(wip) add initial k3s role definition

flake.nix

@@ -55,12 +55,13 @@
       system = "x86_64-linux";
       modules = baseModules ++ [
         ./machines/boxy/configuration.nix
-        inputs.home-manager.nixosModules.home-manager
+        # inputs.home-manager.nixosModules.home-manager
-        {
+        # {
-          home-manager.users.johno = import ./home/home-default.nix;
+        #   home-manager.users.johno = import ./home/home-default.nix;
-          home-manager.extraSpecialArgs.customPkgs =
+        #   home-manager.extraSpecialArgs.customPkgs =
-            nixpkgs.legacyPackages."${system}".callPackage ./packages {};
+        #     nixpkgs.legacyPackages."${system}".callPackage ./packages {};
-        }
+        #     customPkgs = nixpkgs.legacyPackages."${system}".callPackage ./packages {};
+        # }
       ];
     };
   };

home/home-default.nix

@@ -186,6 +186,15 @@
     package = pkgs.kdePackages.kdeconnect-kde;
   };
 
+  services.spotifyd = {
+    enable = true;
+    settings = {
+      global = {
+        username = "johnogle222";
+      };
+    };
+  };
+
   services.syncthing = {
     enable = true;
     tray = {

home/modules/i3+sway/default.nix

@@ -6,13 +6,13 @@ let
   cfg = config.home.i3_sway;
   i3_cfg = config.xsession.windowManager.i3.config;
 
-  shared_config = recursiveUpdate rec {
+  shared_config = recursiveUpdate {
     modifier = "Mod4";
     terminal = "kitty";
     defaultWorkspace = "workspace number 1";
 
     keybindings = {
-      "${shared_config.modifier}+Return" = "exec ${terminal}";
+      "${shared_config.modifier}+Return" = "exec ${i3_cfg.terminal}";
       "${shared_config.modifier}+Shift+q" = "kill";
       "${shared_config.modifier}+d" = "exec ${i3_cfg.menu}";
 

machines/boxy/configuration.nix

@@ -17,13 +17,8 @@ with lib;
     kodi = {
       enable = true;
       autologin = true;
-      wayland = true;
+      wayland = false;
     };
-    spotifyd = {
-      enable = true;
-      deviceType = "t_v";
-    };
-    users.enable = true;
   };
 
   # Use the systemd-boot EFI boot loader.
@@ -34,7 +29,7 @@ with lib;
 
   hardware.graphics.enable = true;
 
-  services.displayManager.enable = mkForce false;
+  #services.displayManager.enable = mkForce false;
 
   # This option defines the first version of NixOS you have installed on this particular machine,
   # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.

machines/z790prors/configuration.nix

@@ -19,7 +19,6 @@
     kodi.enable = true;
     nfs-mounts.enable = true;
     printing.enable = true;
-    spotifyd.enable = true;
     users = {
       enable = true;
       extraGroups = [ "input" "libvirtd" ];

machines/z790prors/hardware-configuration.nix

@@ -20,8 +20,6 @@
 
   hardware.graphics.enable = true;
   services.xserver.videoDrivers = ["nvidia"];
-  services.xserver.screenSection = ''Option "metamodes" "3440x1440_165 +0+0"'';
-  services.xserver.enableTearFree = true;
   hardware.nvidia = {
     modesetting.enable = true;
     powerManagement.enable = false;

roles/audio/default.nix

@@ -10,18 +10,19 @@ in
     enable = mkEnableOption "Enable the audio role";
   };
 
-  config = mkIf cfg.enable
+  config =
     {
       environment.systemPackages = with pkgs; [
-        alsa-utils
         paprefs
         pavucontrol
         pulsemixer
       ];
 
-      hardware.pulseaudio.enable = true;
+      services.pipewire = {
+        enable = true;
+        pulse.enable = true;
+      };
       hardware.pulseaudio.package = pkgs.pulseaudioFull;
-      hardware.pulseaudio.support32Bit = true;
       hardware.pulseaudio.extraConfig = "
         load-module module-combine-sink
         load-module module-switch-on-connect

roles/bluetooth/default.nix

@@ -10,7 +10,7 @@ in
     enable = mkEnableOption "Enable the bluetooth role";
   };
 
-  config = mkIf cfg.enable
+  config =
     {
       hardware.bluetooth.enable = true;
       hardware.bluetooth.powerOnBoot = true;

roles/default.nix

@@ -1,7 +1,10 @@
-{ lib, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 
 with lib;
 
+let
+  cfg = config.roles;
+in
 {
   imports = [
     ./audio
@@ -11,11 +14,14 @@ with lib;
     ./nfs-mounts
     ./printing
     ./secrets
-    ./spotifyd
     ./users
     ./virtualisation
   ];
 
+  options.roles = {
+    enable = mkEnableOption "Enable roles";
+  };
+
   config = {
     i18n.defaultLocale = "en_US.UTF-8";
     i18n.extraLocaleSettings = {
@@ -58,6 +64,9 @@ with lib;
         substituters = [
           "https://hyprland.cachix.org"
         ];
+        trusted-public-keys = [
+          "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
+        ];
       };
     };
 

roles/desktop/default.nix

@@ -37,7 +37,7 @@ in
     };
   };
 
-  config = mkIf cfg.enable
+  config =
     {
       services.xserver.xkb = {
         layout = "us";

roles/k3s/default.nix

@@ -0,0 +1,32 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.k3s;
+in
+{
+  options.roles.k3s = {
+    enable = mkEnableOption "Enable the k3s role";
+  };
+
+  config =
+    {
+      networking.firewall.allowedTCPPorts = [
+        6443 # k3s: required so that pods can reach the API server (running on port 6443 by default)
+        2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration
+        2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration
+      ];
+      networking.firewall.allowedUDPPorts = [
+        8472 # k3s, flannel: required if using multi-node for inter-node networking
+      ];
+      services.k3s.enable = true;
+      services.k3s.role = "server";
+      services.k3s.tokenFile = "";
+      services.k3s.serverAddr = "https://10.0.0.222:6443";
+      services.k3s.extraFlags = toString [
+        # "--debug" # Optionally add additional args to k3s
+      ];
+      services.k3s.gracefulNodeShutdown.enable = true;
+    };
+}

roles/kodi/default.nix

@@ -25,8 +25,7 @@ in
       steam-library
       youtube
     ]);
-  in mkIf cfg.enable
+  in {
-    {
     users.extraUsers.kodi.isNormalUser = true;
 
     networking.firewall = {
@@ -34,21 +33,14 @@ in
       allowedUDPPorts = [ 8080 ];
     };
 
-      services = if cfg.autologin then mkMerge [
+    services = mkIf cfg.autologin {
-        (mkIf cfg.wayland {
       cage = mkIf cfg.wayland {
         user = "kodi";
         program = "${kodiPkg}/bin/kodi-standalone";
         enable = true;
       };
-          xserver = {
-            enable = false;
-            autorun = false;
-          };
-        })
 
-        (mkIf (!cfg.wayland) {
+      xserver = mkIf (!cfg.wayland) {
-          xserver = {
         enable = true;
         desktopManager.kodi = {
           enable = true;
@@ -58,14 +50,14 @@ in
           enable = true;
           greeter.enable = false;
         };
+	displayManager.sddm.enable = mkForce false;
       };
-          displayManager = {
+      displayManager = mkIf (!cfg.wayland) {
         autoLogin.enable = true;
         autoLogin.user = "kodi";
         defaultSession = "kodi";
         sessionData.autologinSession = "kodi";
       };
-        })
+    };
-      ] else {};
   };
 }

roles/nfs-mounts/default.nix

@@ -16,8 +16,7 @@ in
     };
   };
 
-  config = mkIf cfg.enable
+  config = {
-    {
     fileSystems."/media" = {
       device = "10.0.0.43:/media";
       fsType = "nfs";

roles/printing/default.nix

@@ -2,16 +2,12 @@
 
 with lib;
 
-let
-  cfg = config.roles.printing;
-in
 {
   options.roles.printing = {
     enable = mkEnableOption "Enable default printing setup";
   };
 
-  config = mkIf cfg.enable
+  config = {
-    {
     services.printing.enable = true;
 
     services.avahi = {

roles/spotifyd/default.nix

@@ -1,51 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-  cfg = config.roles.spotifyd;
-  spotifyd = pkgs.spotifyd.override { withMpris = true; withPulseAudio = true; };
-  spotifydConf = pkgs.writeText "spotifyd-config" ''
-    [global]
-    backend = "pulseaudio"
-    bitrate = 320
-    use_mpris = false
-    zeroconf_port = 5354
-    autoplay = false
-    device_type = "${cfg.deviceType}"
-  '';
-in
-{
-  options.roles.spotifyd = {
-    enable = mkEnableOption "Enable the spotifyd role";
-    deviceType = mkOption {
-      default = "computer";
-    };
-  };
-
-  config = mkIf cfg.enable
-    {
-      roles.audio.enable = true;
-
-      systemd.user.services.spotifyd = {
-        enable = true;
-        wantedBy = [ "default.target" ];
-        after = [ "network-online.target" "sound.target" ];
-        description = "spotifyd, a Spotify playing daemon";
-        serviceConfig = {
-          ExecStart = "${spotifyd}/bin/spotifyd --no-daemon --cache-path=\${HOME}/.cache/spotifyd --config-path=${spotifydConf}";
-          Restart = "always";
-          RestartSec = 12;
-        };
-      };
-      users.users."kodi".linger = true;
-
-      networking.firewall.allowedTCPPorts = [
-        5354
-        57621
-      ];
-      networking.firewall.allowedUDPPorts = [
-        5353
-      ];
-    };
-}

roles/users/default.nix

@@ -21,7 +21,7 @@ in
     kidsPackages = with pkgs; [
       firefox
     ];
-  in mkIf cfg.enable {
+  in {
     users.users.johno = {
       isNormalUser = true;
       description = "John Ogle";

roles/virtualisation/default.nix

@@ -2,16 +2,12 @@
 
 with lib;
 
-let
-  cfg = config.roles.virtualisation;
-in
 {
   options.roles.virtualisation = {
     enable = mkEnableOption "Enable virtualisation";
   };
 
-  config = mkIf cfg.enable
+  config = {
-    {
     virtualisation.libvirtd.enable = true;
     programs.virt-manager.enable = true;
   };