restructure system configuration

2024-01-15 22:12:53 +13:00 · 2024-01-15 22:12:53 +13:00 · e65c6bc159
commit e65c6bc159
parent 8f58a79fe2
27 changed files with 143 additions and 44 deletions
--- a/hosts/common/base/auto-upgrade.nix
+++ b/hosts/common/base/auto-upgrade.nix
@ -1,31 +0,0 @@
-{ config, inputs, pkgs, lib, ... }:
-
-let
-  inherit (config.networking) hostName;
-  isClean = inputs.self ? rev;
-in
-{
-  system.autoUpgrade = {
-    enable = isClean;
-    dates = "hourly";
-    flags = [
-      "--refresh"
-    ];
-    flake = "github:ooks-io/nix#${hostName};
-  };
-
-# Only run if current config (self) is older than the new one.
-
-  systemd.services.nixos-upgrade = lib.mkIf config.system.autoUpgrade.enable {
-    serviceConfig.ExecCondition = lib.getExe (
-      pkgs.writeShellScriptBin "check-date" ''
-        lastModified() {
-          nix flake metadata "$1" --refresh --json | ${lib.getExe pkgs.jq} '.lastModified'
-        }
-        test "$(lastModified "${config.system.autoUpgrade.flake}")"  -gt "$(lastModified "self")"
-      ''
-    );
-  };
-}
-
-
--- a/hosts/common/base/default.nix
+++ b/hosts/common/base/default.nix
@ -1,29 +0,0 @@
-{ inputs, outputs, ... }: {
-  imports = [
-    inputs.home-manager.nixosModules.home-manager
-    ./nix.nix
-    ./fish.nix
-    ./locale.nix
-    ./security.nix
-    ./systemdboot.nix
-    ./pipewire.nix
-  # ./auto-upgrade.nix # still needs some work
-    ];
-
-  home-manager.extraSpecialArgs = { inherit inputs outputs; };
-  
-  nixpkgs = {
-    overlays = builtins.attrValues outputs.overlays;
-    config = {
-      allowUnfree = true;
-      permittedInsecurePackages = [
-        "openssl-1.1.1u"
-      ];
-    };
-  };
-    
-    
-  #hardware.enableRedistibutableFirmware = true;
-  environment.enableAllTerminfo = true;
-
-  }
--- a/hosts/common/base/fish.nix
+++ b/hosts/common/base/fish.nix
@ -1,10 +0,0 @@
-{
-  programs.fish = {
-    enable = true;
-    vendor = {
-      completions.enable = true;
-      config.enable = true;
-      functions.enable = true;
-    };
-  };
-}
--- a/hosts/common/base/locale.nix
+++ b/hosts/common/base/locale.nix
@ -1,9 +0,0 @@
-{ lib, ... }: {
-  i18n = {
-    defaultLocale = lib.mkDefault "en_US.UTF-8";
-    supportedLocales = lib.mkDefault [
-      "en_US.UTF-8/UTF-8"
-    ];
-  };
-  time.timeZone = lib.mkDefault "Pacific/Auckland";
-}
--- a/hosts/common/base/nix.nix
+++ b/hosts/common/base/nix.nix
@ -1,26 +0,0 @@
-{ inputs, lib, ... }:
-{
-  nix = {
-    settings = {
-      trusted-users = [ "root" "@wheel" ];
-      auto-optimise-store = lib.mkDefault true;
-      experimental-features = [ "nix-command" "flakes" "repl-flake" ];
-      warn-dirty = false;
-      system-features = [ "kvm" "big-parallel" "nixos-test" ];
-      flake-registry = "";
-    };
-    gc = {
-      automatic = true;
-      dates = "weekly";
-      options = "--delete-older-than 2d";
-    };
-
-    # Add each flake input as a registry
-    # To make nix3 commands consistent with the flake
-    registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
-
-    # Add nixpkgs input to NIX_PATH
-    # This lets nix2 commands still use <nixpkgs>
-    nixPath = [ "nixpkgs=${inputs.nixpkgs.outPath}" ];
-  };
-}
--- a/hosts/common/base/pipewire.nix
+++ b/hosts/common/base/pipewire.nix
@ -1,11 +0,0 @@
-{
-  security.rtkit.enable = true;
-  hardware.pulseaudio.enable = false;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-    jack.enable = true;
-  };
-}
--- a/hosts/common/base/security.nix
+++ b/hosts/common/base/security.nix
@ -1,57 +0,0 @@
-
-
-
-
-{ config, pkgs, ... }:
-
-
-{
-
-  environment.systemPackages = with pkgs; [
-    polkit_gnome
-];
-
-  programs = {
-    gnupg.agent = {
-      enable = true;
-      enableSSHSupport = true;
-    };
-    _1password = {
-      enable = true;
-    };
-    _1password-gui = {
-      enable = true;
-      polkitPolicyOwners = [ "ooks" ];
-    };
-  };
-  security = {
-    polkit = {
-      enable = true;
-    };
-    sudo = {
-      enable = true;
-      extraConfig = ''
-        ooks ALL=(ALL) NOPASSWD:ALL
-        '';
-    };
-  };
-  
-  systemd = {
-    user.services.polkit-gnome-authentication-agent-1 = {
-      description = "polkit-gnome-authentication-agent-1";
-      wantedBy = [ "graphical-session.target" ];
-      wants = [ "graphical-session.target" ];
-      after = [ "graphical-session.target" ];
-      serviceConfig = {
-        Type = "simple";
-        ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
-        Restart = "on-failure";
-        RestartSec = 1;
-        TimeoutStopSec = 10;
-
-      };
-    };
-  };
-
-
-}
--- a/hosts/common/base/systemdboot.nix
+++ b/hosts/common/base/systemdboot.nix
@ -1,9 +0,0 @@
-{
-  boot.loader = {
-    systemd-boot = {
-      enable = true;
-      consoleMode = "max";
-    };
-    efi.canTouchEfiVariables = true;
-  };
-}
--- a/hosts/common/features/bluetooth.nix
+++ b/hosts/common/features/bluetooth.nix
@ -1,13 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  hardware.bluetooth.enable = true;
-  
-  # services.blueman.enable = true;
-  
-  environment.systemPackages = with pkgs; [
-  	galaxy-buds-client
-    live-buds-cli
-	  bluetuith
-	];
-}
--- a/hosts/common/features/greetd.nix
+++ b/hosts/common/features/greetd.nix
@ -1,36 +0,0 @@
-{ pkgs, ... }:
-let
-  tuigreet = "${pkgs.greetd.tuigreet}/bin/tuigreet";
-in
-{
-  services.greetd = {
-    enable = true;
-    settings = {
-      default_session = {
-        command = "${tuigreet} --time --remember --cmd Hyprland";
-        user = "greeter";
-      };
-    };
-  };
-
-  # this is a life saver.
-  # literally no documentation about this anywhere.
-  # might be good to write about this...
-  # https://www.reddit.com/r/NixOS/comments/u0cdpi/tuigreet_with_xmonad_how/
-  systemd.services.greetd.serviceConfig = {
-    Type = "idle";
-    StandardInput = "tty";
-    StandardOutput = "tty";
-    StandardError = "journal"; # Without this errors will spam on screen
-    # Without these bootlogs will spam on screen
-    TTYReset = true;
-    TTYVHangup = true;
-    TTYVTDisallocate = true;
-  };
-
-  #environment.etc."greetd/environments".text = ''
-  #  Hyprland
-  #  fish
-  #  bash
-  #'';
-}
--- a/hosts/common/features/vm.nix
+++ b/hosts/common/features/vm.nix
@ -1,28 +0,0 @@
-{config, pkgs, ... }:
-
-{
-  environment.systemPackages = with pkgs; [
-    virt-manager
-    virt-viewer
-    spice 
-    spice-gtk
-    spice-protocol
-    win-virtio
-    win-spice
-    gnome.adwaita-icon-theme
-  ];
-  
-  virtualisation = {
-    libvirtd = {
-      enable = true;
-      qemu = {
-        swtpm.enable = true;
-        ovmf.enable = true;
-        ovmf.packages = [ pkgs.OVMFFull.fd ];
-      };
-    };
-    spiceUSBRedirection.enable = true;
-  };
-  services.spice-vdagentd.enable = true;
-}
-
--- a/hosts/common/user/ooks/default.nix
+++ b/hosts/common/user/ooks/default.nix
@ -1,27 +0,0 @@
-{ pkgs, config, ... }:
-let ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
-in
-{
-  users.users.ooks = {
-    isNormalUser = true;
-    shell = pkgs.fish;
-    extraGroups = [
-    "wheel"
-    "video"
-    "audio"
-    ] ++ ifTheyExist [
-    "git"
-    "network"
-    "libvirtd"
-    "deluge"
-    ];
-
-  packages = [ pkgs.home-manager ];
-  };
-
-  home-manager.users.ooks = import ../../../../home/user/ooks/${config.networking.hostName};
-
-  services.geoclue2.enable = true;
-  security.pam.services = { swaylock = { }; };
-
-}
--- a/hosts/ooksdesk/ooksdesk.nix
+++ b/hosts/ooksdesk/ooksdesk.nix
--- a/hosts/ooksmicro/ooksmicro.nix
+++ b/hosts/ooksmicro/ooksmicro.nix
--- a/hosts/ookst480s/ookst480s.nix
+++ b/hosts/ookst480s/ookst480s.nix
@ -26,7 +26,6 @@

 	networking = {
 		hostName = "ookst480s"; 		
-    networkmanager.enable = true;
 		};


--- a/hosts/ooksx1/default.nix
+++ b/hosts/ooksx1/default.nix