jsw/NiksOS
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #3 from jsw08/desktop-option-expansion

Browse source 
Desktop option expansion
This commit is contained in:
Jurn Wubben 2025-05-24 15:11:44 +02:00 committed by Jurn Wubben
commit 268fb0609f
54 changed files with 441 additions and 362 deletions
Download patch file Download diff file Expand all files Collapse all files

1
system/core/default.nix
View file

@ -3,5 +3,6 @@
./boot.nix
./users.nix
./defaultPackages.nix
./networking.nix
];
}

2
system/core/defaultPackages.nix
View file

@ -4,8 +4,10 @@
...
}: {
environment.defaultPackages = [
pkgs.git # We need git for flakes
pkgs.neovim
inputs.agenix.packages.${pkgs.system}.default
pkgs.rsync
]; # Still have to be able to edit configs.
environment.sessionVariables = {EDITOR = "nvim";};
}

7
system/network/default.nix → system/core/networking.nix
View file

@ -1,11 +1,6 @@
# networking configuration
{pkgs, ...}: {
imports = [
./avahi.nix
./tailscale.nix
./wireguard.nix
];
#FIXME:
networking = {
# use quad9 with DNS over TLS
nameservers = ["9.9.9.9#dns.quad9.net"];

2
system/default.nix
View file

@ -2,10 +2,10 @@
imports = [
./core
./hardware
./network
./nix
./programs
./server
./services
./desktop
];
}

33
system/desktop/default.nix Normal file
View file

@ -0,0 +1,33 @@
{
config,
lib,
...
}: let
mkEO = lib.mkEnableOption;
cfg = config.niksos.desktop;
inherit (lib) mkIf optional;
in {
imports = [
./greetd.nix
./hyprland.nix
./pipewire.nix
./plasma6.nix
./polkit.nix
./xdg.nix
];
options.niksos.desktop = {
enable = mkEO "enable desktop related programs.";
hyprland = mkEO "enable hyprland related programs.";
kde = mkEO "enable kde specialisation.";
};
config.assertions = mkIf (cfg.hyprland
|| cfg.kde) [
{
assertion = cfg.enable;
message = "You need to enable desktop for the hyprland/kde module to work";
}
];
}

6
system/services/greetd.nix → system/desktop/greetd.nix
View file

@ -2,8 +2,10 @@
config,
lib,
...
}: {
config = lib.mkIf config.niksos.desktop {
}: let
cfg = config.niksos.desktop.enable && config.niksos.desktop.hyprland;
in {
config = lib.mkIf cfg {
# greetd display manager
services.greetd = let
session = {

16
system/desktop/hyprland.nix Normal file
View file

@ -0,0 +1,16 @@
{
config,
pkgs,
lib,
...
}: let
cfg = config.niksos.desktop.enable && config.niksos.desktop.hyprland;
in {
config = lib.mkIf cfg {
programs.hyprland = {
enable = true;
withUWSM = true;
};
environment.sessionVariables.NIXOS_OZONE_WL = "1"; # Makes electron apps use wayland.
};
}

6
system/services/pipewire.nix → system/desktop/pipewire.nix
View file

@ -3,8 +3,10 @@
lib,
pkgs,
...
}: {
config = lib.mkIf config.niksos.desktop {
}: let
cfg = config.niksos.desktop.enable;
in {
config = lib.mkIf cfg {
security.rtkit.enable = true;
services.pipewire = {

33
system/desktop/plasma6.nix Normal file
View file

@ -0,0 +1,33 @@
{
lib,
pkgs,
config,
...
}: let
cfg = config.niksos.desktop.enable && config.niksos.desktop.kde;
in {
config = lib.mkIf cfg {
niksos.desktop.hyprland = lib.mkForce false;
specialisation.de.configuration = {
services = {
greetd = let
session = {
command = "${pkgs.kdePackages.plasma-workspace}/bin/startplasma-wayland";
user = "jsw";
};
in {
enable = true;
settings = {
terminal.vt = 1;
default_session = session;
initial_session = session;
};
};
desktopManager.plasma6.enable = true;
};
home-manager.users.jsw.stylix.autoEnable = false;
};
};
}

22
system/desktop/polkit.nix Normal file
View file

@ -0,0 +1,22 @@
{
config,
lib,
pkgs,
...
}: let
cfg = config.niksos.desktop.enable && config.niksos.desktop.hyprland;
in {
systemd.user.services.polkit-gnome-authentication-agent-1 = lib.mkIf cfg {
description = "polkit-gnome-authentication-agent-1";
wantedBy = ["graphical-session.target"];
wants = ["graphical-session.target"];
after = ["graphical-session.target"];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
Restart = "on-failure";
RestartSec = 1;
TimeoutStopSec = 10;
};
};
}

6
system/programs/xdg.nix → system/desktop/xdg.nix
View file

@ -3,8 +3,10 @@
config,
lib,
...
}: {
xdg.portal = lib.mkIf config.niksos.desktop {
}: let
cfg = config.niksos.desktop.enable && config.niksos.desktop.hyprland;
in {
xdg.portal = lib.mkIf cfg {
enable = true;
xdgOpenUsePortal = true;
config = {

5
system/hardware/fingerprint.nix
View file

@ -10,12 +10,11 @@
foot = lib.getExe pkgs.foot;
in {
options.niksos.fingerprint = mkEnableOption "fingerprint support.";
config = mkIf fingerprint {
services.fprintd.enable = true;
home-manager.users.jsw.wayland.windowManager.hyprland.settings = mkIf desktop {
bind = [
home-manager.users.jsw.wayland.windowManager.hyprland.settings = mkIf desktop.hyprland {
bind = mkIf fingerprint [
", XF86PowerOff, exec, ${uwsm} app -- pgrep fprintd-verify && exit 0 || ${foot} -a 'foot-fprintd' sh -c 'fprintd-verify && systemctl sleep'"
];
windowrule = [

7
system/hardware/graphics.nix
View file

@ -3,14 +3,13 @@
pkgs,
lib,
...
}: let
}: let
inherit (lib) optionals mkEnableOption mkDefault;
inherit (config.niksos) graphics;
inherit (graphics) enable;
graphics = config.niksos.graphics;
enable = graphics.enable;
nvidia = graphics.enable && graphics.nvidia;
intel = graphics.enable && graphics.intel;
in {
options.niksos.graphics = {
enable = mkEnableOption "core graphics";

72
system/network/wireguard.nix
View file

@ -1,72 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
inherit (lib) mkIf optionals;
inherit (config.networking) hostName;
iptables = lib.getExe' pkgs.iptables "iptables";
port = 53;
server = "lapserv";
serverCfg = {
externalInterface = "eth0";
privateKeyFile = config.age.secrets.wg-lapserv-private.path;
publicKey = "aM+OrvByr63RxKsU9hu0A1lKJr8fPHifHDhBekkHR0c=";
publicIp = "80.242.224.170";
ip = "10.100.0.1";
};
deviceConfig = {
laptop = {
publicKey = config.age.secrets.wg-laptop-private.path;
privateKeyFile = "1su1FfHuEYIvJLaZPwpN86kmH19d/NH/zuh9DjIOyQI=";
ip = "10.100.0.2";
};
};
isServer = server == config.networking.hostName;
currentConfig =
if isServer
then serverCfg
else deviceConfig.${hostName};
in {
networking.nat = mkIf isServer {
enable = true;
inherit (serverCfg) externalInterface;
internalInterfaces = ["wg0"];
};
networking.firewall.allowedUDPPorts = [port];
networking.wireguard.interfaces.wg0 = {
inherit (currentConfig) privateKeyFile;
listenPort = port;
ips = ["${currentConfig.ip}/24"];
peers =
[]
++ (optionals isServer (builtins.concatMap (x: {
inherit (x) publicKey;
allowedIPs = ["${x.ip}/32"];
})
(builtins.attrValues
deviceConfig)))
++ (optionals (!isServer) [
{
inherit (serverCfg) publicKey;
allowedIPs = ["0.0.0.0/0"];
endpoint = "${serverCfg.publicIp}:${builtins.toString port}";
persistentKeepalive = 25;
}
]);
postSetup = mkIf isServer ''
${iptables} -t nat -A POSTROUTING -s 10.100.0.0/24 -o ${serverCfg.externalInterface} -j MASQUERADE
'';
postShutdown = mkIf isServer ''
${iptables} -t nat -D POSTROUTING -s 10.100.0.0/24 -o ${serverCfg.externalInterface} -j MASQUERADE
'';
};
}

4
system/nix/default.nix
View file

@ -9,9 +9,11 @@
./nh.nix
./nixpkgs.nix
./substituters.nix
./nix-index.nix
];
# Really annoying message when command not found
programs.command-not-found.enable = false;
# we need git for flakes
environment.systemPackages = [pkgs.git];

7
system/nix/nix-index.nix
View file

@ -1,7 +0,0 @@
{
programs.command-not-found.enable = false;
programs.nix-index = {
enable = true;
enableFishIntegration = true;
};
}

4
system/programs/default.nix
View file

@ -3,10 +3,6 @@
./fish.nix
./games.nix
./home-manager.nix
./hyprland.nix
./neovim.nix
./plasma6.nix
./polkit.nix
./xdg.nix
];
}

13
system/programs/games.nix
View file

@ -3,9 +3,17 @@
pkgs,
lib,
...
}: {
}: let
cfg = config.niksos.games;
in {
options.niksos.games = lib.mkEnableOption "gaming related stuff.";
config = lib.mkIf config.niksos.games {
config = lib.mkIf cfg {
assertions = [
{
assertion = config.niksos.desktop.enable;
message = "The games option needs desktop to be enabled for it to work properly (it enables home-manager).";
}
];
# nixpkgs.overlays = [
# (final: prev: let
# version = "1.4.2";
@ -38,7 +46,6 @@
# });
# })
# ];
users.users.jsw.packages = [pkgs.gale];
programs = {
gamescope = {

14
system/programs/home-manager.nix
View file

@ -1,13 +1,13 @@
{
inputs,
specialArgs,
lib,
config,
...
}: {
imports = [
inputs.hm.nixosModules.default
];
home-manager = {
}: let
cfg = config.niksos.desktop.enable;
in {
home-manager = lib.mkIf cfg {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = specialArgs;
@ -16,5 +16,5 @@
users.jsw = import ../../home;
};
programs.dconf.enable = true; # else gtk-managed stuff won't work
programs.dconf.enable = cfg; # else gtk-managed stuff won't work
}

19
system/programs/hyprland.nix
View file

@ -1,19 +0,0 @@
{
config,
pkgs,
lib,
...
}: {
options.niksos.desktop = lib.mkEnableOption "desktop related stuff.";
config = lib.mkIf config.niksos.desktop {
programs.hyprland = {
enable = true;
withUWSM = true;
};
environment.systemPackages = [
#FIXME: migrated to home-manager
pkgs.kitty # This is the default config's terminal and also my main one.
];
environment.sessionVariables.NIXOS_OZONE_WL = "1"; # Makes electron apps use wayland.
};
}

14
system/programs/neovim.nix
View file

@ -1,4 +1,16 @@
{lib, ...}: {
{
config,
lib,
...
}: {
options.niksos.neovim = lib.mkEnableOption "the neovim editor";
config.assertions = lib.mkIf config.niksos.neovim [
{
assertion = config.niksos.desktop.enable;
message = "The neovim option needs desktop enabled to work properly (it enables home-manager).";
}
];
# The actual config resides in NixOS/home/programs/neovim.
# NOTE: This is for the customisation of the neovim editor, which uses a lot of disk space. Barebones version will be installed anyhow.
}

33
system/programs/plasma6.nix
View file

@ -1,33 +0,0 @@
{
lib,
pkgs,
config,
...
}: {
options.niksos.kde = lib.mkEnableOption "a kde specialisation. Will enable desktop settings.";
config.specialisation.de.configuration = lib.mkIf config.niksos.kde {
niksos.desktop = lib.mkForce true;
services = {
greetd = let
session = {
command = "${pkgs.kdePackages.plasma-workspace}/bin/startplasma-wayland";
user = "jsw";
};
in {
settings = lib.mkForce {
terminal.vt = 1;
default_session = session;
initial_session = session;
};
};
desktopManager.plasma6.enable = true;
};
home-manager.users.jsw = {
stylix.autoEnable = false;
};
};
}

22
system/programs/polkit.nix
View file

@ -1,22 +0,0 @@
{
config,
lib,
pkgs,
...
}: {
systemd = {
user.services.polkit-gnome-authentication-agent-1 = lib.mkIf config.niksos.desktop {
description = "polkit-gnome-authentication-agent-1";
wantedBy = ["graphical-session.target"];
wants = ["graphical-session.target"];
after = ["graphical-session.target"];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
Restart = "on-failure";
RestartSec = 1;
TimeoutStopSec = 10;
};
};
};
}

2
system/server/bot.nix
View file

@ -49,7 +49,7 @@ in {
ExecStart = "${bash} -c 'cd ${dataDir} && deno run -A ${programDir}/src/main.ts'";
User = "dcbot";
Group = "dcbot";
Restart = "always";
Restart = "always";
};
};

0
system/network/avahi.nix → system/services/avahi.nix
View file

4
system/services/default.nix
View file

@ -1,8 +1,8 @@
{
imports = [
./greetd.nix
./tailscale.nix
./avahi.nix
./kanata.nix
./pipewire.nix
./power.nix
./ssh.nix
];

0
system/network/tailscale.nix → system/services/tailscale.nix
View file