From c61ee6950094e3c48e5be05c90e323b3f42f69e0 Mon Sep 17 00:00:00 2001 From: John Ogle Date: Sat, 7 Sep 2024 16:12:08 -0700 Subject: [PATCH] Modularize machines>roles --- flake.nix | 7 +- machines/nix-book/configuration.nix | 130 +------------ machines/z790prors/configuration.nix | 175 +----------------- machines/z790prors/hardware-configuration.nix | 20 +- roles/common/default.nix | 24 +++ roles/desktop/default.nix | 51 +++++ roles/kids/default.nix | 29 +++ roles/nfs-mounts/default.nix | 3 +- roles/nix/default.nix | 29 +++ roles/printing/default.nix | 4 + roles/users/default.nix | 8 + 11 files changed, 186 insertions(+), 294 deletions(-) create mode 100644 roles/common/default.nix create mode 100644 roles/desktop/default.nix create mode 100644 roles/kids/default.nix create mode 100644 roles/nix/default.nix create mode 100644 roles/printing/default.nix create mode 100644 roles/users/default.nix diff --git a/flake.nix b/flake.nix index e36ca29..cc48c97 100644 --- a/flake.nix +++ b/flake.nix @@ -44,9 +44,10 @@ ./machines/nix-book/configuration.nix inputs.home-manager.nixosModules.home-manager { - inputs.home-manager.useGlobalPkgs = true; - inputs.home-manager.useUserPackages = true; - inputs.home-manager.extraSpecialArgs = { inherit inputs; }; + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { inherit inputs; }; + home-manager.users.johno = import ./home/home-nix-book.nix; } ]; }; diff --git a/machines/nix-book/configuration.nix b/machines/nix-book/configuration.nix index 3c31382..b438a7f 100644 --- a/machines/nix-book/configuration.nix +++ b/machines/nix-book/configuration.nix @@ -8,38 +8,16 @@ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix + ../../roles/common/default.nix + (import ../../roles/desktop/default.nix { x11Only = false; inherit inputs; inherit pkgs; }) + ../../roles/nfs-mounts/default.nix + ../../roles/nix/default.nix + ../../roles/printing/default.nix + (import ../../roles/users/default.nix { extraGroups = []; }) + ../../roles/virtualisation/default.nix ]; - nix = { - package = pkgs.nixFlakes; - - distributedBuilds = true; - buildMachines = [{ - hostName = "z790prors.oglehome"; - system = "x86_64-linux"; - protocol = "ssh-ng"; - sshUser = "johno"; - sshKey = "/root/.ssh/id_ed25519"; - maxJobs = 3; - speedFactor = 2; - }]; - settings = { - experimental-features = [ "nix-command" "flakes" ]; - - substituters = [ - "https://hyprland.cachix.org" - #"ssh://johno@z790prors.oglehome" - ]; - - builders-use-substitutes = true; - - trusted-public-keys = [ - "arch-store:lBSsckiRVH+A2ZyZWIzPwpSFstAGXcf/d7H1lSmiFo8=" - "z790prors:2zFp1rh6cS+2aAHwmcKKkkg13LV+x2YVuAh7TCWSckw=" - "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" - ]; - }; - }; + nix.settings.secret-key-files = /root/cache-priv-key.pem; # Bootloader. boot.loader.systemd-boot.enable = true; @@ -51,38 +29,9 @@ boot.kernelPackages = pkgs.linuxPackages_latest; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Enable networking networking.networkmanager.enable = true; - # Set your time zone. - time.timeZone = "America/Los_Angeles"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "en_US.UTF-8"; - LC_IDENTIFICATION = "en_US.UTF-8"; - LC_MEASUREMENT = "en_US.UTF-8"; - LC_MONETARY = "en_US.UTF-8"; - LC_NAME = "en_US.UTF-8"; - LC_NUMERIC = "en_US.UTF-8"; - LC_PAPER = "en_US.UTF-8"; - LC_TELEPHONE = "en_US.UTF-8"; - LC_TIME = "en_US.UTF-8"; - }; - - # Configure keymap in X11 - services.xserver.xkb = { - layout = "us"; - variant = ""; - options = "caps:escape"; - }; - hardware.graphics = { enable = true; extraPackages = with pkgs; [ @@ -92,52 +41,6 @@ ]; }; - hardware.pulseaudio.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.johno = { - isNormalUser = true; - description = "John Ogle"; - extraGroups = [ "networkmanager" "wheel" "audio" ]; - packages = with pkgs; []; - }; - inputs.home-manager.users.johno = import ./home/home-nix-book.nix; - - # Enable automatic login for the user. - services.getty.autologinUser = "johno"; - - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - - virtualisation.docker.enable = true; - users.extraGroups.docker.members = [ "johno" ]; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -145,21 +48,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "24.05"; # Did you read the comment? - - - # Desktop - - programs.steam.enable = true; - - #services.xserver.enable = true; - services.displayManager = { - sddm.enable = true; - sddm.wayland.enable = true; - #defaultSession = "plasmax11"; - }; - services.desktopManager.plasma6.enable = true; - programs.hyprland = { - enable = true; - package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; - }; } diff --git a/machines/z790prors/configuration.nix b/machines/z790prors/configuration.nix index 1f88057..3372f3d 100644 --- a/machines/z790prors/configuration.nix +++ b/machines/z790prors/configuration.nix @@ -2,19 +2,20 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ inputs, config, pkgs, ... }: +{ inputs, pkgs, ... }: -let - kidsPackages = with pkgs; [ - firefox - ]; -in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix - ../../roles/virtualisation/default.nix + ../../roles/common/default.nix + (import ../../roles/desktop/default.nix { x11Only = true; inherit inputs; inherit pkgs; }) + ../../roles/kids/default.nix ../../roles/nfs-mounts/default.nix + ../../roles/nix/default.nix + ../../roles/printing/default.nix + (import ../../roles/users/default.nix { extraGroups = ["input" "libvirtd"]; }) + ../../roles/virtualisation/default.nix ]; # Use the systemd-boot EFI boot loader. @@ -22,11 +23,6 @@ in boot.loader.efi.canTouchEfiVariables = true; boot.loader.grub.useOSProber = true; - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - - # Set your time zone. - time.timeZone = "America/Los_Angeles"; - networking = { hostName = "z790prors-nix"; # Define your hostname. domain = "oglehome"; @@ -44,159 +40,8 @@ in }]; }; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - # console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # }; - - nix.settings.experimental-features = [ "nix-command" "flakes" ]; + # TODO: Figure out something with this nix.settings.secret-key-files = /root/cache-priv-key.pem; - nix.settings.max-jobs = "auto"; - nix.settings.trusted-users = [ "johno" ]; - nix.settings.substituters = [ - "https://hyprland.cachix.org" - ]; - nix.settings.trusted-public-keys = [ - "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" - ]; - - nixpkgs.config.allowUnfree = true; - - # Enable the X11 windowing system. - services.xserver.enable = true; - hardware.graphics.enable = true; - services.xserver.videoDrivers = ["nvidia"]; - hardware.nvidia = { - modesetting.enable = true; - powerManagement.enable = false; - powerManagement.finegrained = false; - open = false; - nvidiaSettings = true; - package = config.boot.kernelPackages.nvidiaPackages.production; - }; - boot.initrd.kernelModules = [ - "nvidia" - "nvidia_modeset" - "nvidia_uvm" - "nvidia_drm" - ]; - - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # TODO: Something is enabling pipewire (sunshine/moonlight maybe?) which is incompatible with pulseaudio - hardware.pulseaudio.enable = false; - - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.johno = { - isNormalUser = true; - description = "John Ogle"; - extraGroups = [ "wheel" "networkmanager" "audio" "libvirtd" "input" ]; # Enable ‘sudo’ for the user. - }; - - users.users.eli = { - isNormalUser = true; - description = "Eli"; - home = "/arch/@home/eli"; - packages = kidsPackages; - }; - - users.users.andrew = { - isNormalUser = true; - description = "Andrew"; - home = "/arch/@home/andrew"; - packages = kidsPackages; - }; - - users.users.jules = { - isNormalUser = true; - description = "Jules"; - home = "/arch/@home/jules"; - packages = kidsPackages; - }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - git - ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - - services.displayManager = { - sddm.enable = true; - sddm.wayland.enable = false; - #defaultSession = "plasmax11"; - }; - - services.desktopManager.plasma6.enable = true; - - services.xserver.windowManager.i3 = { - enable = true; - extraPackages = with pkgs; [ - dmenu - i3status - i3lock - ]; - }; - # Helps with i3. Not sure what dconf is though honestly - programs.dconf.enable = true; - - programs.kdeconnect.enable = true; - programs.hyprland = { - enable = true; - package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; - }; - - programs.java.enable = true; - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - localNetworkGameTransfers.openFirewall = true; - #package = pkgs.steam.override { - #withJava = true; - #withPrimus = true; - #extraPkgs = pkgs: [ bumblebee glxinfo ]; - #}; - }; - services.sunshine = { - enable = true; - autoStart = true; - capSysAdmin = true; - openFirewall = true; - }; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -205,6 +50,4 @@ in # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.11"; # Did you read the comment? - } - diff --git a/machines/z790prors/hardware-configuration.nix b/machines/z790prors/hardware-configuration.nix index e8561cc..456945f 100644 --- a/machines/z790prors/hardware-configuration.nix +++ b/machines/z790prors/hardware-configuration.nix @@ -1,7 +1,7 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, modulesPath, ... }: { imports = @@ -9,10 +9,26 @@ ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; + boot.initrd.kernelModules = [ + "nvidia" + "nvidia_modeset" + "nvidia_uvm" + "nvidia_drm" + ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; + hardware.graphics.enable = true; + services.xserver.videoDrivers = ["nvidia"]; + hardware.nvidia = { + modesetting.enable = true; + powerManagement.enable = false; + powerManagement.finegrained = false; + open = false; + nvidiaSettings = true; + package = config.boot.kernelPackages.nvidiaPackages.production; + }; + fileSystems."/" = { device = "/dev/disk/by-uuid/8d996d13-6d55-4524-83a2-6f6fb47a09ea"; fsType = "btrfs"; diff --git a/roles/common/default.nix b/roles/common/default.nix new file mode 100644 index 0000000..062a1db --- /dev/null +++ b/roles/common/default.nix @@ -0,0 +1,24 @@ +{ pkgs, ... }: +{ + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + time.timeZone = "America/Los_Angeles"; + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + environment.systemPackages = with pkgs; [ + vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + git + ]; +} diff --git a/roles/desktop/default.nix b/roles/desktop/default.nix new file mode 100644 index 0000000..99c2004 --- /dev/null +++ b/roles/desktop/default.nix @@ -0,0 +1,51 @@ +{ inputs, x11Only ? false, pkgs, ... }: + +{ + services.xserver.xkb = { + layout = "us"; + variant = ""; + options = "caps:escape"; + }; + services.xserver.enable = true; + services.displayManager = { + sddm.enable = true; + sddm.wayland.enable = !x11Only; + }; + services.desktopManager.plasma6.enable = true; + programs.hyprland = { + enable = !x11Only; + package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; + }; + services.xserver.windowManager.i3 = { + enable = true; + extraPackages = with pkgs; [ + dmenu + i3status + i3lock + ]; + }; + # Helps with i3. Not sure what dconf is though honestly + programs.dconf.enable = true; + + programs.kdeconnect.enable = true; + programs.java.enable = true; + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + localNetworkGameTransfers.openFirewall = true; + #package = pkgs.steam.override { + #withJava = true; + #withPrimus = true; + #extraPkgs = pkgs: [ bumblebee glxinfo ]; + #}; + }; + services.sunshine = { + enable = true; + autoStart = true; + capSysAdmin = true; + openFirewall = true; + }; + + virtualisation.docker.enable = true; + users.extraGroups.docker.members = [ "johno" ]; +} diff --git a/roles/kids/default.nix b/roles/kids/default.nix new file mode 100644 index 0000000..e6da1d5 --- /dev/null +++ b/roles/kids/default.nix @@ -0,0 +1,29 @@ +{ pkgs, ... }: + +let + kidsPackages = with pkgs; [ + firefox + ]; +in +{ + users.users.eli = { + isNormalUser = true; + description = "Eli"; + home = "/home/eli"; + packages = kidsPackages; + }; + + users.users.andrew = { + isNormalUser = true; + description = "Andrew"; + home = "/home/andrew"; + packages = kidsPackages; + }; + + users.users.jules = { + isNormalUser = true; + description = "Jules"; + home = "/home/jules"; + packages = kidsPackages; + }; +} diff --git a/roles/nfs-mounts/default.nix b/roles/nfs-mounts/default.nix index 0de1d31..91a7338 100644 --- a/roles/nfs-mounts/default.nix +++ b/roles/nfs-mounts/default.nix @@ -1,4 +1,5 @@ -{ config, ... }: +# TODO: implement requireMount +{ requireMount ? false, ... }: { fileSystems."/media" = { diff --git a/roles/nix/default.nix b/roles/nix/default.nix new file mode 100644 index 0000000..439a993 --- /dev/null +++ b/roles/nix/default.nix @@ -0,0 +1,29 @@ +{ config, pkgs, ... }: + +{ + nix = { + package = pkgs.nixFlakes; + distributedBuilds = true; + buildMachines = [{ + hostName = "z790prors.oglehome"; + system = "x86_64-linux"; + protocol = "ssh-ng"; + sshUser = "johno"; + sshKey = "/root/.ssh/id_ed25519"; + maxJobs = 3; + speedFactor = 2; + }]; + settings = { + experimental-features = [ "nix-command" "flakes" ]; + max-jobs = "auto"; + trusted-users = [ "johno" ]; + substituters = [ + "https://hyprland.cachix.org" + ]; + trusted-public-keys = [ + "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + ]; + }; + }; + nixpkgs.config.allowUnfree = true; +} diff --git a/roles/printing/default.nix b/roles/printing/default.nix new file mode 100644 index 0000000..362eb82 --- /dev/null +++ b/roles/printing/default.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + services.printing.enable = true; +} diff --git a/roles/users/default.nix b/roles/users/default.nix new file mode 100644 index 0000000..7781367 --- /dev/null +++ b/roles/users/default.nix @@ -0,0 +1,8 @@ +{ extraGroups ? [], ... }: +{ + users.users.johno = { + isNormalUser = true; + description = "John Ogle"; + extraGroups = [ "wheel" "networkmanager" "audio" ] ++ extraGroups; + }; +}