mirror of
https://github.com/Swarsel/.dotfiles.git
synced 2025-12-06 09:07:21 +01:00
WIP share configuraton between nixos / homemanager
This commit is contained in:
Leon Schwarzäugl
parent
641a0cd84d
commit
a1617e71bd
GPG key ID:
26A54C31F2A4FD84
165 changed files with 994 additions and 1032 deletions
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.appimage = lib.mkEnableOption "appimage config";
|
||||
config = lib.mkIf config.swarselsystems.modules.appimage {
|
||||
options.swarselmodules.appimage = lib.mkEnableOption "appimage config";
|
||||
config = lib.mkIf config.swarselmodules.appimage {
|
||||
programs.appimage = {
|
||||
enable = true;
|
||||
binfmt = true;
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@ let
|
|||
inherit (config.swarselsystems) mainUser;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.autologin = lib.mkEnableOption "optional autologin settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.autologin {
|
||||
options.swarselmodules.autologin = lib.mkEnableOption "optional autologin settings";
|
||||
config = lib.mkIf config.swarselmodules.autologin {
|
||||
services = {
|
||||
getty.autologinUser = mainUser;
|
||||
greetd.settings.initial_session.user = mainUser;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.blueman = lib.mkEnableOption "blueman config";
|
||||
config = lib.mkIf config.swarselsystems.modules.blueman {
|
||||
options.swarselmodules.blueman = lib.mkEnableOption "blueman config";
|
||||
config = lib.mkIf config.swarselmodules.blueman {
|
||||
services.blueman.enable = true;
|
||||
services.hardware.bolt.enable = true;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.distrobox = lib.mkEnableOption "distrobox config";
|
||||
config = lib.mkIf config.swarselsystems.modules.distrobox {
|
||||
options.swarselmodules.distrobox = lib.mkEnableOption "distrobox config";
|
||||
config = lib.mkIf config.swarselmodules.distrobox {
|
||||
environment.systemPackages = with pkgs; [
|
||||
distrobox
|
||||
boxbuddy
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.env = lib.mkEnableOption "environment config";
|
||||
config = lib.mkIf config.swarselsystems.modules.env {
|
||||
options.swarselmodules.env = lib.mkEnableOption "environment config";
|
||||
config = lib.mkIf config.swarselmodules.env {
|
||||
|
||||
environment = {
|
||||
wordlist.enable = true;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.gnome-keyring = lib.mkEnableOption "gnome-keyring config";
|
||||
config = lib.mkIf config.swarselsystems.modules.gnome-keyring {
|
||||
options.swarselmodules.gnome-keyring = lib.mkEnableOption "gnome-keyring config";
|
||||
config = lib.mkIf config.swarselmodules.gnome-keyring {
|
||||
services.gnome.gnome-keyring = {
|
||||
enable = true;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.gvfs = lib.mkEnableOption "gvfs config for nautilus";
|
||||
config = lib.mkIf config.swarselsystems.modules.gvfs {
|
||||
options.swarselmodules.gvfs = lib.mkEnableOption "gvfs config for nautilus";
|
||||
config = lib.mkIf config.swarselmodules.gvfs {
|
||||
services.gvfs.enable = true;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
{
|
||||
|
||||
options.swarselmodules.hardware = lib.mkEnableOption "hardware config";
|
||||
options.swarselsystems = {
|
||||
modules.hardware = lib.mkEnableOption "hardware config";
|
||||
hasBluetooth = lib.mkEnableOption "bluetooth availability";
|
||||
hasFingerprint = lib.mkEnableOption "fingerprint sensor availability";
|
||||
trackpoint = {
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
config = lib.mkIf config.swarselsystems.modules.hardware {
|
||||
config = lib.mkIf config.swarselmodules.hardware {
|
||||
hardware = {
|
||||
# opengl.driSupport32Bit = true is replaced with graphics.enable32Bit and hence redundant
|
||||
graphics = {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.keyboards = lib.mkEnableOption "keyboards config";
|
||||
config = lib.mkIf config.swarselsystems.modules.keyboards {
|
||||
options.swarselmodules.keyboards = lib.mkEnableOption "keyboards config";
|
||||
config = lib.mkIf config.swarselmodules.keyboards {
|
||||
services.udev.packages = with pkgs; [
|
||||
qmk-udev-rules
|
||||
vial
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.ledger = lib.mkEnableOption "ledger config";
|
||||
config = lib.mkIf config.swarselsystems.modules.ledger {
|
||||
options.swarselmodules.ledger = lib.mkEnableOption "ledger config";
|
||||
config = lib.mkIf config.swarselmodules.ledger {
|
||||
hardware.ledger.enable = true;
|
||||
|
||||
services.udev.packages = with pkgs; [
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@ let
|
|||
inherit (config.repo.secrets.common.yubikeys) cfg1 cfg2;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.yubikey = lib.mkEnableOption "yubikey config";
|
||||
config = lib.mkIf config.swarselsystems.modules.yubikey {
|
||||
options.swarselmodules.yubikey = lib.mkEnableOption "yubikey config";
|
||||
config = lib.mkIf config.swarselmodules.yubikey {
|
||||
programs.ssh.startAgent = false;
|
||||
|
||||
services.pcscd.enable = false;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.interceptionTools = lib.mkEnableOption "interception tools config";
|
||||
config = lib.mkIf config.swarselsystems.modules.interceptionTools {
|
||||
options.swarselmodules.interceptionTools = lib.mkEnableOption "interception tools config";
|
||||
config = lib.mkIf config.swarselmodules.interceptionTools {
|
||||
# Make CAPS work as a dual function ESC/CTRL key
|
||||
services.interception-tools = {
|
||||
enable = true;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.lid = lib.mkEnableOption "lid config";
|
||||
config = lib.mkIf config.swarselsystems.modules.lid {
|
||||
options.swarselmodules.lid = lib.mkEnableOption "lid config";
|
||||
config = lib.mkIf config.swarselmodules.lid {
|
||||
services.logind = {
|
||||
lidSwitch = "suspend";
|
||||
lidSwitchDocked = "ignore";
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.login = lib.mkEnableOption "login config";
|
||||
config = lib.mkIf config.swarselsystems.modules.login {
|
||||
options.swarselmodules.login = lib.mkEnableOption "login config";
|
||||
config = lib.mkIf config.swarselmodules.login {
|
||||
services.greetd = {
|
||||
enable = true;
|
||||
settings = {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.lowBattery = lib.mkEnableOption "low battery notification config";
|
||||
config = lib.mkIf config.swarselsystems.modules.lowBattery {
|
||||
options.swarselmodules.lowBattery = lib.mkEnableOption "low battery notification config";
|
||||
config = lib.mkIf config.swarselmodules.lowBattery {
|
||||
systemd.user.services."battery-low" = {
|
||||
enable = true;
|
||||
description = "Timer for battery check that alerts at 10% or less";
|
||||
|
|
|
|||
|
|
@ -10,10 +10,10 @@ let
|
|||
in
|
||||
{
|
||||
options.swarselsystems = {
|
||||
modules.network = lib.mkEnableOption "network config";
|
||||
firewall = lib.swarselsystems.mkTrueOption;
|
||||
};
|
||||
config = lib.mkIf config.swarselsystems.modules.network {
|
||||
options.swarselmodules.network = lib.mkEnableOption "network config";
|
||||
config = lib.mkIf config.swarselmodules.network {
|
||||
|
||||
sops = {
|
||||
secrets = lib.mkIf (!config.swarselsystems.isPublic) {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.networkDevices = lib.mkEnableOption "network device config";
|
||||
config = lib.mkIf config.swarselsystems.modules.networkDevices {
|
||||
options.swarselmodules.networkDevices = lib.mkEnableOption "network device config";
|
||||
config = lib.mkIf config.swarselmodules.networkDevices {
|
||||
# enable scanners over network
|
||||
hardware.sane = {
|
||||
enable = true;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.nix-ld = lib.mkEnableOption "nix-ld config";
|
||||
config = lib.mkIf config.swarselsystems.modules.nix-ld {
|
||||
options.swarselmodules.nix-ld = lib.mkEnableOption "nix-ld config";
|
||||
config = lib.mkIf config.swarselmodules.nix-ld {
|
||||
programs.nix-ld = {
|
||||
enable = true;
|
||||
libraries = with pkgs; [
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.nvd = lib.mkEnableOption "nvd config";
|
||||
config = lib.mkIf config.swarselsystems.modules.nvd {
|
||||
options.swarselmodules.nvd = lib.mkEnableOption "nvd config";
|
||||
config = lib.mkIf config.swarselmodules.nvd {
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.nvd
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, minimal, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.packages = lib.mkEnableOption "install packages";
|
||||
config = lib.mkIf config.swarselsystems.modules.packages {
|
||||
options.swarselmodules.packages = lib.mkEnableOption "install packages";
|
||||
config = lib.mkIf config.swarselmodules.packages {
|
||||
|
||||
environment.systemPackages = with pkgs; lib.optionals (!minimal) [
|
||||
# yubikey packages
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.pipewire = lib.mkEnableOption "pipewire config";
|
||||
config = lib.mkIf config.swarselsystems.modules.pipewire {
|
||||
options.swarselmodules.pipewire = lib.mkEnableOption "pipewire config";
|
||||
config = lib.mkIf config.swarselmodules.pipewire {
|
||||
security.rtkit.enable = true; # this is required for pipewire real-time access
|
||||
|
||||
services.pipewire = {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, minimal, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.security = lib.mkEnableOption "security config";
|
||||
config = lib.mkIf config.swarselsystems.modules.security {
|
||||
options.swarselmodules.security = lib.mkEnableOption "security config";
|
||||
config = lib.mkIf config.swarselmodules.security {
|
||||
|
||||
security = {
|
||||
pam.services = lib.mkIf (!minimal) {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.ppd = lib.mkEnableOption "power profiles daemon config";
|
||||
config = lib.mkIf config.swarselsystems.modules.ppd {
|
||||
options.swarselmodules.ppd = lib.mkEnableOption "power profiles daemon config";
|
||||
config = lib.mkIf config.swarselmodules.ppd {
|
||||
services.power-profiles-daemon.enable = true;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.programs = lib.mkEnableOption "small program modules config";
|
||||
config = lib.mkIf config.swarselsystems.modules.programs {
|
||||
options.swarselmodules.programs = lib.mkEnableOption "small program modules config";
|
||||
config = lib.mkIf config.swarselmodules.programs {
|
||||
programs = {
|
||||
dconf.enable = true;
|
||||
evince.enable = true;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ config, pkgs, lib, ... }: {
|
||||
|
||||
options.swarselsystems.modules.pulseaudio = lib.mkEnableOption "pulseaudio config";
|
||||
config = lib.mkIf config.swarselsystems.modules.pulseaudio {
|
||||
options.swarselmodules.pulseaudio = lib.mkEnableOption "pulseaudio config";
|
||||
config = lib.mkIf config.swarselmodules.pulseaudio {
|
||||
services.pulseaudio = {
|
||||
enable = lib.mkIf (!config.services.pipewire.enable) true;
|
||||
package = pkgs.pulseaudioFull;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.sops = lib.mkEnableOption "sops config";
|
||||
config = lib.mkIf config.swarselsystems.modules.sops {
|
||||
options.swarselmodules.sops = lib.mkEnableOption "sops config";
|
||||
config = lib.mkIf config.swarselmodules.sops {
|
||||
sops = {
|
||||
|
||||
# age.sshKeyPaths = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" "/persist/.ssh/ssh_host_ed25519_key" ] [ "${config.swarselsystems.homeDir}/.ssh/sops" "/etc/ssh/sops" "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
{ self, lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.stylix = lib.mkEnableOption "stylix config";
|
||||
options.swarselmodules.stylix = lib.mkEnableOption "stylix config";
|
||||
config = {
|
||||
stylix = {
|
||||
enable = true;
|
||||
base16Scheme = "${self}/files/stylix/swarsel.yaml";
|
||||
} // lib.optionalAttrs config.swarselsystems.modules.stylix
|
||||
} // lib.optionalAttrs config.swarselmodules.stylix
|
||||
(lib.recursiveUpdate
|
||||
{
|
||||
targets.grub.enable = false; # the styling makes grub more ugly
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.sway = lib.mkEnableOption "sway config";
|
||||
config = lib.mkIf config.swarselsystems.modules.sway {
|
||||
options.swarselmodules.sway = lib.mkEnableOption "sway config";
|
||||
config = lib.mkIf config.swarselmodules.sway {
|
||||
programs.sway = {
|
||||
enable = true;
|
||||
package = pkgs.dev.swayfx;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, pkgs, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.swayosd = lib.mkEnableOption "swayosd settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.swayosd {
|
||||
options.swarselmodules.swayosd = lib.mkEnableOption "swayosd settings";
|
||||
config = lib.mkIf config.swarselmodules.swayosd {
|
||||
environment.systemPackages = [ pkgs.dev.swayosd ];
|
||||
services.udev.packages = [ pkgs.dev.swayosd ];
|
||||
systemd.services.swayosd-libinput-backend = {
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@ let
|
|||
inherit (config.swarselsystems) mainUser homeDir;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.syncthing = lib.mkEnableOption "syncthing config";
|
||||
config = lib.mkIf config.swarselsystems.modules.syncthing {
|
||||
options.swarselmodules.syncthing = lib.mkEnableOption "syncthing config";
|
||||
config = lib.mkIf config.swarselmodules.syncthing {
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
package = pkgs.stable.syncthing;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.systemdTimeout = lib.mkEnableOption "systemd timeout config";
|
||||
config = lib.mkIf config.swarselsystems.modules.systemdTimeout {
|
||||
options.swarselmodules.systemdTimeout = lib.mkEnableOption "systemd timeout config";
|
||||
config = lib.mkIf config.swarselmodules.systemdTimeout {
|
||||
# systemd
|
||||
systemd.extraConfig = ''
|
||||
DefaultTimeoutStartSec=60s
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.xdg-portal = lib.mkEnableOption "xdg portal config";
|
||||
config = lib.mkIf config.swarselsystems.modules.xdg-portal {
|
||||
options.swarselmodules.xdg-portal = lib.mkEnableOption "xdg portal config";
|
||||
config = lib.mkIf config.swarselmodules.xdg-portal {
|
||||
xdg.portal = {
|
||||
enable = true;
|
||||
config = {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.zsh = lib.mkEnableOption "zsh base config";
|
||||
config = lib.mkIf config.swarselsystems.modules.zsh {
|
||||
options.swarselmodules.zsh = lib.mkEnableOption "zsh base config";
|
||||
config = lib.mkIf config.swarselmodules.zsh {
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
enableCompletion = false;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ self, inputs, config, lib, outputs, globals, nodes, minimal, configName, ... }:
|
||||
{ self, inputs, config, lib, outputs, globals, options, nodes, minimal, configName, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.home-manager = lib.mkEnableOption "home-manager";
|
||||
config = lib.mkIf config.swarselsystems.modules.home-manager {
|
||||
options.swarselmodules.home-manager = lib.mkEnableOption "home-manager";
|
||||
config = lib.mkIf config.swarselmodules.home-manager {
|
||||
home-manager = lib.mkIf config.swarselsystems.withHomeManager {
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@ let
|
|||
inherit (config.swarselsystems) isImpermanence isCrypted;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.impermanence = lib.mkEnableOption "impermanence config";
|
||||
config = lib.mkIf config.swarselsystems.modules.impermanence {
|
||||
options.swarselmodules.impermanence = lib.mkEnableOption "impermanence config";
|
||||
config = lib.mkIf config.swarselmodules.impermanence {
|
||||
|
||||
|
||||
security.sudo.extraConfig = lib.mkIf isImpermanence ''
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, pkgs, config, minimal, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.lanzaboote = lib.mkEnableOption "lanzaboote config";
|
||||
config = lib.mkIf config.swarselsystems.modules.lanzaboote {
|
||||
options.swarselmodules.lanzaboote = lib.mkEnableOption "lanzaboote config";
|
||||
config = lib.mkIf config.swarselmodules.lanzaboote {
|
||||
|
||||
environment.systemPackages = lib.mkIf config.swarselsystems.isSecureBoot [
|
||||
pkgs.sbctl
|
||||
|
|
|
|||
|
|
@ -58,9 +58,9 @@ in
|
|||
description = "Exposes the loaded repo secrets. This option is read-only.";
|
||||
};
|
||||
};
|
||||
swarselsystems.modules.pii = lib.mkEnableOption "enable pii management";
|
||||
swarselmodules.pii = lib.mkEnableOption "enable pii management";
|
||||
};
|
||||
config = lib.mkIf config.swarselsystems.modules.pii {
|
||||
config = lib.mkIf config.swarselmodules.pii {
|
||||
repo.secretFiles =
|
||||
let
|
||||
local = config.node.secretsDir + "/pii.nix.enc";
|
||||
|
|
|
|||
|
|
@ -52,8 +52,8 @@ let
|
|||
};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.general = lib.mkEnableOption "general nix settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.general
|
||||
options.swarselmodules.general = lib.mkEnableOption "general nix settings";
|
||||
config = lib.mkIf config.swarselmodules.general
|
||||
(lib.recursiveUpdate
|
||||
{
|
||||
sops.secrets.github-api-token = lib.mkIf (!minimal) {
|
||||
|
|
|
|||
|
|
@ -1,27 +0,0 @@
|
|||
{ lib, ... }:
|
||||
{
|
||||
options = {
|
||||
swarselsystems = {
|
||||
withHomeManager = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
};
|
||||
isSwap = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
};
|
||||
swapSize = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "8G";
|
||||
};
|
||||
rootDisk = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "";
|
||||
};
|
||||
isCrypted = lib.mkEnableOption "uses full disk encryption";
|
||||
|
||||
isImpermanence = lib.mkEnableOption "use impermanence on this system";
|
||||
isSecureBoot = lib.mkEnableOption "use secure boot on this system";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.time = lib.mkEnableOption "time config";
|
||||
config = lib.mkIf config.swarselsystems.modules.time {
|
||||
options.swarselmodules.time = lib.mkEnableOption "time config";
|
||||
config = lib.mkIf config.swarselmodules.time {
|
||||
time = {
|
||||
timeZone = "Europe/Vienna";
|
||||
# hardwareClockInLocalTime = true;
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@ let
|
|||
sopsFile = self + /secrets/general/secrets.yaml;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.users = lib.mkEnableOption "user config";
|
||||
config = lib.mkIf config.swarselsystems.modules.users {
|
||||
options.swarselmodules.users = lib.mkEnableOption "user config";
|
||||
config = lib.mkIf config.swarselmodules.users {
|
||||
sops.secrets.main-user-hashed-pw = lib.mkIf (!config.swarselsystems.isPublic) { inherit sopsFile; neededForUsers = true; };
|
||||
|
||||
users = {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.xserver = lib.mkEnableOption "xserver keymap";
|
||||
config = lib.mkIf config.swarselsystems.modules.packages {
|
||||
options.swarselmodules.xserver = lib.mkEnableOption "xserver keymap";
|
||||
config = lib.mkIf config.swarselmodules.packages {
|
||||
services.xserver = {
|
||||
xkb = {
|
||||
layout = "us";
|
||||
|
|
|
|||
|
|
@ -6,8 +6,8 @@ in
|
|||
imports = [
|
||||
];
|
||||
|
||||
options.swarselsystems.modules.darwin.general = lib.mkEnableOption "darwin config";
|
||||
config = lib.mkIf config.swarselsystems.modules.darwin.general {
|
||||
options.swarselmodules.optional.darwin = lib.mkEnableOption "optional darwin settings";
|
||||
config = lib.mkIf config.swarselmodules.optional.darwin {
|
||||
nix.settings.experimental-features = "nix-command flakes";
|
||||
nixpkgs = {
|
||||
hostPlatform = "x86_64-darwin";
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.optional.amdcpu = lib.mkEnableOption "optional amd cpu settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.amdcpu {
|
||||
options.swarselmodules.optional.amdcpu = lib.mkEnableOption "optional amd cpu settings";
|
||||
config = lib.mkIf config.swarselmodules.optional.amdcpu {
|
||||
hardware = {
|
||||
cpu.amd.updateMicrocode = true;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.optional.amdgpu = lib.mkEnableOption "optional amd gpu settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.amdgpu {
|
||||
options.swarselmodules.optional.amdgpu = lib.mkEnableOption "optional amd gpu settings";
|
||||
config = lib.mkIf config.swarselmodules.optional.amdgpu {
|
||||
hardware = {
|
||||
amdgpu = {
|
||||
opencl.enable = true;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.optional.btrfs = lib.mkEnableOption "optional btrfs settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.btrfs {
|
||||
options.swarselmodules.optional.btrfs = lib.mkEnableOption "optional btrfs settings";
|
||||
config = lib.mkIf config.swarselmodules.optional.btrfs {
|
||||
boot = {
|
||||
supportedFilesystems = [ "btrfs" ];
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,10 +1,7 @@
|
|||
{ self, lib, ... }:
|
||||
{ lib, ... }:
|
||||
let
|
||||
importNames = lib.swarselsystems.readNix "modules/nixos/optional";
|
||||
modulesPath = "${self}/modules";
|
||||
in
|
||||
{
|
||||
imports = lib.swarselsystems.mkImports importNames "modules/nixos/optional" ++ [
|
||||
"${modulesPath}/home/common/sharedsetup.nix"
|
||||
];
|
||||
imports = lib.swarselsystems.mkImports importNames "modules/nixos/optional";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@
|
|||
imports = [
|
||||
inputs.fw-fanctrl.nixosModules.default
|
||||
];
|
||||
options.swarselsystems.modules.optional.framework = lib.mkEnableOption "optional framework machine settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.framework {
|
||||
options.swarselmodules.optional.framework = lib.mkEnableOption "optional framework machine settings";
|
||||
config = lib.mkIf config.swarselmodules.optional.framework {
|
||||
services = {
|
||||
fwupd = {
|
||||
enable = true;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.optional.gaming = lib.mkEnableOption "optional gaming settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.gaming {
|
||||
options.swarselmodules.optional.gaming = lib.mkEnableOption "optional gaming settings";
|
||||
config = lib.mkIf config.swarselmodules.optional.gaming {
|
||||
programs.steam = {
|
||||
enable = true;
|
||||
package = pkgs.steam;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
options.swarselmodules.optional.hibernation = lib.mkEnableOption "optional amd gpu settings";
|
||||
options.swarselsystems = {
|
||||
modules.optional.hibernation = lib.mkEnableOption "optional amd gpu settings";
|
||||
hibernation = {
|
||||
offset = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.hibernation {
|
||||
config = lib.mkIf config.swarselmodules.optional.hibernation {
|
||||
boot = {
|
||||
kernelParams = [
|
||||
"resume_offset=${builtins.toString config.swarselsystems.hibernation.offset}"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.optional.nswitch-rcm = lib.mkEnableOption "optional nswitch-rcm settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.nswitch-rcm {
|
||||
options.swarselmodules.optional.nswitch-rcm = lib.mkEnableOption "optional nswitch-rcm settings";
|
||||
config = lib.mkIf config.swarselmodules.optional.nswitch-rcm {
|
||||
services.nswitch-rcm = {
|
||||
enable = true;
|
||||
package = pkgs.fetchurl {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.optional.virtualbox = lib.mkEnableOption "optional VBox settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.virtualbox {
|
||||
options.swarselmodules.optional.virtualbox = lib.mkEnableOption "optional VBox settings";
|
||||
config = lib.mkIf config.swarselmodules.optional.virtualbox {
|
||||
specialisation = {
|
||||
VBox.configuration = {
|
||||
virtualisation.virtualbox = {
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
|
||||
options.swarselsystems.modules.optional.vmware = lib.mkEnableOption "optional vmware settings";
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.vmware {
|
||||
options.swarselmodules.optional.vmware = lib.mkEnableOption "optional vmware settings";
|
||||
config = lib.mkIf config.swarselmodules.optional.vmware {
|
||||
virtualisation.vmware.host.enable = true;
|
||||
virtualisation.vmware.guest.enable = true;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -25,8 +25,8 @@ let
|
|||
};
|
||||
in
|
||||
{
|
||||
options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings";
|
||||
options.swarselsystems = {
|
||||
modules.optional.work = lib.mkEnableOption "optional work settings";
|
||||
hostName = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "";
|
||||
|
|
@ -36,7 +36,7 @@ in
|
|||
default = "";
|
||||
};
|
||||
};
|
||||
config = lib.mkIf config.swarselsystems.modules.optional.work {
|
||||
config = lib.mkIf config.swarselmodules.optional.work {
|
||||
sops =
|
||||
let
|
||||
secretNames = [
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ let
|
|||
ankiUser = globals.user.name;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ servicePort ];
|
||||
|
||||
|
|
|
|||
|
|
@ -5,8 +5,8 @@ let
|
|||
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
topology.self.services.${serviceName}.info = "https://${serviceDomain}";
|
||||
globals.services.${serviceName}.domain = serviceDomain;
|
||||
|
|
|
|||
|
|
@ -15,8 +15,8 @@ let
|
|||
cfg = config.services.croc;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
sops = {
|
||||
secrets = {
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@ let
|
|||
servicePort = 9812;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} server on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} server on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ servicePort ];
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ let
|
|||
cfg = config.services.firefly-iii;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
users = {
|
||||
groups.${serviceGroup} = { };
|
||||
|
|
|
|||
|
|
@ -11,8 +11,8 @@ let
|
|||
kanidmDomain = globals.services.kanidm.domain;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ servicePort ];
|
||||
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ let
|
|||
inherit (config.swarselsystems) sopsFile;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
users.users.${serviceUser} = {
|
||||
extraGroups = [ "users" ];
|
||||
|
|
|
|||
|
|
@ -6,8 +6,8 @@ let
|
|||
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
users.users.${serviceUser} = {
|
||||
extraGroups = [ "video" "render" "users" ];
|
||||
|
|
|
|||
|
|
@ -6,8 +6,8 @@ let
|
|||
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
users.users.${serviceUser} = {
|
||||
extraGroups = [ "video" "render" "users" ];
|
||||
};
|
||||
|
|
|
|||
|
|
@ -5,8 +5,8 @@ let
|
|||
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
services.jenkins = {
|
||||
enable = true;
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@ let
|
|||
nextcloudDomain = globals.services.nextcloud.domain;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
users.users.${serviceUser} = {
|
||||
group = serviceGroup;
|
||||
|
|
|
|||
|
|
@ -8,8 +8,8 @@ let
|
|||
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
environment.systemPackages = with pkgs; [
|
||||
calibre
|
||||
];
|
||||
|
|
|
|||
|
|
@ -13,8 +13,8 @@ let
|
|||
inherit (config.swarselsystems) sopsFile;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
sops.secrets = {
|
||||
koillection-db-password = { inherit sopsFile; owner = postgresUser; group = postgresUser; mode = "0440"; };
|
||||
|
|
|
|||
|
|
@ -21,8 +21,8 @@ let
|
|||
'';
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
environment.systemPackages = with pkgs; [
|
||||
matrix-synapse
|
||||
lottieconverter
|
||||
|
|
|
|||
|
|
@ -11,8 +11,8 @@ let
|
|||
cfg = config.services.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
users = {
|
||||
groups.${serviceGroup} = { };
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@ let
|
|||
inherit (config.swarselsystems) sopsFile;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
sops = {
|
||||
secrets = {
|
||||
|
|
@ -193,7 +193,7 @@ in
|
|||
sslVerify = false;
|
||||
scrapeUri = "http://localhost/nginx_status";
|
||||
};
|
||||
nextcloud = lib.mkIf config.swarselsystems.modules.server.nextcloud {
|
||||
nextcloud = lib.mkIf config.swarselmodules.server.nextcloud {
|
||||
enable = true;
|
||||
port = 9205;
|
||||
url = "https://${serviceDomain}/ocs/v2.php/apps/serverinfo/api/v1/info";
|
||||
|
|
|
|||
|
|
@ -8,8 +8,8 @@ let
|
|||
serviceName = "mpd";
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
users = {
|
||||
groups = {
|
||||
mpd = { };
|
||||
|
|
|
|||
|
|
@ -7,8 +7,8 @@ let
|
|||
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
environment.systemPackages = with pkgs; [
|
||||
pciutils
|
||||
alsa-utils
|
||||
|
|
|
|||
|
|
@ -10,8 +10,8 @@ let
|
|||
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
sops.secrets = {
|
||||
nextcloud-admin-pw = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; };
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@ let
|
|||
nfsUser = globals.user.name;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.nfs = lib.mkEnableOption "enable nfs on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.nfs {
|
||||
options.swarselmodules.server.nfs = lib.mkEnableOption "enable nfs on server";
|
||||
config = lib.mkIf config.swarselmodules.server.nfs {
|
||||
services = {
|
||||
# add a user with sudo smbpasswd -a <user>
|
||||
samba = {
|
||||
|
|
|
|||
|
|
@ -5,8 +5,8 @@ let
|
|||
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.nginx = lib.mkEnableOption "enable nginx on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.nginx {
|
||||
options.swarselmodules.server.nginx = lib.mkEnableOption "enable nginx on server";
|
||||
config = lib.mkIf config.swarselmodules.server.nginx {
|
||||
environment.systemPackages = with pkgs; [
|
||||
lego
|
||||
];
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ let
|
|||
in
|
||||
{
|
||||
options = {
|
||||
swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
# largely based on https://github.com/oddlama/nix-config/blob/main/modules/oauth2-proxy.nix
|
||||
services.nginx.virtualHosts = lib.mkOption {
|
||||
type = lib.types.attrsOf (
|
||||
|
|
@ -121,7 +121,7 @@ in
|
|||
);
|
||||
};
|
||||
};
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
sops = {
|
||||
secrets = {
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.server.packages = lib.mkEnableOption "enable packages on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.packages {
|
||||
options.swarselmodules.server.packages = lib.mkEnableOption "enable packages on server";
|
||||
config = lib.mkIf config.swarselmodules.server.packages {
|
||||
environment.systemPackages = with pkgs; [
|
||||
gnupg
|
||||
nix-index
|
||||
|
|
|
|||
|
|
@ -13,8 +13,8 @@ let
|
|||
kanidmDomain = globals.services.kanidm.domain;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
users.users.${serviceUser} = {
|
||||
extraGroups = [ "users" ];
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
config = lib.mkIf (config?swarselsystems.modules.server.mpd || config?swarselsystems.modules.server.navidrome) {
|
||||
config = lib.mkIf (config?swarselmodules.server.mpd || config?swarselmodules.server.navidrome) {
|
||||
|
||||
security.rtkit.enable = true; # this is required for pipewire real-time access
|
||||
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@ let
|
|||
postgresVersion = 14;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
services = {
|
||||
${serviceName} = {
|
||||
enable = true;
|
||||
|
|
|
|||
|
|
@ -11,8 +11,8 @@ let
|
|||
cfg = config.services.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
sops = {
|
||||
secrets.radicale-user = { inherit sopsFile; owner = serviceUser; group = serviceGroup; mode = "0440"; };
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@ let
|
|||
inherit (config.swarselsystems) sopsFile;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.restic = lib.mkEnableOption "enable restic backups on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.restic {
|
||||
options.swarselmodules.server.restic = lib.mkEnableOption "enable restic backups on server";
|
||||
config = lib.mkIf config.swarselmodules.server.restic {
|
||||
|
||||
sops = {
|
||||
secrets = {
|
||||
|
|
|
|||
|
|
@ -3,14 +3,15 @@ let
|
|||
inherit (config.swarselsystems) flakePath;
|
||||
in
|
||||
{
|
||||
|
||||
options.swarselmodules.server.general = lib.mkEnableOption "general setting on server";
|
||||
options.swarselsystems = {
|
||||
modules.server.general = lib.mkEnableOption "general setting on server";
|
||||
shellAliases = lib.mkOption {
|
||||
type = lib.types.attrsOf lib.types.str;
|
||||
default = { };
|
||||
};
|
||||
};
|
||||
config = lib.mkIf config.swarselsystems.modules.server.general {
|
||||
config = lib.mkIf config.swarselmodules.server.general {
|
||||
|
||||
environment.shellAliases = lib.recursiveUpdate
|
||||
{
|
||||
|
|
|
|||
|
|
@ -10,9 +10,9 @@ let
|
|||
in
|
||||
{
|
||||
options = {
|
||||
swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
};
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
sops = {
|
||||
secrets = {
|
||||
|
|
|
|||
|
|
@ -6,8 +6,8 @@ let
|
|||
serviceGroup = serviceUser;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
users.groups.${serviceGroup} = {
|
||||
gid = 65136;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ self, lib, config, ... }:
|
||||
{
|
||||
options.swarselsystems.modules.server.ssh = lib.mkEnableOption "enable ssh on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.ssh {
|
||||
options.swarselmodules.server.ssh = lib.mkEnableOption "enable ssh on server";
|
||||
config = lib.mkIf config.swarselmodules.server.ssh {
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
startWhenNeeded = lib.mkForce false;
|
||||
|
|
|
|||
|
|
@ -11,8 +11,8 @@ let
|
|||
cfg = config.services.${serviceName};
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
users.users.${serviceUser} = {
|
||||
extraGroups = [ "users" ];
|
||||
|
|
|
|||
|
|
@ -20,8 +20,8 @@ let
|
|||
prowlarrPort = 9696;
|
||||
in
|
||||
{
|
||||
options.swarselsystems.modules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} and friends on server";
|
||||
config = lib.mkIf config.swarselsystems.modules.server.${serviceName} {
|
||||
options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} and friends on server";
|
||||
config = lib.mkIf config.swarselmodules.server.${serviceName} {
|
||||
|
||||
# this user/group section is probably unneeded
|
||||
users = {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue