          lib.mkDefault (lib.attrValues filteredKeys);
      };
@ -40,6 +36,15 @@ in {
    #       be able to use sudo with no password
    security.sudo.wheelNeedsPassword = false;

-    system.stateVersion = "22.05";
+    # When NetworkManager isn't in use, add tailscale DNS address manually
+    networking.nameservers = lib.mkIf (!nmEnabled && config.services.tailscale.enable) [
+      "100.100.100.100"
+      "1.1.1.1"
+      "1.0.0.1"
+    ];
+    # NetworkManager probably means desktop system so we don't want to slow down boot times
+    systemd.services = lib.mkIf nmEnabled {
+      NetworkManager-wait-online.enable = false;
+    };
  };
 }