From f1a1dd5d53164386ce6309df6d46330cc656e513 Mon Sep 17 00:00:00 2001 From: Henri Dohmen Date: Mon, 30 Jun 2025 22:39:38 +0200 Subject: [PATCH] modularize --- host/c2/default.nix | 3 +- host/solo/default.nix | 3 +- mod/default.nix | 5 +- mod/desktop/audio.nix | 28 +++++++++ mod/desktop/default.nix | 76 ++++++++++++++++++++++++ mod/desktop/fonts.nix | 25 ++++++++ mod/desktop/gpg.nix | 33 +++++++++++ mod/desktop/network.nix | 87 ++++++++++++++++++++++++++++ mod/desktop/services.nix | 49 ++++++++++++++++ mod/desktop/software/default.nix | 59 +++++++++++++++++++ mod/desktop/software/development.nix | 35 +++++++++++ mod/desktop/window-manager.nix | 22 +++++++ pc/audio.nix | 15 ----- pc/default.nix | 21 ------- pc/fonts.nix | 13 ----- pc/gpg.nix | 21 ------- pc/home-manager.nix | 32 ---------- pc/network.nix | 75 ------------------------ pc/nix.nix | 18 ------ pc/security.nix | 4 -- pc/services.nix | 21 ------- pc/software/default.nix | 9 --- pc/software/development.nix | 18 ------ pc/software/editors.nix | 9 --- pc/software/programs.nix | 41 ------------- pc/software/window-manager.nix | 9 --- pc/sync.nix | 16 ----- 27 files changed, 422 insertions(+), 325 deletions(-) create mode 100644 mod/desktop/audio.nix create mode 100644 mod/desktop/default.nix create mode 100644 mod/desktop/fonts.nix create mode 100644 mod/desktop/gpg.nix create mode 100644 mod/desktop/network.nix create mode 100644 mod/desktop/services.nix create mode 100644 mod/desktop/software/default.nix create mode 100644 mod/desktop/software/development.nix create mode 100644 mod/desktop/window-manager.nix delete mode 100644 pc/audio.nix delete mode 100644 pc/default.nix delete mode 100644 pc/fonts.nix delete mode 100644 pc/gpg.nix delete mode 100644 pc/home-manager.nix delete mode 100644 pc/network.nix delete mode 100644 pc/nix.nix delete mode 100644 pc/security.nix delete mode 100644 pc/services.nix delete mode 100644 pc/software/default.nix delete mode 100644 pc/software/development.nix delete mode 100644 pc/software/editors.nix delete mode 100644 pc/software/programs.nix delete mode 100644 pc/software/window-manager.nix delete mode 100644 pc/sync.nix diff --git a/host/c2/default.nix b/host/c2/default.nix index dbcb773..3126a01 100644 --- a/host/c2/default.nix +++ b/host/c2/default.nix @@ -7,7 +7,6 @@ common-cpu-intel common-pc-laptop common-pc-laptop-ssd - ../../pc ]; boot.loader.efi.efiSysMountPoint = "/boot/efi"; @@ -17,6 +16,8 @@ cpuFreqGovernor = "ondemand"; }; + desktop.enable = true; + # ====== DON'T CHANGE ====== system.stateVersion = "25.05"; } diff --git a/host/solo/default.nix b/host/solo/default.nix index ff1d737..a6e033e 100644 --- a/host/solo/default.nix +++ b/host/solo/default.nix @@ -6,7 +6,6 @@ ./hardware-configuration.nix ./keyboard.nix ./nvidia-gpu.nix - ../../pc ]; powerManagement = { @@ -14,6 +13,8 @@ cpuFreqGovernor = "performance"; }; + desktop.enable = true; + # ====== DON'T CHANGE ====== system.stateVersion = "25.05"; } diff --git a/mod/default.nix b/mod/default.nix index 405bdc1..3dcee22 100644 --- a/mod/default.nix +++ b/mod/default.nix @@ -1,4 +1,7 @@ { ... }: { - imports = [ ./nginx.nix ]; + imports = [ + ./nginx.nix + ./desktop + ]; } diff --git a/mod/desktop/audio.nix b/mod/desktop/audio.nix new file mode 100644 index 0000000..517546a --- /dev/null +++ b/mod/desktop/audio.nix @@ -0,0 +1,28 @@ +{ + pkgs, + config, + lib, + ... +}: +let + cfg = config.desktop.audio; + inherit (lib) mkEnableOption mkIf; +in +{ + options.desktop.audio.enable = mkEnableOption "Audio"; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + pavucontrol + alsa-utils + ]; + + services.pulseaudio.enable = false; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + }; +} diff --git a/mod/desktop/default.nix b/mod/desktop/default.nix new file mode 100644 index 0000000..a8bd2f4 --- /dev/null +++ b/mod/desktop/default.nix @@ -0,0 +1,76 @@ +{ + inputs, + lib, + config, + options, + ... +}: +let + cfg = config.desktop; + inherit (lib) mkEnableOption mkIf; +in +{ + imports = [ + ./audio.nix + ./fonts.nix + ./gpg.nix + ./network.nix + ./services.nix + ./window-manager.nix + ./software + inputs.nixos-config-hidden.nixosModules.pc + inputs.home-manager.nixosModules.home-manager + { + home-manager.users."hd" = lib.mkAliasDefinitions options.home; + # install to /etc/profiles, not ~/.nix-profile + home-manager.useUserPackages = true; + # dont use home.nixpkgs + home-manager.useGlobalPkgs = true; + } + + ]; + + options = { + desktop.enable = mkEnableOption "Desktop Configuration"; + home = lib.mkOption { + type = lib.types.attrsOf lib.types.str; + default = { }; + description = "home-manager configuration."; + }; + }; + + config = mkIf cfg.enable { + desktop = { + audio.enable = true; + fonts.enable = true; + gpg.enable = true; + network.enable = true; + services.enable = true; + software.enable = true; + wm.enable = true; + }; + + nixpkgs.config.allowUnfreePredicate = + pkg: + builtins.elem (lib.getName pkg) [ + "nvidia-x11" + "nvidia-settings" + "vscode" + "obsidian" + "steam" + "steam-unwrapped" + "gateway" # jetbrains + "spotify" + "rust-rover" + ]; + + programs.nix-ld.enable = true; + + home = { + home.stateVersion = config.system.stateVersion; + imports = [ ../../mod-hm ]; + }; + + security.protectKernelImage = true; + }; +} diff --git a/mod/desktop/fonts.nix b/mod/desktop/fonts.nix new file mode 100644 index 0000000..5e921da --- /dev/null +++ b/mod/desktop/fonts.nix @@ -0,0 +1,25 @@ +{ + pkgs, + config, + lib, + ... +}: +let + cfg = config.desktop.fonts; + inherit (lib) mkEnableOption mkIf; +in +{ + options.desktop.fonts.enable = mkEnableOption "Fonts"; + config = mkIf cfg.enable { + fonts = { + packages = with pkgs; [ + noto-fonts + noto-fonts-cjk-sans + noto-fonts-emoji + nerd-fonts.noto + ]; + fontDir.enable = true; + fontconfig.defaultFonts.monospace = [ "Noto Nerd Font Mono" ]; + }; + }; +} diff --git a/mod/desktop/gpg.nix b/mod/desktop/gpg.nix new file mode 100644 index 0000000..21f6e13 --- /dev/null +++ b/mod/desktop/gpg.nix @@ -0,0 +1,33 @@ +{ + config, + lib, + pkgs, + ... +}: +let + cfg = config.desktop.gpg; + inherit (lib) mkEnableOption mkIf; +in +{ + options.desktop.gpg.enable = mkEnableOption "GPG"; + config = mkIf cfg.enable { + home = { + home.packages = with pkgs; [ + seahorse + libsecret + gnome-keyring + ]; + programs.gpg = { + enable = true; + }; + services.gpg-agent = { + enable = true; + enableSshSupport = true; + pinentry.package = pkgs.pinentry-gtk2; + }; + }; + services.gnome.gnome-keyring = { + enable = true; + }; + }; +} diff --git a/mod/desktop/network.nix b/mod/desktop/network.nix new file mode 100644 index 0000000..84f45d5 --- /dev/null +++ b/mod/desktop/network.nix @@ -0,0 +1,87 @@ +{ + host, + var, + config, + lib, + ... +}: +let + cfg = config.desktop.network; + inherit (lib) mkEnableOption mkIf; +in +{ + options.desktop.network = { + enable = mkEnableOption "All Network Options"; + }; + + config = mkIf cfg.enable { + + hardware.bluetooth.enable = true; + systemd.network.wait-online.enable = false; + + services = { + mullvad-vpn.enable = true; + blueman.enable = true; + resolved = { + # TODO: find out why doh breaks moodle... + enable = true; + }; + }; + + networking = { + enableIPv6 = true; + + wireguard.enable = true; + wg-quick = { + interfaces = { + "onet" = { + address = var.wg.wireguard-network.${host}.ips; + privateKeyFile = var.wg.keyFile; + peers = [ (lib.removeAttrs var.wg.wireguard-network."roam" [ "ips" ]) ]; + }; + }; + }; + + networkmanager = { + enable = true; + wifi.macAddress = "random"; + ensureProfiles.profiles = { + "tuda-vpn" = { + connection = { + autoconnect = "false"; + id = "tuda-vpn"; + type = "vpn"; + }; + ipv4 = { + method = "auto"; + }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "auto"; + }; + vpn = { + authtype = "password"; + autoconnect-flags = "0"; + certsigs-flags = "0"; + cookie-flags = "2"; + disable_udp = "no"; + enable_csd_trojan = "no"; + gateway = "vpn.hrz.tu-darmstadt.de"; + gateway-flags = "2"; + gwcert-flags = "2"; + lasthost-flags = "0"; + pem_passphrase_fsid = "no"; + prevent_invalid_cert = "no"; + protocol = "anyconnect"; + resolve-flags = "2"; + service-type = "org.freedesktop.NetworkManager.openconnect"; + stoken_source = "disabled"; + xmlconfig-flags = "0"; + password-flags = 0; + }; + }; + }; + }; + }; + }; +} diff --git a/mod/desktop/services.nix b/mod/desktop/services.nix new file mode 100644 index 0000000..5e95036 --- /dev/null +++ b/mod/desktop/services.nix @@ -0,0 +1,49 @@ +{ + pkgs, + lib, + config, + ... +}: +let + cfg = config.desktop.services; + inherit (lib) mkEnableOption mkIf; +in +{ + options.desktop.services.enable = mkEnableOption "Services"; + + config = mkIf cfg.enable { + services = { + printing.enable = true; + avahi = { + enable = true; + nssmdns4 = true; + openFirewall = true; + }; + udisks2.enable = true; + emacs.enable = true; + }; + + home.services.protonmail-bridge = { + enable = true; + path = with pkgs; [ + pass + gnome-keyring + ]; + }; + + home.services.unison' = { + # TODO: parameterize + enable = true; + pairs = { + "docs".roots = [ + "/home/hd/Documents" + "ssh://roam//home/hd/Documents" + ]; + "desktop".roots = [ + "/home/hd/Desktop" + "ssh://roam//home/hd/Desktop" + ]; + }; + }; + }; +} diff --git a/mod/desktop/software/default.nix b/mod/desktop/software/default.nix new file mode 100644 index 0000000..5aaa304 --- /dev/null +++ b/mod/desktop/software/default.nix @@ -0,0 +1,59 @@ +{ + config, + lib, + pkgs, + ... +}: +let + cfg = config.desktop.software; + inherit (lib) mkEnableOption mkIf; +in +{ + imports = [ ./development.nix ]; + + options.desktop.software.enable = mkEnableOption "Software"; + + config = mkIf cfg.enable { + desktop.software.development.enable = true; + + environment.systemPackages = with pkgs; [ + bitwarden + calibre + element-desktop + kitty + nil + obsidian + signal-desktop + spotify + tor-browser + vesktop + vlc + wireguard-tools + zotero + zulip + ]; + + virtualisation = { + docker.enable = true; + }; + + programs = { + firefox.enable = true; + kdeconnect.enable = true; + }; + + home = { + programs.thunderbird = { + enable = true; + package = pkgs.thunderbird-latest; + profiles.default = { + isDefault = true; + withExternalGnupg = true; + }; + }; + }; + + # Some excludes + services.xserver.excludePackages = [ pkgs.xterm ]; + }; +} diff --git a/mod/desktop/software/development.nix b/mod/desktop/software/development.nix new file mode 100644 index 0000000..24a4759 --- /dev/null +++ b/mod/desktop/software/development.nix @@ -0,0 +1,35 @@ +{ + config, + pkgs, + lib, + ... +}: +let + cfg = config.desktop.software.development; + inherit (lib) mkEnableOption mkIf; +in +{ + options.desktop.software.development.enable = mkEnableOption "Dev Software"; + + config = mkIf cfg.enable { + documentation.dev.enable = true; + + environment.systemPackages = with pkgs; [ + vscode + binutils + clang + gcc + gdb + gnumake + man-pages + man-pages-posix + nixfmt-rfc-style + python313 + python313Packages.mypy + rustup + emacs + jetbrains.gateway + jetbrains.rust-rover + ]; + }; +} diff --git a/mod/desktop/window-manager.nix b/mod/desktop/window-manager.nix new file mode 100644 index 0000000..9a9531a --- /dev/null +++ b/mod/desktop/window-manager.nix @@ -0,0 +1,22 @@ +{ + pkgs, + config, + lib, + ... +}: +let + cfg = config.desktop.wm; + inherit (lib) mkEnableOption mkIf; +in +{ + options.desktop.wm.enable = mkEnableOption "Window Manager"; + + config = mkIf cfg.enable { + # Enable the KDE Plasma Desktop Environment. + services.displayManager.sddm = { + enable = true; + wayland.enable = true; + }; + services.desktopManager.plasma6.enable = true; + }; +} diff --git a/pc/audio.nix b/pc/audio.nix deleted file mode 100644 index 8b99a64..0000000 --- a/pc/audio.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ - pavucontrol - alsa-utils - ]; - - services.pulseaudio.enable = false; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; -} diff --git a/pc/default.nix b/pc/default.nix deleted file mode 100644 index 38110fa..0000000 --- a/pc/default.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - inputs, - lib, - config, - ... -}: -{ - imports = [ - ./audio.nix - ./fonts.nix - ./gpg.nix - ./home-manager.nix - ./network.nix - ./nix.nix - ./security.nix - ./services.nix - ./software - ./sync.nix - inputs.nixos-config-hidden.nixosModules.pc - ]; -} diff --git a/pc/fonts.nix b/pc/fonts.nix deleted file mode 100644 index c9fbe42..0000000 --- a/pc/fonts.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ pkgs, ... }: -{ - fonts = { - packages = with pkgs; [ - noto-fonts - noto-fonts-cjk-sans - noto-fonts-emoji - nerd-fonts.noto - ]; - fontDir.enable = true; - fontconfig.defaultFonts.monospace = [ "Noto Nerd Font Mono" ]; - }; -} diff --git a/pc/gpg.nix b/pc/gpg.nix deleted file mode 100644 index cd5a057..0000000 --- a/pc/gpg.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ pkgs, ... }: -{ - home = { - home.packages = with pkgs; [ - seahorse - libsecret - gnome-keyring - ]; - programs.gpg = { - enable = true; - }; - services.gpg-agent = { - enable = true; - enableSshSupport = true; - pinentry.package = pkgs.pinentry-gtk2; - }; - }; - services.gnome.gnome-keyring = { - enable = true; - }; -} diff --git a/pc/home-manager.nix b/pc/home-manager.nix deleted file mode 100644 index 8c62aa9..0000000 --- a/pc/home-manager.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - inputs, - lib, - options, - config, - ... -}: -{ - options.home = lib.mkOption { - type = lib.types.attrsOf lib.types.str; - default = { }; - description = "home-manager configuration."; - }; - - imports = [ - inputs.home-manager.nixosModules.home-manager - { - home-manager.users."hd" = lib.mkAliasDefinitions options.home; - # install to /etc/profiles, not ~/.nix-profile - home-manager.useUserPackages = true; - # dont use home.nixpkgs - home-manager.useGlobalPkgs = true; - } - ]; - - config = { - home = { - home.stateVersion = config.system.stateVersion; - imports = [ ../mod-hm ]; - }; - }; -} diff --git a/pc/network.nix b/pc/network.nix deleted file mode 100644 index 01a04e8..0000000 --- a/pc/network.nix +++ /dev/null @@ -1,75 +0,0 @@ -{ - host, - var, - lib, - ... -}: -{ - hardware.bluetooth.enable = true; - systemd.network.wait-online.enable = false; - - services = { - mullvad-vpn.enable = true; - blueman.enable = true; - resolved = { - # TODO: find out why doh breaks moodle... - enable = true; - }; - }; - - networking = { - enableIPv6 = true; - - wireguard.enable = true; - wg-quick = { - interfaces = { - "onet" = { - address = var.wg.wireguard-network.${host}.ips; - privateKeyFile = var.wg.keyFile; - peers = [ (lib.removeAttrs var.wg.wireguard-network."roam" [ "ips" ]) ]; - }; - }; - }; - - networkmanager = { - enable = true; - wifi.macAddress = "random"; - ensureProfiles.profiles = { - "tuda-vpn" = { - connection = { - autoconnect = "false"; - id = "tuda-vpn"; - type = "vpn"; - }; - ipv4 = { - method = "auto"; - }; - ipv6 = { - addr-gen-mode = "stable-privacy"; - method = "auto"; - }; - vpn = { - authtype = "password"; - autoconnect-flags = "0"; - certsigs-flags = "0"; - cookie-flags = "2"; - disable_udp = "no"; - enable_csd_trojan = "no"; - gateway = "vpn.hrz.tu-darmstadt.de"; - gateway-flags = "2"; - gwcert-flags = "2"; - lasthost-flags = "0"; - pem_passphrase_fsid = "no"; - prevent_invalid_cert = "no"; - protocol = "anyconnect"; - resolve-flags = "2"; - service-type = "org.freedesktop.NetworkManager.openconnect"; - stoken_source = "disabled"; - xmlconfig-flags = "0"; - password-flags = 0; - }; - }; - }; - }; - }; -} diff --git a/pc/nix.nix b/pc/nix.nix deleted file mode 100644 index 29847dc..0000000 --- a/pc/nix.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ lib, ... }: -{ - nixpkgs.config.allowUnfreePredicate = - pkg: - builtins.elem (lib.getName pkg) [ - "nvidia-x11" - "nvidia-settings" - "vscode" - "obsidian" - "steam" - "steam-unwrapped" - "gateway" # jetbrains - "spotify" - "rust-rover" - ]; - - programs.nix-ld.enable = true; -} diff --git a/pc/security.nix b/pc/security.nix deleted file mode 100644 index dd95a5c..0000000 --- a/pc/security.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - security.protectKernelImage = true; -} diff --git a/pc/services.nix b/pc/services.nix deleted file mode 100644 index c45b95b..0000000 --- a/pc/services.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ pkgs, ... }: -{ - services = { - printing.enable = true; - avahi = { - enable = true; - nssmdns4 = true; - openFirewall = true; - }; - udisks2.enable = true; - emacs.enable = true; - }; - - home.services.protonmail-bridge = { - enable = true; - path = with pkgs; [ - pass - gnome-keyring - ]; - }; -} diff --git a/pc/software/default.nix b/pc/software/default.nix deleted file mode 100644 index 652ceea..0000000 --- a/pc/software/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ ... }: -{ - imports = [ - ./development.nix - ./editors.nix - ./programs.nix - ./window-manager.nix - ]; -} diff --git a/pc/software/development.nix b/pc/software/development.nix deleted file mode 100644 index 0db1648..0000000 --- a/pc/software/development.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ pkgs, ... }: -{ - documentation.dev.enable = true; - - environment.systemPackages = with pkgs; [ - rustup - python313 - python313Packages.mypy - gcc - clang - gdb - gnumake - binutils - nixfmt-rfc-style - man-pages - man-pages-posix - ]; -} diff --git a/pc/software/editors.nix b/pc/software/editors.nix deleted file mode 100644 index e550b35..0000000 --- a/pc/software/editors.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ - vscode - emacs - jetbrains.gateway - jetbrains.rust-rover - ]; -} diff --git a/pc/software/programs.nix b/pc/software/programs.nix deleted file mode 100644 index c38bfca..0000000 --- a/pc/software/programs.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ - bitwarden - calibre - element-desktop - kitty - nil - obsidian - signal-desktop - spotify - vesktop - vlc - wireguard-tools - zotero - zulip - ]; - - virtualisation = { - docker.enable = true; - }; - - programs = { - firefox.enable = true; - kdeconnect.enable = true; - }; - - home = { - programs.thunderbird = { - enable = true; - package = pkgs.thunderbird-latest; - profiles.default = { - isDefault = true; - withExternalGnupg = true; - }; - }; - }; - - # Some excludes - services.xserver.excludePackages = [ pkgs.xterm ]; -} diff --git a/pc/software/window-manager.nix b/pc/software/window-manager.nix deleted file mode 100644 index 6cf6e43..0000000 --- a/pc/software/window-manager.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ pkgs, ... }: -{ - # Enable the KDE Plasma Desktop Environment. - services.displayManager.sddm = { - enable = true; - wayland.enable = true; - }; - services.desktopManager.plasma6.enable = true; -} diff --git a/pc/sync.nix b/pc/sync.nix deleted file mode 100644 index 336fc6d..0000000 --- a/pc/sync.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ pkgs, ... }: -{ - home.services.unison' = { - enable = true; - pairs = { - "docs".roots = [ - "/home/hd/Documents" - "ssh://roam//home/hd/Documents" - ]; - "desktop".roots = [ - "/home/hd/Desktop" - "ssh://roam//home/hd/Desktop" - ]; - }; - }; -}