about summary refs log tree commit diff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/home/default.nix87
-rw-r--r--modules/locale/default.nix8
-rw-r--r--modules/nix/default.nix49
-rw-r--r--modules/shell/default.nix45
-rw-r--r--modules/users/default.nix30
-rw-r--r--modules/workstation/default.nix11
-rw-r--r--modules/workstation/fonts/default.nix5
-rw-r--r--modules/workstation/hardware/default.nix6
-rw-r--r--modules/workstation/mail/default.nix7
-rw-r--r--modules/workstation/mail/isync/default.nix36
-rw-r--r--modules/workstation/mail/mutt/default.nix7
-rw-r--r--modules/workstation/networking/default.nix36
-rw-r--r--modules/workstation/windowing/default.nix12
-rw-r--r--modules/workstation/yubikey/default.nix7
14 files changed, 346 insertions, 0 deletions
diff --git a/modules/home/default.nix b/modules/home/default.nix
new file mode 100644
index 000000000000..0ad1cb85b255
--- /dev/null
+++ b/modules/home/default.nix
@@ -0,0 +1,87 @@
+{ lib, config, ... }:
+
+let
+  inherit (lib) attrValues concatStringsSep mapAttrsToList mkOption
+                optionalString recursiveUpdate;
+  inherit (lib.types) bool loaOf nullOr str submodule;
+
+  dirOpts = { ... }: {
+    options = {
+      owner = mkOption {
+        default = null;
+        type = nullOr str;
+      };
+      group = mkOption {
+        default = "users";
+        type = str;
+      };
+      permissions = mkOption {
+        default = "0700";
+        type = str;
+      };
+      activationScripts = mkOption {
+        default = {};
+        type = loaOf str;
+      };
+    };
+  };
+
+  applyDirConfig = user: dir:
+    let
+      owner = if dir.owner == null
+              then user
+              else config.users.users.${dir.owner};
+    in
+      ''
+        chmod ${dir.permissions} .
+        chown ${owner.name}:${dir.group} .
+        ${concatStringsSep "\n" (attrValues dir.activationScripts)}
+      '';
+
+in
+  {
+    options = {
+      home = mkOption {
+        default = {};
+        type = loaOf (submodule (args: recursiveUpdate (dirOpts args) {
+          options = {
+            imperativeNix = mkOption {
+              default = false;
+              type = bool;
+            };
+            dirs = mkOption {
+              default = {};
+              type = loaOf (submodule dirOpts);
+            };
+          };
+        }));
+      };
+    };
+
+    config = {
+      system.activationScripts.home = {
+        deps = [];
+        text = concatStringsSep "\n" (mapAttrsToList
+          (key: home:
+            let
+              user = config.users.users.${key};
+
+            in ''
+              ${optionalString (!home.imperativeNix) ''
+                rm -rf ${user.home}/.nix-{defexpr,profile}
+              ''}
+
+              pushd ${user.home} >/dev/null
+              ${applyDirConfig user home}
+              ${concatStringsSep "\n" (mapAttrsToList (name: dir: ''
+                mkdir -p ${name}
+                pushd ${name} >/dev/null
+                ${applyDirConfig user dir}
+                popd >/dev/null
+              '') home.dirs)}
+              popd >/dev/null
+            ''
+        ) config.home);
+      };
+    };
+  }
diff --git a/modules/locale/default.nix b/modules/locale/default.nix
new file mode 100644
index 000000000000..eb92aeda76bd
--- /dev/null
+++ b/modules/locale/default.nix
@@ -0,0 +1,8 @@
+{ ... }:
+
+{
+  time.timeZone = "UTC";
+
+  i18n.defaultLocale = "eo.utf8";
+  environment.sessionVariables.LC_CTYPE = "en_GB.utf8";
+}
diff --git a/modules/nix/default.nix b/modules/nix/default.nix
new file mode 100644
index 000000000000..eb2f41c49697
--- /dev/null
+++ b/modules/nix/default.nix
@@ -0,0 +1,49 @@
+{ config, pkgs, options, lib, ... }:
+
+let
+  # Most of the standard Darwin-detection methods cause infinite recursion.
+  isDarwin = options.environment ? "darwinConfig";
+
+  # Copy entire nixlib tree to the store.
+  root =
+    let
+      # Just needed for runCommand and git.
+      bootstrapPkgs = import ../.. {};
+
+      # Remove .git before adding to the store, because it's likely to
+      # be large. Ideally, we would also remove files in .gitignore
+      # here too, but that would require either a builtin for running a
+      # shell command, or a gitignore parser written in Nix (eww).
+      workingTree = builtins.filterSource (path: type: baseNameOf path != ".git") ../..;
+    in
+      # Now, use a derivation to delete any gitignored files. Then, we
+      # can use the resulting Nix store path as root tree.
+      toString (bootstrapPkgs.runCommand "nixlib-root" {} ''
+        cp -R ${workingTree} "$out"
+        chmod -R u+w "$out"
+        ${bootstrapPkgs.git}/bin/git init "$out"
+        ${bootstrapPkgs.git}/bin/git -C "$out" clean -fX
+        rm -rf "$out/.git"
+      '');
+
+in {
+  nix.nixPath = [
+    "nixos-config=${root}/sys/${config.networking.hostName}.nix"
+    root
+  ];
+
+  nixpkgs.overlays =
+    let
+      inherit (builtins) attrNames readDir;
+      dir = ../../nixpkgs-overlays;
+      names = attrNames (readDir dir);
+    in
+      map (o: import "${root}/nixpkgs-overlays/${o}") names;
+
+  services = lib.optionalAttrs isDarwin
+    { nix-daemon.enable = true; };
+
+  nix.package = pkgs.nixUnstable;
+
+  nix.daemonNiceLevel = 2;
+}
diff --git a/modules/shell/default.nix b/modules/shell/default.nix
new file mode 100644
index 000000000000..cbf3a79f73e7
--- /dev/null
+++ b/modules/shell/default.nix
@@ -0,0 +1,45 @@
+{ pkgs, config, ... }:
+
+{
+  environment.systemPackages = with pkgs.pkgsConfigured; [
+    coreutils-prefixed
+    curl
+    fzf
+    gitSVN
+    gnused
+    gotop
+    httpie
+    jq
+    kakoune
+    less
+    lynx
+    moreutils
+    ncdu
+    neovim
+    nmap
+    openssh
+    pass
+    pv
+    ranger
+    silver-searcher
+    tmux
+    tree
+    units
+    unixtools.watch
+    wget
+    whois
+  ] ++ lib.optional stdenv.isDarwin pinentry_mac;
+
+  environment.shells = with pkgs.pkgsConfigured; [ zsh ];
+
+  environment.variables.EDITOR = "kak";
+  environment.variables.EMAIL = "hi@alyssa.is";
+
+  environment.etc.zshrc.text = ''
+    unsetopt GLOBAL_RCS
+
+    if [ -z "$__NIXOS_SET_ENVIRONMENT_DONE" ]; then
+        . ${config.system.build.setEnvironment}
+    fi
+  '';
+}
diff --git a/modules/users/default.nix b/modules/users/default.nix
new file mode 100644
index 000000000000..7eda04536e2f
--- /dev/null
+++ b/modules/users/default.nix
@@ -0,0 +1,30 @@
+{ pkgs, lib, ... }:
+
+let
+  # These defaults should override the NixOS defaults,
+  # but still themselves be overridable at the default priority.
+  mkDefault = lib.mkOverride 999;
+
+in {
+  imports = [ ../home ];
+
+  users.mutableUsers = false;
+  users.users.qyliss = {
+    createHome = true;
+    home = mkDefault "/home";
+    uid = mkDefault 1000;
+    packages = with pkgs.pkgsConfigured; [
+      git
+      kakoune
+      tmux
+    ];
+    group = "users";
+    extraGroups = [ "wheel" "networkmanager" ];
+    shell = pkgs.pkgsConfigured.zsh;
+  };
+
+  home.qyliss.permissions = "0500";
+  home.qyliss.dirs.state = {
+    permissions = "0500";
+  };
+}
diff --git a/modules/workstation/default.nix b/modules/workstation/default.nix
new file mode 100644
index 000000000000..d9a4860cc372
--- /dev/null
+++ b/modules/workstation/default.nix
@@ -0,0 +1,11 @@
+{ lib, pkgs, ... }:
+
+{
+  imports = [
+    ../nix ../locale ../shell ../users
+    ./windowing ./fonts ./yubikey ./hardware ./networking
+    ./mail ../../config/weechat/module.nix ../../config/gnupg/module.nix
+  ];
+
+  environment.systemPackages = with pkgs; [ mosh ];
+}
diff --git a/modules/workstation/fonts/default.nix b/modules/workstation/fonts/default.nix
new file mode 100644
index 000000000000..9c59bb60189d
--- /dev/null
+++ b/modules/workstation/fonts/default.nix
@@ -0,0 +1,5 @@
+{ pkgs, ... }:
+
+{
+  fonts.fonts = with pkgs; [ fantasque-sans-mono ];
+}
diff --git a/modules/workstation/hardware/default.nix b/modules/workstation/hardware/default.nix
new file mode 100644
index 000000000000..a81508c7ed3b
--- /dev/null
+++ b/modules/workstation/hardware/default.nix
@@ -0,0 +1,6 @@
+{ ... }:
+
+{
+  i18n.consoleUseXkbConfig = true;
+  services.xserver.layout = "dvorak";
+}
diff --git a/modules/workstation/mail/default.nix b/modules/workstation/mail/default.nix
new file mode 100644
index 000000000000..9b14f2981ec8
--- /dev/null
+++ b/modules/workstation/mail/default.nix
@@ -0,0 +1,7 @@
+{ pkgs, ... }:
+
+{
+  imports = [ ./mutt ];
+
+  environment.systemPackages = with pkgs.pkgsConfigured; [ isync ];
+}
diff --git a/modules/workstation/mail/isync/default.nix b/modules/workstation/mail/isync/default.nix
new file mode 100644
index 000000000000..66343a0c3625
--- /dev/null
+++ b/modules/workstation/mail/isync/default.nix
@@ -0,0 +1,36 @@
+{ pkgs, options, ... }:
+
+let
+  inherit (pkgs.pkgsConfigured) isync;
+
+in {
+  config =
+    if options.environment ? "darwinConfig" then
+      {
+        launchd.user.agents.isync = {
+          serviceConfig.ProgramArguments = [ "${isync}/bin/mbsync" "Periodic" ];
+          serviceConfig.StartInterval = 300;
+          serviceConfig.RunAtLoad = true;
+        };
+      }
+    else
+      {
+        systemd.user.services.isync = {
+          serviceConfig = {
+            Type = "oneshot";
+            ExecStart = ''
+              ${isync}/bin/mbsync Periodic
+            '';
+          };
+        };
+
+        systemd.user.timers.isync = {
+          timerConfig = {
+            Unit = "isync.service";
+            OnCalendar = "*:0/5";
+            Persistent = "true";
+          };
+          wantedBy = [ "default.target" ];
+        };
+      };
+}
diff --git a/modules/workstation/mail/mutt/default.nix b/modules/workstation/mail/mutt/default.nix
new file mode 100644
index 000000000000..1aa8d2aa29d3
--- /dev/null
+++ b/modules/workstation/mail/mutt/default.nix
@@ -0,0 +1,7 @@
+{ pkgs, ... }:
+
+{
+  imports = [ ../../../shell ];
+
+  environment.systemPackages = with pkgs.pkgsConfigured; [ neomutt ];
+}
diff --git a/modules/workstation/networking/default.nix b/modules/workstation/networking/default.nix
new file mode 100644
index 000000000000..b813b33924a6
--- /dev/null
+++ b/modules/workstation/networking/default.nix
@@ -0,0 +1,36 @@
+{ pkgs, ... }:
+
+{
+  networking.networkmanager.enable = true;
+
+  # Plausible MAC randomization
+  networking.networkmanager.ethernet.macAddress = "random";
+  networking.networkmanager.wifi.macAddress = "random";
+  networking.networkmanager.extraConfig = ''
+    [connection-extra]
+    ethernet.generate-mac-address-mask=FE:FF:FF:00:00:00
+    wifi.generate-mac-address-mask=FE:FF:FF:00:00:00
+  '';
+
+  networking.nameservers = [ "::1" ];
+
+  networking.networkmanager.dispatcherScripts = [
+    {
+      source = pkgs.writeText "doh-stub" ''
+        if [ "$2" = up ]
+        then systemctl restart doh-stub.service
+        fi
+      '';
+      type = "basic";
+    }
+  ];
+
+  systemd.services.doh-stub = {
+    script = ''
+      exec ${pkgs.doh-proxy}/bin/doh-stub \
+          --level INFO \
+          --domain qyliss.net \
+          --remote-address 85.119.82.108
+    '';
+  };
+}
diff --git a/modules/workstation/windowing/default.nix b/modules/workstation/windowing/default.nix
new file mode 100644
index 000000000000..e435fd42b68e
--- /dev/null
+++ b/modules/workstation/windowing/default.nix
@@ -0,0 +1,12 @@
+{ pkgs, lib, ... }:
+
+{
+  imports = [ ../../../config/firefox/module.nix ];
+
+  environment.variables.XKB_DEFAULT_LAYOUT = "dvorak";
+  programs.sway-beta.enable = true;
+  programs.sway-beta.package = pkgs.pkgsConfigured.sway-beta;
+
+  environment.systemPackages = with pkgs.pkgsConfigured;
+    lib.optionals (!stdenv.isDarwin) [ alacritty ];
+}
diff --git a/modules/workstation/yubikey/default.nix b/modules/workstation/yubikey/default.nix
new file mode 100644
index 000000000000..7f314bd5cbee
--- /dev/null
+++ b/modules/workstation/yubikey/default.nix
@@ -0,0 +1,7 @@
+{ pkgs, ... }:
+
+{
+  services.pcscd.enable = true;
+
+  services.udev.packages = with pkgs; [ yubikey-personalization ];
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-02 21:26:42 +0000