Split system config into tons of modules!

2025-07-06 06:52:13 +05:30 · 2023-06-20 22:08:25 -05:00 · 2023-06-20 22:08:25 -05:00 · 8262f63886
commit 8262f63886
parent 74c00ca4ef
21 changed files with 266 additions and 180 deletions
--- a/system/app/flatpak.nix
+++ b/system/app/flatpak.nix
@ -0,0 +1,7 @@
+{ config, pkgs, ... }:
+
+{
+  # Need some flatpaks
+  services.flatpak.enable = true;
+  xdg.portal.enable = true;
+}
--- a/system/app/gamemode.nix
+++ b/system/app/gamemode.nix
@ -0,0 +1,7 @@
+{ config, pkgs, ... }:
+
+{
+  # Feral GameMode
+  environment.systemPackages = [ pkgs.gamemode ];
+  programs.gamemode.enable = true;
+}
--- a/system/hardware/bluetooth.nix
+++ b/system/hardware/bluetooth.nix
@ -0,0 +1,7 @@
+{ config, pkgs, ... }:
+
+{
+  # Bluetooth
+  hardware.bluetooth.enable = true;
+  services.blueman.enable = true;
+}
--- a/system/hardware/opengl.nix
+++ b/system/hardware/opengl.nix
@ -0,0 +1,6 @@
+{ config, pkgs, ... }:
+
+{
+  # OpenGL
+  hardware.opengl.enable = true;
+}
--- a/system/hardware/openrgb.nix
+++ b/system/hardware/openrgb.nix
@ -0,0 +1,11 @@
+{ config, pkgs, ... }:
+
+{
+  environment.systemPackages = [ pkgs.openrgb-with-all-plugins ];
+
+  # OpenRGB setup
+  services.hardware.openrgb = {
+    enable = true;
+    motherboard = "amd";
+  };
+}
--- a/system/hardware/power.nix
+++ b/system/hardware/power.nix
@ -0,0 +1,9 @@
+{ config, pkgs, ... }:
+
+{
+  environment.systemPackages = [ pkgs.auto-cpufreq ];
+  systemd.services.auto-cpufreq.enable = true;
+
+  services.upower.enable = true;
+  systemd.services.upower.enable = true;
+}
--- a/system/hardware/printing.nix
+++ b/system/hardware/printing.nix
@ -0,0 +1,9 @@
+{ config, pkgs, ... }:
+
+{
+  # Enable printing
+  services.printing.enable = true;
+  services.avahi.enable = true;
+  services.avahi.nssmdns = true;
+  services.avahi.openFirewall = true;
+}
--- a/system/security/blocklist.nix
+++ b/system/security/blocklist.nix
@ -0,0 +1,9 @@
+{ config, blocklist-hosts, pkgs, ... }:
+
+let blocklist = builtins.readFile "${blocklist-hosts}/alternates/gambling-porn/hosts";
+in
+{
+  networking.extraHosts = ''
+    "${blocklist}"
+  '';
+}
--- a/system/security/doas.nix
+++ b/system/security/doas.nix
@ -0,0 +1,16 @@
+{ config, myName, pkgs, ... }:
+
+{
+  # Doas instead of sudo
+  security.doas.enable = true;
+  security.sudo.enable = false;
+  security.doas.extraRules = [{
+    users = [ "${myName}" ];
+    keepEnv = true;
+    persist = true;
+  }];
+
+  environment.systemPackages = [
+    (pkgs.writeScriptBin "sudo" ''exec doas "$@"'')
+  ];
+}
--- a/system/security/firewall.nix
+++ b/system/security/firewall.nix
@ -0,0 +1,11 @@
+{ config, pkgs, ... }:
+
+{
+  # Firewall
+  networking.firewall.enable = true;
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+}
--- a/system/security/gpg.nix
+++ b/system/security/gpg.nix
@ -0,0 +1,11 @@
+{ config, pkgs, ... }:
+
+{
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+}
--- a/system/security/openvpn.nix
+++ b/system/security/openvpn.nix
@ -0,0 +1,6 @@
+{ config, pkgs, ... }:
+
+{
+  environment.systemPackages = [ pkgs.openvpn ];
+  environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn";
+}
--- a/system/security/sshd.nix
+++ b/system/security/sshd.nix
@ -0,0 +1,10 @@
+{ config, pkgs, ... }:
+
+{
+  # Enable incoming ssh
+  services.openssh = {
+    enable = true;
+    openFirewall = true;
+    # TODO authorizedKeysFiles = "";
+  };
+}
--- a/system/wm/dbus.nix
+++ b/system/wm/dbus.nix
@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+
+{
+  services.dbus = {
+    enable = true;
+    packages = [ pkgs.dconf ];
+  };
+
+  programs.dconf = {
+    enable = true;
+  };
+}
--- a/system/wm/fonts.nix
+++ b/system/wm/fonts.nix
@ -0,0 +1,17 @@
+{ config, pkgs, ... }:
+
+{
+  # Fonts are nice to have
+  fonts.fonts = with pkgs; [
+    # Fonts
+    (nerdfonts.override { fonts = [ "Inconsolata" ]; })
+    powerline
+    inconsolata
+    inconsolata-nerdfont
+    iosevka
+    font-awesome
+    ubuntu_font_family
+    terminus_font
+  ];
+
+}
--- a/system/wm/gnome-keyring.nix
+++ b/system/wm/gnome-keyring.nix
@ -0,0 +1,7 @@
+{ config, pkgs, ... }:
+
+{
+  services.gnome = {
+    gnome-keyring.enable = true;
+  };
+}
--- a/system/wm/pipewire.nix
+++ b/system/wm/pipewire.nix
@ -0,0 +1,13 @@
+{ config, pkgs, ... }:
+
+{
+  # Pipewire
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    jack.enable = true;
+  };
+}
--- a/system/wm/x11.nix
+++ b/system/wm/x11.nix
@ -0,0 +1,35 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [ ./pipewire.nix
+              ./dbus.nix
+              ./gnome-keyring.nix
+              ./fonts.nix
+            ];
+
+  # Configure X11
+  services.xserver = {
+    enable = true;
+    layout = "us";
+    xkbVariant = "";
+    xkbOptions = "caps:escape";
+    windowManager.xmonad = {
+      enable = true;
+      enableContribAndExtras = true;
+    };
+    displayManager = {
+      lightdm.enable = true;
+      defaultSession = "none+xmonad";
+      sessionCommands = ''
+      xset -dpms
+      xset s blank
+      xset r rate 350 50
+      xset s 300
+      ${pkgs.lightlocker}/bin/light-locker --idle-hint &
+    '';
+    };
+    libinput = {
+      touchpad.disableWhileTyping = true;
+    };
+  };
+}
--- a/system/wm/xmonad.nix
+++ b/system/wm/xmonad.nix
@ -0,0 +1,20 @@
+{ config, pkgs, ... }:
+
+{
+  # import X11
+  imports = [ ./x11.nix
+              ./pipewire.nix
+              ./dbus.nix
+            ];
+
+  # Setup XMonad
+  services.xserver = {
+    windowManager.xmonad = {
+      enable = true;
+      enableContribAndExtras = true;
+    };
+    displayManager = {
+      defaultSession = "none+xmonad";
+    };
+  };
+}