dotfiles/system/modules/common.nix

225 lines
7.2 KiB
Nix
Raw Normal View History

2023-05-13 20:32:35 +07:00
{ lib
, pkgs
, config
2023-12-18 08:48:49 +07:00
, inputs
2023-05-13 20:32:35 +07:00
, ... }:
let
# force some defaults even if they were set with mkDefault already...
mkForceDefault = lib.mkOverride 999;
2023-12-18 08:48:49 +07:00
cfg = config.common;
in {
2023-05-13 20:32:35 +07:00
options.common = with lib; mkOption {
type = types.submodule {
options = {
minimal = mkOption {
2023-05-13 20:32:35 +07:00
type = types.bool;
default = true;
description = "whether this is a minimal (no DE/WM) system";
2023-05-13 20:32:35 +07:00
};
mainUsername = mkOption {
type = types.str;
default = "user";
description = "main user's username";
};
gettyAutologin = mkOption {
type = types.bool;
default = false;
description = "make getty autologin to the main user";
};
2023-05-17 07:16:03 +07:00
resolution = mkOption {
type = with types; nullOr str;
default = null;
description = "resolution (none/1280x720/1920x1080)";
};
2023-05-13 20:32:35 +07:00
};
};
default = { };
};
2023-12-18 08:48:49 +07:00
config = lib.mkMerge [
{
2023-05-13 20:32:35 +07:00
nix = {
# nix.channel.enable is needed for NIX_PATH to work for some reason
# channel.enable = false;
2023-05-13 20:32:35 +07:00
settings = {
allowed-users = [ cfg.mainUsername ];
auto-optimise-store = true;
use-xdg-base-directories = true;
experimental-features = [
"ca-derivations"
"flakes"
"nix-command"
"no-url-literals"
"repl-flake"
];
2023-05-13 20:32:35 +07:00
};
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
package = pkgs.nixForNixPlugins;
2023-12-18 08:48:49 +07:00
extraOptions = ''
plugin-files = ${pkgs.nix-plugins.override { nix = config.nix.package; }}/lib/nix/plugins/libnix-extra-builtins.so
'';
2023-05-13 20:32:35 +07:00
};
systemd.services.nix-daemon.serviceConfig.LimitSTACKSoft = "infinity";
nix.daemonCPUSchedPolicy = lib.mkDefault "idle";
nix.daemonIOSchedClass = lib.mkDefault "idle";
2023-12-18 08:48:49 +07:00
# registry is used for the new flaky nix command
nix.registry =
builtins.mapAttrs
(_: v: { flake = v; })
(lib.filterAttrs (_: v: v?outputs) inputs);
# add import'able flake inputs (like nixpkgs) to nix path
# nix path is used for old nix commands (like nix-build, nix-shell)
environment.etc = lib.mapAttrs'
(name: value: {
name = "nix/inputs/${name}";
2023-12-19 11:12:34 +07:00
value.source = value.outPath or "${value}";
2023-12-18 08:48:49 +07:00
})
(lib.filterAttrs (_: v: builtins.pathExists "${v}/default.nix") inputs);
nix.nixPath = [ "/etc/nix/inputs" ];
2023-05-17 07:16:03 +07:00
boot.kernelParams = lib.optionals (cfg.resolution != null) [
2023-05-13 20:32:35 +07:00
"consoleblank=60"
2023-12-18 08:48:49 +07:00
] ++ lib.optionals (cfg.resolution == "1920x1080") [
2023-05-17 07:16:03 +07:00
"fbcon=font:TER16x32"
2023-12-18 08:48:49 +07:00
];
console.font =
lib.mkIf (cfg.resolution == "1920x1080" || cfg.resolution == "1366x768") {
"1920x1080" = "${pkgs.terminus_font}/share/consolefonts/ter-v32n.psf.gz";
"1366x768" = "${pkgs.terminus_font}/share/consolefonts/ter-v24n.psf.gz";
}.${cfg.resolution};
2023-05-17 07:16:03 +07:00
boot.loader.grub = lib.mkIf (cfg.resolution != null) {
gfxmodeEfi = cfg.resolution;
gfxmodeBios = cfg.resolution;
};
2023-05-13 20:32:35 +07:00
networking.usePredictableInterfaceNames = lib.mkDefault true;
2023-05-13 20:32:35 +07:00
hardware.enableRedistributableFirmware = true;
services.openssh.settings.PasswordAuthentication = false;
2023-12-18 08:48:49 +07:00
2023-05-13 20:32:35 +07:00
services.tlp.settings.USB_EXCLUDE_PHONE = 1;
services.tlp.settings.START_CHARGE_THRESH_BAT0 = 75;
services.tlp.settings.STOP_CHARGE_THRESH_BAT0 = 80;
2023-12-18 08:48:49 +07:00
2023-05-13 20:32:35 +07:00
i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
i18n.supportedLocales = lib.mkDefault [
"C.UTF-8/UTF-8"
"en_US.UTF-8/UTF-8"
"en_DK.UTF-8/UTF-8"
];
# ISO-8601
i18n.extraLocaleSettings.LC_TIME = "en_DK.UTF-8";
2023-12-18 08:48:49 +07:00
environment.systemPackages = with pkgs; [
bottom
2023-05-13 20:32:35 +07:00
git
2023-12-19 11:12:34 +07:00
rsync
tmux
2023-12-19 11:12:34 +07:00
wget
kitty.terminfo
2023-12-24 14:27:43 +07:00
foot.terminfo
2023-12-19 11:12:34 +07:00
# rxvt-unicode-unwrapped.terminfo
2023-12-18 08:48:49 +07:00
];
programs.fish.enable = true;
users.users.${cfg.mainUsername} = {
uid = 1000;
isNormalUser = true;
extraGroups = [ "wheel" ];
};
# nixos-hardware uses mkDefault here, so we use slightly higher priority
2024-05-17 19:38:57 +07:00
services.libinput.enable = mkForceDefault (!cfg.minimal);
2023-12-18 08:48:49 +07:00
programs.fuse.userAllowOther = true;
# autologin once after boot
# --skip-login means directly call login instead of first asking for username
# (normally login asks for username too, but getty prefers to do it by itself for whatever reason)
services.getty.extraArgs = lib.mkIf cfg.gettyAutologin [ "--skip-login" ];
services.getty.loginProgram = lib.mkIf cfg.gettyAutologin (let
lockfile = "/tmp/login-once.lock";
in with pkgs; writeShellScript "login-once" ''
if [ -f '${lockfile}' ]; then
exec ${shadow}/bin/login $@
else
${coreutils}/bin/touch '${lockfile}'
exec ${shadow}/bin/login -f user
fi
'');
}
(lib.mkIf cfg.minimal {
programs.fish.interactiveShellInit = ''
set -gx SHELL ${pkgs.zsh}/bin/zsh
set -g fish_color_autosuggestion 777 brblack
set -g fish_color_command green
set -g fish_color_operator white
set -g fish_color_param white
set -g fish_key_bindings fish_vi_key_bindings
set -g fish_cursor_insert line
set -g fish_cursor_replace underscore
'';
2023-12-18 08:48:49 +07:00
# this is supposed to default to false, but it doesn't because of nixos fish module
documentation.man.generateCaches = mkForceDefault false;
# we don't need stuff like html files (NixOS manual and so on) on minimal machines
documentation.doc.enable = lib.mkDefault false;
# conflicts with bash module's mkDefault
# only override on minimal systems because on non-minimal systems
# my fish config doesn't work well in fb/drm console
users.defaultUserShell = lib.mkIf cfg.minimal (mkForceDefault pkgs.fish);
programs.vim = {
2024-08-15 09:06:06 +07:00
enable = lib.mkDefault true;
defaultEditor = lib.mkDefault config.programs.vim.enable;
package = pkgs.vim-full.customize {
vimrcConfig.customRC = ''
syntax on
au FileType markdown set colorcolumn=73 textwidth=72
au FileType gitcommit set colorcolumn=73
au BufReadPre * set foldmethod=syntax
au BufReadPost * folddoc foldopen!
autocmd BufReadPost * if @% !~# '\.git[\/\\]COMMIT_EDITMSG$' && line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g`\"" | endif
'';
vimrcConfig.packages.myVimPackage = with pkgs.vimPlugins; {
start = [ vim-sleuth ];
};
};
};
2023-12-18 08:48:49 +07:00
})
(lib.mkIf (!cfg.minimal) {
2024-05-17 19:38:57 +07:00
environment.systemPackages = with pkgs; [
unixtools.xxd
];
2023-12-22 19:22:17 +07:00
hardware.pulseaudio.enable = false;
2023-12-18 08:48:49 +07:00
services.pipewire = {
2023-12-22 19:22:17 +07:00
enable = lib.mkDefault true;
2023-12-18 08:48:49 +07:00
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
2023-05-13 20:32:35 +07:00
};
2023-12-18 08:48:49 +07:00
security.polkit.enable = true;
security.rtkit.enable = true;
services.dbus.enable = true;
2023-12-24 14:27:43 +07:00
programs.dconf.enable = true;
2024-08-15 00:55:59 +07:00
nix.settings = {
netrc-file = "/secrets/netrc";
substituters = [
"https://binarycache.pavluk.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"binarycache.pavluk.org:Vk0ms/vSqoOV2JXeNVOroc8EfilgVxCCUtpCShGIKsQ="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
];
};
2023-12-18 08:48:49 +07:00
})
];
2023-05-13 20:32:35 +07:00
}