flake: rework modules folder structure

2024-12-23 19:49:03 +01:00 · 2024-12-23 19:49:03 +01:00 · 0952665f6b
commit 0952665f6b
parent 5d64c56d40
56 changed files with 3 additions and 3 deletions
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -0,0 +1,81 @@
+{ lib, ... }:
+{
+  imports = [
+    ./locale.nix
+
+    ./users/fedfer.nix
+    ./users/veneficium.nix
+
+    ./drivers/samsung-printer.nix
+    ./drivers/ipod.nix
+    ./drivers/openrazer.nix
+    ./drivers/gpu/amd.nix
+    ./drivers/gpu/nvidia.nix
+    ./drivers/gpu/disableNvidia.nix
+
+    ./services/gnome.nix
+    ./services/pipewire.nix
+    ./services/printing.nix
+    ./services/fstrim.nix
+    ./services/tlp.nix
+    ./services/switcheroo.nix
+    ./services/pam.nix
+    ./services/openssh.nix
+
+    ./programs/docker.nix
+    ./programs/tailscale.nix
+    ./programs/powertop.nix
+    ./programs/gnupg.nix
+
+    ./programs/tuigreet.nix
+    ./programs/niri.nix
+  ];
+
+  settings = {
+    users.fedfer.enable = lib.mkDefault false;
+    users.veneficium.enable = lib.mkDefault false;
+
+    programs.docker.enable = lib.mkDefault false;
+    programs.tailscale.enable = lib.mkDefault false;
+    programs.powertop.enable = lib.mkDefault true;
+    programs.gnupg.enable = lib.mkDefault true;
+    programs.gnupg.ssh = lib.mkDefault true;
+    programs.niri.enable = lib.mkDefault false;
+    programs.tuigreet.enable = lib.mkDefault false;
+
+    drivers = {
+      printer.M2020.enable = lib.mkDefault false;
+      ipod.enable = lib.mkDefault false;
+      openrazer.enable = lib.mkDefault false;
+
+      gpu = {
+        nvidia = {
+          enable = lib.mkDefault false;
+          forceDisable = lib.mkDefault true;
+          sync = lib.mkDefault false;
+          offload = lib.mkDefault true;
+        };
+
+        amd.enable = lib.mkDefault false;
+      };
+    };
+
+    services = {
+      printing.enable = lib.mkDefault false;
+      audio.enable = lib.mkDefault false;
+      fstrim.enable = lib.mkDefault true;
+      tlp.enable = lib.mkDefault false;
+      switcheroo.enable = lib.mkDefault false;
+      pam = {
+        enable = lib.mkDefault false;
+        sshd.useGoogleAuth = lib.mkDefault false;
+        sshd.gnupg = lib.mkDefault false;
+      };
+      openssh.enable = lib.mkDefault false;
+      openssh.usePAM = lib.mkDefault false;
+    };
+
+    gnome.enable = lib.mkDefault false;
+
+  };
+}
--- a/modules/nixos/drivers/gpu/amd.nix
+++ b/modules/nixos/drivers/gpu/amd.nix
@ -0,0 +1,12 @@
+{ lib, config, ... }:
+{
+
+  options.settings.drivers.gpu.amd = {
+    enable = lib.mkEnableOption "enable AMD gpu drivers";
+  };
+
+  config = lib.mkIf config.settings.drivers.gpu.amd.enable {
+    boot.initrd.kernelModules = [ "amdgpu" ];
+    services.xserver.videoDrivers = [ "amdgpu" ];
+  };
+}
--- a/modules/nixos/drivers/gpu/disableNvidia.nix
+++ b/modules/nixos/drivers/gpu/disableNvidia.nix
@ -0,0 +1,33 @@
+{ lib, config, ... }:
+{
+
+  options = {
+    settings.drivers.gpu.nvidia.forceDisable = lib.mkEnableOption "force disable all nvidia drivers";
+  };
+
+  config = lib.mkIf config.settings.drivers.gpu.nvidia.forceDisable {
+    #hardware.nvidiaOptimus.disable = true;
+    boot.extraModprobeConfig = ''
+      blacklist nouveau
+      options nouveau modeset=0
+    '';
+    services.udev.extraRules = ''
+      # Remove NVIDIA USB xHCI Host Controller devices, if present
+      ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{power/control}="auto", ATTR{remove}="1"
+      # Remove NVIDIA USB Type-C UCSI devices, if present
+      ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{power/control}="auto", ATTR{remove}="1"
+      # Remove NVIDIA Audio devices, if present
+      ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{power/control}="auto", ATTR{remove}="1"
+      # Remove NVIDIA VGA/3D controller devices
+      ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x03[0-9]*", ATTR{power/control}="auto", ATTR{remove}="1"
+    '';
+    boot.blacklistedKernelModules = [
+      "nouveau"
+      "nvidia"
+      "nvidia_uvm"
+      "nvidiafb"
+      "nvidia_drm"
+      "nvidia_modeset"
+    ];
+  };
+}
--- a/modules/nixos/drivers/gpu/nvidia.nix
+++ b/modules/nixos/drivers/gpu/nvidia.nix
@ -0,0 +1,28 @@
+{ lib, config, ... }:
+{
+
+  options.settings.drivers.gpu.nvidia = {
+    enable = lib.mkEnableOption "Enable Nvidia proprietary drivers";
+    offload = lib.mkEnableOption "Enable prime offloading";
+    sync = lib.mkEnableOption "Enable prime sync";
+  };
+
+  config = lib.mkIf config.settings.drivers.gpu.nvidia.enable {
+    services.xserver.videoDrivers = [ "nvidia" ];
+    hardware.nvidia = {
+      open = false;
+      modesetting.enable = true;
+      powerManagement.enable = true;
+      prime = {
+        nvidiaBusId = "pci:1:0:0";
+        amdgpuBusId = "pci:5:0:0";
+      };
+      prime.offload = lib.mkIf config.settings.drivers.gpu.nvidia.offload {
+        enable = true;
+        enableOffloadCmd = true;
+      };
+      prime.sync.enable = lib.mkIf config.settings.drivers.gpu.nvidia.sync true;
+      nvidiaSettings = true;
+    };
+  };
+}
--- a/modules/nixos/drivers/ipod.nix
+++ b/modules/nixos/drivers/ipod.nix
@ -0,0 +1,19 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+{
+
+  options.settings.drivers.ipod = {
+    enable = lib.mkEnableOption "Enable necessary software for ipod communication";
+  };
+
+  config = lib.mkIf config.settings.drivers.ipod.enable {
+    services.usbmuxd.enable = true;
+
+    environment.systemPackages = with pkgs; [ libimobiledevice ];
+  };
+
+}
--- a/modules/nixos/drivers/openrazer.nix
+++ b/modules/nixos/drivers/openrazer.nix
@ -0,0 +1,14 @@
+{ config, lib, ... }:
+{
+  options.settings.drivers.openrazer = {
+    enable = lib.mkEnableOption "Enable the openrazer drivers for razer device-specific features (IE RGB lights control)";
+  };
+
+  config = lib.mkIf config.settings.drivers.openrazer.enable {
+    hardware.openrazer.enable = true;
+    hardware.openrazer.users = [
+      "fedfer"
+      "veneficium"
+    ];
+  };
+}
--- a/modules/nixos/drivers/samsung-printer.nix
+++ b/modules/nixos/drivers/samsung-printer.nix
@ -0,0 +1,16 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+{
+  #use driver compatible with samsung M2020 printer
+  options.settings.drivers.printer = {
+    M2020.enable = lib.mkEnableOption "use the appropriate driver for the samsung M2020 printer";
+  };
+
+  config = lib.mkIf config.settings.drivers.printer.M2020.enable {
+    services.printing.drivers = [ pkgs.samsung-unified-linux-driver_1_00_37 ];
+  };
+}
--- a/modules/nixos/locale.nix
+++ b/modules/nixos/locale.nix
@ -0,0 +1,26 @@
+{ ... }:
+{
+
+  time.timeZone = "Europe/Rome";
+
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "it_IT.UTF-8";
+    LC_IDENTIFICATION = "it_IT.UTF-8";
+    LC_MEASUREMENT = "it_IT.UTF-8";
+    LC_MONETARY = "it_IT.UTF-8";
+    LC_NAME = "it_IT.UTF-8";
+    LC_NUMERIC = "it_IT.UTF-8";
+    LC_PAPER = "it_IT.UTF-8";
+    LC_TELEPHONE = "it_IT.UTF-8";
+    LC_TIME = "it_IT.UTF-8";
+  };
+
+  console.keyMap = "it";
+
+  services.xserver.xkb = {
+    layout = "it";
+    variant = "";
+  };
+}
--- a/modules/nixos/programs/docker.nix
+++ b/modules/nixos/programs/docker.nix
@ -0,0 +1,8 @@
+{ lib, config, ... }:
+{
+  options.settings.programs.docker = {
+    enable = lib.mkEnableOption "enables docker";
+  };
+
+  config = lib.mkIf config.settings.programs.docker.enable { virtualisation.docker.enable = true; };
+}
--- a/modules/nixos/programs/gnupg.nix
+++ b/modules/nixos/programs/gnupg.nix
@ -0,0 +1,14 @@
+{ config, lib, ... }:
+{
+  options.settings.programs.gnupg = {
+    enable = lib.mkEnableOption "enable gnuPG";
+    ssh = lib.mkEnableOption "enable gnuPG ssh integration";
+  };
+
+  config = lib.mkIf config.settings.programs.gnupg.enable {
+    programs.gnupg.agent = {
+      enable = true;
+      enableSSHSupport = config.settings.programs.gnupg.ssh;
+    };
+  };
+}
--- a/modules/nixos/programs/niri.nix
+++ b/modules/nixos/programs/niri.nix
@ -0,0 +1,29 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+{
+
+  options.settings.programs.niri = {
+    enable = lib.mkEnableOption "enables the niri window-manager";
+  };
+
+  config = lib.mkIf config.settings.programs.niri.enable {
+    programs.niri.enable = true;
+    programs.niri.package = pkgs.niri-unstable;
+
+    security.pam.services.swaylock = { };
+
+    environment.systemPackages = with pkgs; [
+      swayosd
+      fuzzel
+      alacritty
+      wl-clipboard
+      wayland-utils
+      libsecret
+      xwayland-satellite-unstable
+    ];
+  };
+}
--- a/modules/nixos/programs/powertop.nix
+++ b/modules/nixos/programs/powertop.nix
@ -0,0 +1,10 @@
+{ config, lib, ... }:
+{
+  options.settings.programs.powertop = {
+    enable = lib.mkEnableOption "enables powertop";
+  };
+
+  config = lib.mkIf config.settings.programs.powertop.enable {
+    powerManagement.powertop.enable = true;
+  };
+}
--- a/modules/nixos/programs/tailscale.nix
+++ b/modules/nixos/programs/tailscale.nix
@ -0,0 +1,8 @@
+{ config, lib, ... }:
+{
+  options.settings.programs.tailscale = {
+    enable = lib.mkEnableOption "enable tailscale";
+  };
+
+  config = lib.mkIf config.settings.programs.tailscale.enable { services.tailscale.enable = true; };
+}
--- a/modules/nixos/programs/tuigreet.nix
+++ b/modules/nixos/programs/tuigreet.nix
@ -0,0 +1,23 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  options.settings.programs.tuigreet = {
+    enable = lib.mkEnableOption "enables the tuigreet greeter";
+  };
+
+  config = lib.mkIf config.settings.programs.tuigreet.enable {
+    services.greetd = {
+      enable = true;
+      settings = {
+        default_session = {
+          command = "${pkgs.greetd.tuigreet}/bin/tuigreet -t -g \"Haii! :3\" --theme \"container=black;input=lightBlue;prompt=green;greet=magenta;border=blue\"";
+          user = "greeter";
+        };
+      };
+    };
+  };
+}
--- a/modules/nixos/services/fstrim.nix
+++ b/modules/nixos/services/fstrim.nix
@ -0,0 +1,8 @@
+{ config, lib, ... }:
+{
+  options.settings.services.fstrim = {
+    enable = lib.mkEnableOption "enables fstrim";
+  };
+
+  config = lib.mkIf config.settings.services.fstrim.enable { services.fstrim.enable = true; };
+}
--- a/modules/nixos/services/gnome.nix
+++ b/modules/nixos/services/gnome.nix
@ -0,0 +1,41 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  options.settings.gnome = {
+    enable = lib.mkEnableOption "enable gnome de";
+  };
+
+  #todo make this more configurable
+  config = lib.mkIf config.settings.gnome.enable {
+    services.xserver = {
+      enable = true;
+      displayManager.gdm.enable = true;
+      desktopManager.gnome.enable = true;
+    };
+
+    environment.systemPackages = [ pkgs.gnome-tweaks ];
+
+    #enable browser connector for installing extensions
+    services.gnome.gnome-browser-connector.enable = true;
+
+    # Gnome enables pulse by default smh
+    # make sure to have PIPEWIRE enabled
+    hardware.pulseaudio.enable = false;
+
+    # remove various bloat
+    environment.gnome.excludePackages = with pkgs; [
+      gnome-contacts
+      gnome-maps
+      gnome-music
+      gnome-weather
+      gnome-tour
+      epiphany
+      totem
+      yelp
+    ];
+  };
+}
--- a/modules/nixos/services/openssh.nix
+++ b/modules/nixos/services/openssh.nix
@ -0,0 +1,22 @@
+{ config, lib, ... }:
+{
+  options.settings.services.openssh = {
+    enable = lib.mkEnableOption "enable openSSH";
+    usePAM = lib.mkEnableOption "use PAM for ssh authentication";
+  };
+
+  #further move these options into settings
+  config = lib.mkIf config.settings.services.openssh.enable {
+    services.openssh = {
+      enable = true;
+      ports = [ 12342 ];
+      settings = {
+        UsePAM = config.settings.services.openssh.usePAM;
+        PasswordAuthentication = true;
+        AllowUsers = null;
+        X11Forwarding = false;
+        PermitRootLogin = "prohibit-password";
+      };
+    };
+  };
+}
--- a/modules/nixos/services/pam.nix
+++ b/modules/nixos/services/pam.nix
@ -0,0 +1,21 @@
+{ config, lib, ... }:
+{
+  options.settings.services.pam = {
+    enable = lib.mkEnableOption "enables PAM";
+    sshd = {
+      useGoogleAuth = lib.mkEnableOption "use pam_google_authenticator.so module";
+      gnupg = lib.mkEnableOption "enable gnuPG integration";
+    };
+  };
+
+  config = lib.mkIf config.settings.services.pam.enable {
+    security.pam = {
+      services.sshd = {
+        name = "sshd";
+        unixAuth = true;
+        googleAuthenticator.enable = config.settings.services.pam.sshd.useGoogleAuth;
+        gnupg.enable = config.settings.services.pam.sshd.gnupg;
+      };
+    };
+  };
+}
--- a/modules/nixos/services/pipewire.nix
+++ b/modules/nixos/services/pipewire.nix
@ -0,0 +1,20 @@
+{ config, lib, ... }:
+{
+  options.settings.services.audio = {
+    enable = lib.mkEnableOption "enable sound through pipewire and its compat layers";
+  };
+
+  config = lib.mkIf config.settings.services.audio.enable {
+
+    #enable RealtimeKit for realtime audio ( req by PulseAudio )
+    security.rtkit.enable = true;
+
+    services.pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+      jack.enable = true;
+    };
+  };
+}
--- a/modules/nixos/services/printing.nix
+++ b/modules/nixos/services/printing.nix
@ -0,0 +1,19 @@
+{ config, lib, ... }:
+{
+  options.settings.services.printing = {
+    enable = lib.mkEnableOption "enable printing";
+  };
+
+  config = lib.mkIf config.settings.services.printing.enable {
+    services = {
+      printing = {
+        enable = true;
+      };
+      avahi = {
+        enable = true;
+        nssmdns4 = true;
+        openFirewall = true;
+      };
+    };
+  };
+}
--- a/modules/nixos/services/switcheroo.nix
+++ b/modules/nixos/services/switcheroo.nix
@ -0,0 +1,10 @@
+{ config, lib, ... }:
+{
+  options.settings.services.switcheroo = {
+    enable = lib.mkEnableOption "enable switcheroo-control for nvidia optimus management";
+  };
+
+  config = lib.mkIf config.settings.services.switcheroo.enable {
+    services.switcherooControl.enable = true;
+  };
+}
--- a/modules/nixos/services/tlp.nix
+++ b/modules/nixos/services/tlp.nix
@ -0,0 +1,8 @@
+{ config, lib, ... }:
+{
+  options.settings.services.tlp = {
+    enable = lib.mkEnableOption "enables tlp for power management";
+  };
+
+  config = lib.mkIf config.settings.services.tlp.enable { services.tlp.enable = true; };
+}
--- a/modules/nixos/users/fedfer.nix
+++ b/modules/nixos/users/fedfer.nix
@ -0,0 +1,24 @@
+#need to move stuff to home-manager
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+{
+  options.settings.users.fedfer = {
+    enable = lib.mkEnableOption "enables user FedFer";
+  };
+
+  config = lib.mkIf config.settings.users.fedfer.enable {
+    users.users.fedfer = {
+      isNormalUser = true;
+      description = "FedFer";
+      extraGroups = [
+        "networkmanager"
+        "wheel"
+      ];
+      shell = pkgs.fish;
+    };
+  };
+}
--- a/modules/nixos/users/veneficium.nix
+++ b/modules/nixos/users/veneficium.nix
@ -0,0 +1,17 @@
+{ config, lib, ... }:
+{
+  options.settings.users.veneficium = {
+    enable = lib.mkEnableOption "enables user Veneficium";
+  };
+
+  config = lib.mkIf config.settings.users.veneficium.enable {
+    users.users.veneficium = {
+      isNormalUser = true;
+      description = "Veneficium";
+      extraGroups = [
+        "networkmanager"
+        "wheel"
+      ];
+    };
+  };
+}