Convert common NixOS config to a module
This commit is contained in:
Andrew Kvalheim
parent
67ac31ff22
commit
88ab8e0d76
3 changed files with 265 additions and 264 deletions
|
|
@ -1,6 +1,10 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
# Module
|
||||
host = config.host;
|
||||
|
||||
# Resources
|
||||
palette = import ./resources/palette.nix;
|
||||
in
|
||||
{
|
||||
|
|
@ -9,6 +13,13 @@ in
|
|||
../packages/kmonad.nix
|
||||
];
|
||||
|
||||
options.host = {
|
||||
name = lib.mkOption { type = lib.types.str; };
|
||||
local = lib.mkOption { type = lib.types.path; };
|
||||
resources = lib.mkOption { type = lib.types.path; };
|
||||
};
|
||||
|
||||
config = {
|
||||
# Overrides
|
||||
nixpkgs.overlays = [
|
||||
# Pending https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/5370
|
||||
|
|
@ -60,6 +71,7 @@ in
|
|||
i18n.extraLocaleSettings.LC_TIME = "en_DK.UTF-8";
|
||||
|
||||
# Networking
|
||||
networking.hostName = host.name;
|
||||
networking.domain = "home.arpa";
|
||||
networking.search = [ "home.arpa" ];
|
||||
# Workaround for `avahi-daemon[1234]: Failed to read /etc/avahi/services.`
|
||||
|
|
@ -82,7 +94,14 @@ in
|
|||
};
|
||||
services.xserver.layout = "halmakish";
|
||||
console.useXkbConfig = true;
|
||||
services.kmonad.enable = true;
|
||||
services.kmonad = {
|
||||
enable = true;
|
||||
keyboards.default = {
|
||||
config = builtins.readFile (host.resources + "/halmakish.kbd");
|
||||
fallthrough = true;
|
||||
allowCommands = false;
|
||||
};
|
||||
};
|
||||
|
||||
# Power
|
||||
systemd.ctrlAltDelUnit = "poweroff.target";
|
||||
|
|
@ -90,6 +109,7 @@ in
|
|||
# Authentication
|
||||
security.pam.u2f = {
|
||||
enable = true;
|
||||
appId = "pam://${host.name}";
|
||||
control = "sufficient";
|
||||
cue = true;
|
||||
};
|
||||
|
|
@ -125,6 +145,7 @@ in
|
|||
};
|
||||
origin = "andrew.kvalhe.im";
|
||||
destination = [ ]; # Disable local delivery
|
||||
mapFiles.smtp_sasl_password_maps = (host.local + "/resources/smtp-sasl-password-maps");
|
||||
};
|
||||
systemd.services."alert@" = {
|
||||
description = "Alert of failed %I";
|
||||
|
|
@ -229,10 +250,12 @@ in
|
|||
serviceConfig.Nice = 10;
|
||||
onFailure = [ "alert@%n.service" ];
|
||||
path = with pkgs; [ netcat openssh rsync ];
|
||||
script = builtins.readFile (host.local + "/resources/mirror.sh");
|
||||
};
|
||||
systemd.timers.mirror = {
|
||||
timerConfig.OnCalendar = "00,12,17:00 America/Los_Angeles";
|
||||
timerConfig.Persistent = true;
|
||||
wantedBy = [ "timers.target" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,7 +9,16 @@
|
|||
./local/nixos.nix
|
||||
];
|
||||
|
||||
# Host parameters
|
||||
host = {
|
||||
name = "main";
|
||||
local = ./local;
|
||||
resources = ./resources;
|
||||
};
|
||||
|
||||
# Hardware
|
||||
services.fstrim.enable = true;
|
||||
services.kmonad.keyboards.default.device = "/dev/input/by-path/platform-i8042-serio-0-event-kbd";
|
||||
systemd.tmpfiles.rules = [ "w /sys/class/sound/ctl-led/mic/mode - - - - follow-route" ];
|
||||
|
||||
# Nix
|
||||
|
|
@ -17,7 +26,6 @@
|
|||
nixpkgs = import ./nixpkgs.nix;
|
||||
|
||||
# Filesystems
|
||||
services.fstrim.enable = true;
|
||||
# TODO: Set `chattr +i` on intermittent mount points
|
||||
fileSystems = {
|
||||
"/home/ak/annex" = {
|
||||
|
|
@ -53,32 +61,12 @@
|
|||
};
|
||||
|
||||
# Networking
|
||||
networking.hostName = "main";
|
||||
networking.domain = "home.arpa";
|
||||
networking.search = [ "home.arpa" ];
|
||||
systemd.network.links = {
|
||||
"10-dock".linkConfig.Name = "dock";
|
||||
"10-jack".linkConfig.Name = "jack";
|
||||
"10-wifi".linkConfig.Name = "wifi";
|
||||
};
|
||||
|
||||
# Keyboard
|
||||
services.kmonad.keyboards.default = {
|
||||
device = "/dev/input/by-path/platform-i8042-serio-0-event-kbd";
|
||||
config = builtins.readFile ./resources/halmakish.kbd;
|
||||
fallthrough = true;
|
||||
allowCommands = false;
|
||||
};
|
||||
|
||||
# Authentication
|
||||
security.pam.u2f.appId = "pam://main";
|
||||
|
||||
# Mail
|
||||
services.postfix.mapFiles.smtp_sasl_password_maps = ./local/resources/smtp-sasl-password-maps;
|
||||
|
||||
# Backup
|
||||
systemd.services.mirror.script = builtins.readFile ./local/resources/mirror.sh;
|
||||
|
||||
# Wireshark
|
||||
programs.wireshark.enable = true;
|
||||
users.users.ak.extraGroups = [ "wireshark" ];
|
||||
|
|
|
|||
|
|
@ -8,33 +8,23 @@
|
|||
./local/nixos.nix
|
||||
];
|
||||
|
||||
# Host parameters
|
||||
host = {
|
||||
name = "wrangler";
|
||||
local = ./local;
|
||||
resources = ./resources;
|
||||
};
|
||||
|
||||
# Hardware
|
||||
services.fstrim.enable = true;
|
||||
services.kmonad.keyboards.default.device = "/dev/input/by-path/platform-i8042-serio-0-event-kbd";
|
||||
|
||||
# Nix
|
||||
system.stateVersion = "21.11"; # Permanent
|
||||
nixpkgs = import ./nixpkgs.nix;
|
||||
|
||||
# Filesystems
|
||||
services.fstrim.enable = true;
|
||||
|
||||
# Networking
|
||||
networking.hostName = "wrangler";
|
||||
systemd.network.links = {
|
||||
"10-wifi".linkConfig.Name = "wifi";
|
||||
};
|
||||
|
||||
# Keyboard
|
||||
services.kmonad.keyboards.default = {
|
||||
device = "/dev/input/by-path/platform-i8042-serio-0-event-kbd";
|
||||
config = builtins.readFile ./resources/halmakish.kbd;
|
||||
fallthrough = true;
|
||||
allowCommands = false;
|
||||
};
|
||||
|
||||
# Authentication
|
||||
security.pam.u2f.appId = "pam://wrangler";
|
||||
|
||||
# Mail
|
||||
services.postfix.mapFiles.smtp_sasl_password_maps = ./local/resources/smtp-sasl-password-maps;
|
||||
|
||||
# Backup
|
||||
systemd.services.mirror.script = builtins.readFile ./local/resources/mirror.sh;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue