From 453f175edccd4be51685eacbf44bbe0d27f6fdcf Mon Sep 17 00:00:00 2001 From: Nathan Date: Sun, 17 Aug 2025 14:04:02 -0500 Subject: [PATCH] remodel begin --- flake.nix | 7 +- home-manager/default.nix | 8 ++ home-manager/users/default.nix | 0 .../configuration/homebox/default.nix | 93 +++++++++++++------ .../configuration/laptop/default.nix | 62 ++++++++++--- system-config/programs/ags/default.nix | 4 +- system-config/programs/hyprland/default.nix | 6 +- system-config/programs/steam/default.nix | 4 +- .../containers/code-server/default.nix | 4 +- .../services/containers/gitea/default.nix | 4 +- .../services/containers/gitlab/default.nix | 4 +- .../containers/homeassistant/default.nix | 4 +- .../services/containers/jellyfin/default.nix | 4 +- .../services/containers/keycloak/default.nix | 4 +- .../services/containers/minecraft/default.nix | 4 +- .../services/containers/n8n/default.nix | 4 +- .../services/containers/netbird/default.nix | 12 +-- .../services/containers/nextcloud/default.nix | 4 +- .../services/containers/nginx/default.nix | 4 +- .../services/containers/novnc/default.nix | 6 +- .../services/containers/ntfy/default.nix | 4 +- .../services/containers/ollama/default.nix | 4 +- .../services/containers/pihole/default.nix | 4 +- .../services/containers/rustdesk/default.nix | 4 +- .../services/containers/sandbox/default.nix | 4 +- .../services/containers/traefik/default.nix | 4 +- .../services/containers/wyoming/default.nix | 16 ++-- system-config/services/dynamicDNS/default.nix | 4 +- system-config/services/kdePlasma6/default.nix | 6 +- system-config/services/minecraft/default.nix | 4 +- system-config/services/novnc/default.nix | 4 +- system-config/services/ollama/default.nix | 4 +- system-config/services/openssh/default.nix | 4 +- system-config/services/pipewire/default.nix | 4 +- system-config/services/sddm/default.nix | 4 +- system-config/users/default.nix | 79 ++++++++++++++++ 36 files changed, 283 insertions(+), 112 deletions(-) create mode 100644 home-manager/users/default.nix create mode 100644 system-config/users/default.nix diff --git a/flake.nix b/flake.nix index 21b44c6..b55b1f9 100644 --- a/flake.nix +++ b/flake.nix @@ -112,7 +112,8 @@ homebox = nixpkgs.lib.nixosSystem { specialArgs = { inputs = inputs // { - nathan-home-manager = import ./home-manager/nathan; + nathan = import ./home-manager/users/nathan; + home-manager-config = import ./home-manager; tokyo-night-sddm-theme = self.tokyo-night-sddm-theme; inherit self; }; @@ -126,8 +127,10 @@ laptop = nixpkgs.lib.nixosSystem { specialArgs = { inputs = inputs // { - nathan-home-manager = import ./home-manager/nathan; + nathan = import ./home-manager/users/nathan; + home-manager-config = import ./home-manager; tokyo-night-sddm-theme = self.tokyo-night-sddm-theme; + inherit self; }; }; modules = [ diff --git a/home-manager/default.nix b/home-manager/default.nix index e69de29..850b657 100644 --- a/home-manager/default.nix +++ b/home-manager/default.nix @@ -0,0 +1,8 @@ +{ ... }: { + + imports = [ + ./programs + ./services + ./users + ]; +} diff --git a/home-manager/users/default.nix b/home-manager/users/default.nix new file mode 100644 index 0000000..e69de29 diff --git a/system-config/configuration/homebox/default.nix b/system-config/configuration/homebox/default.nix index d212b1e..e356b1f 100644 --- a/system-config/configuration/homebox/default.nix +++ b/system-config/configuration/homebox/default.nix @@ -176,41 +176,82 @@ }; sysconfig = { - opts = { + + users = { + nathan = { + extraGroups = [ "wheel" "networkmanager" ]; + sshKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop" + ]; + hashedPasswordFile = config.sops.secrets."nathan/pass".path; + home-manager = { + enable = true; + extraModules = [ + { + homeconfig = { + host = "homebox"; + minimal = false; + wayvnc.enable = false; + hyprland.enable = true; + swaylock.enable = true; + wal.enable = true; + mpd.enable = true; + ags.enable = true; + calcurse.enable = true; + rofi.enable = true; + firefox.enable = true; + git.enable = true; + nh.enable = true; + }; + + home.packages = [ + pkgs.wayvnc + ]; + } + ]; + }; + }; + }; + + services = { sddm.enable = true; openssh.enable = true; pipewire.enable = true; - ags.enable = true; - hyprland.enable = true; netbird.enable = true; minecraft.enable = false; + }; + + programs = { + hyprland.enable = true; + ags.enable = true; steam.enable = false; - virtualization = { - traefik.enable = true; - jellyfin.enable = true; - "blunkall.us".enable = true; - nextcloud.enable = true; - ntfy.enable = false; - gitea.enable = true; - n8n.enable = true; - keycloak.enable = true; - netbird.enable = true; - ollama.enable = true; - homeassistant.enable = true; - wyoming = { - enable = true; - piper = true; - openwakeword = true; - faster-whisper = true; - }; - rustdesk.enable = false; #broken + }; + + virtualization = { + traefik.enable = true; + jellyfin.enable = true; + "blunkall.us".enable = true; + nextcloud.enable = true; + ntfy.enable = false; + gitea.enable = true; + n8n.enable = true; + keycloak.enable = true; + netbird.enable = true; + ollama.enable = true; + homeassistant.enable = true; + wyoming = { + enable = true; + piper = true; + openwakeword = true; + faster-whisper = true; + }; + rustdesk.enable = false; #broken pihole.enable = false; #broken code-server.enable = false; - novnc.enable = true; - minecraft.enable = true; + novnc.enable = true; + minecraft.enable = true; - sandbox.enable = false; - }; + sandbox.enable = false; }; }; diff --git a/system-config/configuration/laptop/default.nix b/system-config/configuration/laptop/default.nix index 1b4d76b..a441e6b 100644 --- a/system-config/configuration/laptop/default.nix +++ b/system-config/configuration/laptop/default.nix @@ -66,17 +66,58 @@ alsa-utils ]; - sysconfig.opts = { - sddm.enable = true; - openssh.enable = false; - steam.enable = true; - pipewire.enable = true; - ags.enable = true; - kdePlasma6.enable = true; - hyprland.enable = true; - netbird.enable = true; + sysconfig = { + users = { + nathan = { + extraGroups = [ "wheel" "networkmanager" ]; + sshKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop" + ]; + hashedPasswordFile = config.sops.secrets."nathan/pass".path; + home-manager = { + enable = true; + extraModules = [ + { + homeconfig = { + host = "homebox"; + minimal = false; + wayvnc.enable = false; + hyprland.enable = true; + swaylock.enable = true; + wal.enable = true; + mpd.enable = true; + ags.enable = true; + calcurse.enable = true; + rofi.enable = true; + firefox.enable = true; + git.enable = true; + nh.enable = true; + }; + + home.packages = [ + pkgs.wayvnc + ]; + } + ]; + }; + }; + }; + + services = { + sddm.enable = true; + openssh.enable = false; + pipewire.enable = true; + kdePlasma6.enable = true; + netbird.enable = true; + ollama.enable = true; + }; + + programs = { + steam.enable = true; + ags.enable = true; + hyprland.enable = true; + }; - ollama.enable = true; virtualization = { @@ -117,7 +158,6 @@ } (inputs.nathan-home-manager { config = config.home-manager.users."nathan"; - sysconfig = config; inherit lib pkgs; }) ]; diff --git a/system-config/programs/ags/default.nix b/system-config/programs/ags/default.nix index 9d5f2d8..83cec14 100644 --- a/system-config/programs/ags/default.nix +++ b/system-config/programs/ags/default.nix @@ -1,11 +1,11 @@ { config, lib, pkgs, ... }: { - options.sysconfig.opts.ags.enable = lib.options.mkOption { + options.sysconfig.programs.ags.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.ags.enable { + config = lib.mkIf config.sysconfig.programs.ags.enable { services = { upower.enable = true; gvfs.enable = true; diff --git a/system-config/programs/hyprland/default.nix b/system-config/programs/hyprland/default.nix index 6b68439..d622add 100644 --- a/system-config/programs/hyprland/default.nix +++ b/system-config/programs/hyprland/default.nix @@ -1,13 +1,13 @@ { config, lib, pkgs, inputs, ... }: { - options.sysconfig.opts.hyprland.enable = lib.options.mkOption { + options.sysconfig.programs.hyprland.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.hyprland.enable { + config = lib.mkIf config.sysconfig.programs.hyprland.enable { - sysconfig.opts.sddm.enable = lib.mkDefault true; + sysconfig.services.sddm.enable = lib.mkDefault true; environment.sessionVariables.NIXOS_OZONE_WL = "1"; diff --git a/system-config/programs/steam/default.nix b/system-config/programs/steam/default.nix index 6ee0f7d..3d9ee48 100644 --- a/system-config/programs/steam/default.nix +++ b/system-config/programs/steam/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - options.sysconfig.opts.steam.enable = lib.options.mkOption { + options.sysconfig.programs.steam.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.steam.enable { + config = lib.mkIf config.sysconfig.programs.steam.enable { programs.steam = { enable = true; diff --git a/system-config/services/containers/code-server/default.nix b/system-config/services/containers/code-server/default.nix index 4a90a22..9ff1ca2 100644 --- a/system-config/services/containers/code-server/default.nix +++ b/system-config/services/containers/code-server/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization.code-server.enable = lib.options.mkOption { + options.sysconfig.virtualization.code-server.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.code-server.enable { + config = lib.mkIf config.sysconfig.virtualization.code-server.enable { containers.code-server = { diff --git a/system-config/services/containers/gitea/default.nix b/system-config/services/containers/gitea/default.nix index 317d2c4..1fd8a9b 100644 --- a/system-config/services/containers/gitea/default.nix +++ b/system-config/services/containers/gitea/default.nix @@ -1,11 +1,11 @@ { config, lib, pkgs, ... }: { - options.sysconfig.opts.virtualization.gitea.enable = lib.options.mkOption { + options.sysconfig.virtualization.gitea.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.gitea.enable { + config = lib.mkIf config.sysconfig.virtualization.gitea.enable { networking = { hosts."192.168.100.20" = [ "gitea.blunkall.us" ]; diff --git a/system-config/services/containers/gitlab/default.nix b/system-config/services/containers/gitlab/default.nix index 86642f8..006e8a3 100644 --- a/system-config/services/containers/gitlab/default.nix +++ b/system-config/services/containers/gitlab/default.nix @@ -1,11 +1,11 @@ { config, lib, pkgs, ... }: { - options.sysconfig.opts.virtualization.gitlab.enable = lib.options.mkOption { + options.sysconfig.virtualization.gitlab.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.gitlab.enable { + config = lib.mkIf config.sysconfig.virtualization.gitlab.enable { sops.secrets = { "gitlab/db_pass" = {}; diff --git a/system-config/services/containers/homeassistant/default.nix b/system-config/services/containers/homeassistant/default.nix index 0594634..6e4637f 100644 --- a/system-config/services/containers/homeassistant/default.nix +++ b/system-config/services/containers/homeassistant/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization.homeassistant = { + options.sysconfig.virtualization.homeassistant = { enable = lib.options.mkOption { type = lib.types.bool; default = false; @@ -11,7 +11,7 @@ }; }; - config = lib.mkIf config.sysconfig.opts.virtualization.homeassistant.enable { + config = lib.mkIf config.sysconfig.virtualization.homeassistant.enable { networking = { hosts."192.168.100.25" = [ "hass.local" ]; diff --git a/system-config/services/containers/jellyfin/default.nix b/system-config/services/containers/jellyfin/default.nix index 0056b22..1c4b1d0 100644 --- a/system-config/services/containers/jellyfin/default.nix +++ b/system-config/services/containers/jellyfin/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization.jellyfin.enable = lib.options.mkOption { + options.sysconfig.virtualization.jellyfin.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.jellyfin.enable { + config = lib.mkIf config.sysconfig.virtualization.jellyfin.enable { containers.jellyfin = { diff --git a/system-config/services/containers/keycloak/default.nix b/system-config/services/containers/keycloak/default.nix index f1b6fd6..b903d61 100644 --- a/system-config/services/containers/keycloak/default.nix +++ b/system-config/services/containers/keycloak/default.nix @@ -1,6 +1,6 @@ { config, lib, inputs, ... }: { - options.sysconfig.opts.virtualization.keycloak.enable = lib.options.mkOption { + options.sysconfig.virtualization.keycloak.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; @@ -9,7 +9,7 @@ inputs.sops-nix.nixosModules.sops ]; - config = lib.mkIf config.sysconfig.opts.virtualization.keycloak.enable { + config = lib.mkIf config.sysconfig.virtualization.keycloak.enable { sops.secrets."keycloak/dbpass" = {}; diff --git a/system-config/services/containers/minecraft/default.nix b/system-config/services/containers/minecraft/default.nix index ca89e7e..4d132c7 100644 --- a/system-config/services/containers/minecraft/default.nix +++ b/system-config/services/containers/minecraft/default.nix @@ -1,12 +1,12 @@ { config, lib, pkgs, inputs, ... }: { - options.sysconfig.opts.virtualization.minecraft.enable = lib.options.mkOption { + options.sysconfig.virtualization.minecraft.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.minecraft.enable { + config = lib.mkIf config.sysconfig.virtualization.minecraft.enable { networking = { firewall = { diff --git a/system-config/services/containers/n8n/default.nix b/system-config/services/containers/n8n/default.nix index 2bc5dc4..3de0988 100644 --- a/system-config/services/containers/n8n/default.nix +++ b/system-config/services/containers/n8n/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization.n8n.enable = lib.options.mkOption { + options.sysconfig.virtualization.n8n.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.n8n.enable { + config = lib.mkIf config.sysconfig.virtualization.n8n.enable { networking = { hosts."192.168.100.21" = [ "n8n.local" ]; diff --git a/system-config/services/containers/netbird/default.nix b/system-config/services/containers/netbird/default.nix index 29a4e1e..9daebeb 100644 --- a/system-config/services/containers/netbird/default.nix +++ b/system-config/services/containers/netbird/default.nix @@ -1,8 +1,8 @@ { config, lib, inputs, ... }: { - options.sysconfig.opts = { + options.sysconfig = { - netbird.enable = lib.options.mkOption { + services.netbird.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; @@ -18,21 +18,21 @@ config = { services.netbird = { - enable = config.sysconfig.opts.netbird.enable; + enable = config.sysconfig.services.netbird.enable; }; networking = { - firewall = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable { + firewall = lib.mkIf config.sysconfig.virtualization.netbird.enable { allowedUDPPorts = [ 3478 ]; allowedUDPPortRanges = [{ from = 51100; to = 56100; }]; }; nat.internalInterfaces = [ "ve-netbird" ]; }; - sops.secrets."netbird/coturnPass" = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable {}; + sops.secrets."netbird/coturnPass" = lib.mkIf config.sysconfig.virtualization.netbird.enable {}; - containers.netbird = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable { + containers.netbird = lib.mkIf config.sysconfig.virtualization.netbird.enable { autoStart = true; privateNetwork = true; diff --git a/system-config/services/containers/nextcloud/default.nix b/system-config/services/containers/nextcloud/default.nix index 43f30d3..4fec951 100644 --- a/system-config/services/containers/nextcloud/default.nix +++ b/system-config/services/containers/nextcloud/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization.nextcloud.enable = lib.options.mkOption { + options.sysconfig.virtualization.nextcloud.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.nextcloud.enable { + config = lib.mkIf config.sysconfig.virtualization.nextcloud.enable { sops.secrets."nextcloud/pass" = {}; diff --git a/system-config/services/containers/nginx/default.nix b/system-config/services/containers/nginx/default.nix index e1beb97..70e9a33 100644 --- a/system-config/services/containers/nginx/default.nix +++ b/system-config/services/containers/nginx/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization."blunkall.us".enable = lib.mkOption { + options.sysconfig.virtualization."blunkall.us".enable = lib.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization."blunkall.us".enable { + config = lib.mkIf config.sysconfig.virtualization."blunkall.us".enable { containers.blunkall-us = { diff --git a/system-config/services/containers/novnc/default.nix b/system-config/services/containers/novnc/default.nix index b541b13..8beca65 100644 --- a/system-config/services/containers/novnc/default.nix +++ b/system-config/services/containers/novnc/default.nix @@ -1,16 +1,16 @@ { config, lib, pkgs, ... }: { - options.sysconfig.opts.virtualization.novnc.enable = lib.mkOption { + options.sysconfig.virtualization.novnc.enable = lib.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.novnc.enable { + config = lib.mkIf config.sysconfig.virtualization.novnc.enable { networking = { hosts."192.168.100.30" = [ "novnc.local" ]; - firewall.interfaces."ve-novnc" = lib.mkIf config.sysconfig.opts.virtualization.novnc.enable { + firewall.interfaces."ve-novnc" = lib.mkIf config.sysconfig.virtualization.novnc.enable { allowedTCPPorts = [ 5900 ]; allowedUDPPorts = [ 5900 ]; }; diff --git a/system-config/services/containers/ntfy/default.nix b/system-config/services/containers/ntfy/default.nix index fe04297..f5613bb 100644 --- a/system-config/services/containers/ntfy/default.nix +++ b/system-config/services/containers/ntfy/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization.ntfy.enable = lib.mkOption { + options.sysconfig.virtualization.ntfy.enable = lib.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.ntfy.enable { + config = lib.mkIf config.sysconfig.virtualization.ntfy.enable { containers.ntfy = { diff --git a/system-config/services/containers/ollama/default.nix b/system-config/services/containers/ollama/default.nix index 6b40326..f035e14 100644 --- a/system-config/services/containers/ollama/default.nix +++ b/system-config/services/containers/ollama/default.nix @@ -1,13 +1,13 @@ { config, lib, inputs, ... }: { options = { - sysconfig.opts.virtualization.ollama.enable = lib.options.mkOption { + sysconfig.virtualization.ollama.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; }; - config = lib.mkIf config.sysconfig.opts.virtualization.ollama.enable { + config = lib.mkIf config.sysconfig.virtualization.ollama.enable { containers.ollama = { diff --git a/system-config/services/containers/pihole/default.nix b/system-config/services/containers/pihole/default.nix index f48ca88..ad74b1f 100644 --- a/system-config/services/containers/pihole/default.nix +++ b/system-config/services/containers/pihole/default.nix @@ -1,12 +1,12 @@ { config, lib, pkgs, inputs, ... }: { - options.sysconfig.opts.virtualization.pihole.enable = lib.options.mkOption { + options.sysconfig.virtualization.pihole.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.pihole.enable { + config = lib.mkIf config.sysconfig.virtualization.pihole.enable { /* sops.secrets."pihole/pass" = {}; sops.templates."pihole.env" = { diff --git a/system-config/services/containers/rustdesk/default.nix b/system-config/services/containers/rustdesk/default.nix index 0130511..3d3f949 100644 --- a/system-config/services/containers/rustdesk/default.nix +++ b/system-config/services/containers/rustdesk/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization.rustdesk.enable = lib.options.mkOption { + options.sysconfig.virtualization.rustdesk.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.rustdesk.enable { + config = lib.mkIf config.sysconfig.virtualization.rustdesk.enable { /*networking = { firewall.allowedTCPPorts = [ 21115 21116 21117 21118 21119 ]; diff --git a/system-config/services/containers/sandbox/default.nix b/system-config/services/containers/sandbox/default.nix index 1a95e67..1b596a3 100644 --- a/system-config/services/containers/sandbox/default.nix +++ b/system-config/services/containers/sandbox/default.nix @@ -1,6 +1,6 @@ { config, lib, inputs, ... }: { - options.sysconfig.opts.virtualization.sandbox.enable = lib.mkOption { + options.sysconfig.virtualization.sandbox.enable = lib.mkOption { type = lib.types.bool; default = false; }; @@ -18,7 +18,7 @@ }) ]; - config = lib.mkIf config.sysconfig.opts.virtualization.sandbox.enable { + config = lib.mkIf config.sysconfig.virtualization.sandbox.enable { networking = { diff --git a/system-config/services/containers/traefik/default.nix b/system-config/services/containers/traefik/default.nix index d1a28c7..6209f71 100644 --- a/system-config/services/containers/traefik/default.nix +++ b/system-config/services/containers/traefik/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization.traefik.enable = lib.options.mkOption { + options.sysconfig.virtualization.traefik.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.virtualization.traefik.enable { + config = lib.mkIf config.sysconfig.virtualization.traefik.enable { networking = { hosts."192.168.100.11" = [ "blunkall.us" "*.blunkall.us" "traefik.local" ]; diff --git a/system-config/services/containers/wyoming/default.nix b/system-config/services/containers/wyoming/default.nix index 550561d..1db5f2c 100644 --- a/system-config/services/containers/wyoming/default.nix +++ b/system-config/services/containers/wyoming/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - options.sysconfig.opts.virtualization.wyoming = { + options.sysconfig.virtualization.wyoming = { enable = lib.options.mkOption { type = lib.types.bool; default = false; @@ -23,7 +23,7 @@ }; }; - config = lib.mkIf config.sysconfig.opts.virtualization.wyoming.enable { + config = lib.mkIf config.sysconfig.virtualization.wyoming.enable { containers.wyoming = { @@ -32,7 +32,7 @@ hostAddress = "192.168.100.10"; localAddress = "192.168.100.26"; - bindMounts = lib.mkIf config.sysconfig.opts.virtualization.wyoming.faster-whisper { + bindMounts = lib.mkIf config.sysconfig.virtualization.wyoming.faster-whisper { "/dev/nvidia0" = { hostPath = "/dev/nvidia0"; isReadOnly = false; @@ -55,7 +55,7 @@ }; }; - allowedDevices = lib.mkIf config.sysconfig.opts.virtualization.wyoming.faster-whisper [ + allowedDevices = lib.mkIf config.sysconfig.virtualization.wyoming.faster-whisper [ { node = "/dev/nvidia0"; modifier = "rw"; @@ -86,7 +86,7 @@ services.wyoming = { - piper = lib.mkIf config.sysconfig.opts.virtualization.wyoming.piper { + piper = lib.mkIf config.sysconfig.virtualization.wyoming.piper { servers.piper = { enable = true; @@ -95,7 +95,7 @@ }; }; - openwakeword = lib.mkIf config.sysconfig.opts.virtualization.wyoming.openwakeword { + openwakeword = lib.mkIf config.sysconfig.virtualization.wyoming.openwakeword { enable = true; uri = "tcp://0.0.0.0:11432"; preloadModels = [ @@ -109,7 +109,7 @@ ]; }; - faster-whisper = lib.mkIf config.sysconfig.opts.virtualization.wyoming.faster-whisper { + faster-whisper = lib.mkIf config.sysconfig.virtualization.wyoming.faster-whisper { servers.whisper = { enable = true; device = "auto"; @@ -119,7 +119,7 @@ }; }; - satellite = lib.mkIf config.sysconfig.opts.virtualization.wyoming.satellite { + satellite = lib.mkIf config.sysconfig.virtualization.wyoming.satellite { enable = true; uri = "tcp://0.0.0.0:11431"; #user = "nathan"; diff --git a/system-config/services/dynamicDNS/default.nix b/system-config/services/dynamicDNS/default.nix index f2ea89e..702a42d 100644 --- a/system-config/services/dynamicDNS/default.nix +++ b/system-config/services/dynamicDNS/default.nix @@ -1,12 +1,12 @@ { config, lib, pkgs, ... }: { - options.sysconfig.opts.dynamicDNS.enable = lib.options.mkOption { + options.sysconfig.services.dynamicDNS.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.dynamicDNS { + config = lib.mkIf config.sysconfig.services.dynamicDNS { systemd.timers.dynamicDNS = { diff --git a/system-config/services/kdePlasma6/default.nix b/system-config/services/kdePlasma6/default.nix index 447c744..d387e26 100644 --- a/system-config/services/kdePlasma6/default.nix +++ b/system-config/services/kdePlasma6/default.nix @@ -1,15 +1,15 @@ { config, lib, pkgs, ... }: { - options.sysconfig.opts.kdePlasma6.enable = lib.options.mkOption { + options.sysconfig.services.kdePlasma6.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.kdePlasma6.enable { + config = lib.mkIf config.sysconfig.services.kdePlasma6.enable { services.desktopManager.plasma6.enable = true; - sysconfig.opts.sddm.enable = lib.mkDefault true; + sysconfig.services.sddm.enable = lib.mkDefault true; environment.systemPackages = with pkgs; [ kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice diff --git a/system-config/services/minecraft/default.nix b/system-config/services/minecraft/default.nix index c1f43e5..0634dec 100644 --- a/system-config/services/minecraft/default.nix +++ b/system-config/services/minecraft/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, inputs, ... }: { - options.sysconfig.opts.minecraft.enable = lib.options.mkOption { + options.sysconfig.services.minecraft.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; @@ -9,7 +9,7 @@ inputs.nix-minecraft.nixosModules.minecraft-servers ]; - config = lib.mkIf config.sysconfig.opts.minecraft.enable { + config = lib.mkIf config.sysconfig.services.minecraft.enable { nixpkgs.overlays = [ inputs.nix-minecraft.overlay ]; diff --git a/system-config/services/novnc/default.nix b/system-config/services/novnc/default.nix index 0288268..a16bfad 100644 --- a/system-config/services/novnc/default.nix +++ b/system-config/services/novnc/default.nix @@ -1,11 +1,11 @@ { config, lib, pkgs, ... }: { - options.sysconfig.opts.novnc.enable = lib.mkOption { + options.sysconfig.services.novnc.enable = lib.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.novnc.enable { + config = lib.mkIf config.sysconfig.services.novnc.enable { systemd.services.novnc = { enable = true; diff --git a/system-config/services/ollama/default.nix b/system-config/services/ollama/default.nix index 5ee28b2..2892ff4 100644 --- a/system-config/services/ollama/default.nix +++ b/system-config/services/ollama/default.nix @@ -1,13 +1,13 @@ { config, lib, inputs, ... }: { options = { - sysconfig.opts.ollama.enable = lib.options.mkOption { + sysconfig.services.ollama.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; }; - config = lib.mkIf config.sysconfig.opts.ollama.enable { + config = lib.mkIf config.sysconfig.services.ollama.enable { services.ollama = { enable = true; acceleration = "cuda"; diff --git a/system-config/services/openssh/default.nix b/system-config/services/openssh/default.nix index 9336631..3f03dcd 100644 --- a/system-config/services/openssh/default.nix +++ b/system-config/services/openssh/default.nix @@ -1,13 +1,13 @@ { config, lib, ... }: { options = { - sysconfig.opts.openssh.enable = lib.options.mkOption { + sysconfig.services.openssh.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; }; - config = lib.mkIf config.sysconfig.opts.openssh.enable { + config = lib.mkIf config.sysconfig.services.openssh.enable { networking.firewall.allowedTCPPorts = [ 22 ]; diff --git a/system-config/services/pipewire/default.nix b/system-config/services/pipewire/default.nix index b60aeeb..2a7fd10 100644 --- a/system-config/services/pipewire/default.nix +++ b/system-config/services/pipewire/default.nix @@ -1,13 +1,13 @@ { config, lib, pkgs, ... }: { options = { - sysconfig.opts.pipewire.enable = lib.options.mkOption { + sysconfig.services.pipewire.enable = lib.options.mkOption { type = lib.types.bool; default = false; }; }; - config = lib.mkIf config.sysconfig.opts.pipewire.enable { + config = lib.mkIf config.sysconfig.services.pipewire.enable { # Enable sound with pipewire. #sound.enable = true; diff --git a/system-config/services/sddm/default.nix b/system-config/services/sddm/default.nix index 94fcadd..a537d36 100644 --- a/system-config/services/sddm/default.nix +++ b/system-config/services/sddm/default.nix @@ -1,11 +1,11 @@ { config, lib, pkgs, inputs, ... }: { - options.sysconfig.opts.sddm.enable = lib.mkOption { + options.sysconfig.services.sddm.enable = lib.mkOption { type = lib.types.bool; default = false; }; - config = lib.mkIf config.sysconfig.opts.sddm.enable { + config = lib.mkIf config.sysconfig.services.sddm.enable { qt.enable = true; diff --git a/system-config/users/default.nix b/system-config/users/default.nix new file mode 100644 index 0000000..259e098 --- /dev/null +++ b/system-config/users/default.nix @@ -0,0 +1,79 @@ +{ config, lib, inputs, ... }: { + + options.sysconfig = { + users = let + + userType = lib.types.submodule ({ username, ... }: { + options = { + username = lib.mkOption { + type = lib.types.str; + default = username; + }; + + home-manager = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + }; + + extraModules = lib.mkOption { + type = lib.types.listOf lib.types.raw; + default = []; + }; + }; + + sshKeys = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = []; + }; + + hashedPasswordFile = lib.mkOption { + type = lib.types.nullOr lib.types.str; + default = null; + }; + + extraGroups = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = []; + }; + }; + }); + + in lib.mkOption { + type = lib.types.attrsOf userType; + default = {}; + }; + }; + + + config = { + users.users = builtins.mapAttrs (name: user: { + name = user.username; + isNormalUser = true; + hashedPasswordFile = lib.mkIf (user.hashedPasswordFile != null) user.hashedPasswordFile; + extraGroups = user.extraGroups; + openssh.authorizedKeys.keys = lib.mkIf config.sysconfig.services.openssh.enable config.sysconfig.users.${user.username}.sshKeys; + }) config.sysconfig.users; + + home-manager = { + backupFileExtension = "backup"; + extraSpecialArgs = {inherit inputs;}; + sharedModules = [ + inputs.sops-nix.homeManagerModules.sops + inputs.home-manager-config + ]; + users = (builtins.mapAttrs + (name: user: (lib.mkMerge [ + (inputs.${user.username} { config = config.home-manager.users.${user.username}; inherit lib; }) + ] ++ user.home-manager.extraModules)) + (builtins.removeAttrs + config.sysconfig.users + (builtins.partition + (name: config.sysconfig.users.${name}.home-manager.enable == true) + (builtins.attrNames config.sysconfig.users) + ).wrong + ) + ); + }; + }; +}