vinzenz/nixos-configuration
0
0
Fork 0
mirror of https://github.com/kaesaecracker/nixos-configuration.git synced 2025-01-18 18:40:14 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

split server desktop, move stuff

Browse source
This commit is contained in:
Vinzenz Schroeter 2023-09-11 19:16:26 +02:00
parent 69026cb461
commit 5e9a74280e
19 changed files with 107 additions and 127 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
helpers/default.nix
View file

@ -1,7 +0,0 @@
{lib, ...}: {
mkIfElse = p: yes: no:
lib.mkMerge [
(lib.mkIf p yes)
(lib.mkIf (!p) no)
];
}

6
hetzner-vpn1.nix
View file

@ -1,14 +1,14 @@
{...}: {
imports = [
./modules
(import ./hardware "hetzner-vpn1")
./modules/server
(import ./modules/hardware "hetzner-vpn1")
];
config = {
my = {
desktop.enable = false;
server.enable = true;
};
users.users.root.openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf''
];

55
modules/default.nix
View file

@ -1,55 +0,0 @@
{
config,
pkgs,
...
}: let
cfg = config.my;
helpers = import ../helpers;
in {
imports = [
./home
./desktop
./i18n.nix
./nixpkgs.nix
];
config = {
networking = {
networkmanager.enable = true;
firewall.enable = true;
};
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
settings = {
# PermitRootLogin = "no"; # this is managed through authorized keys
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
systemd.extraConfig = ''
DefaultTimeoutStopSec=12s
'';
programs = {
zsh.enable = true;
git = {
enable = true;
package = pkgs.gitFull;
};
};
environment = {
pathsToLink = ["/share/zsh"];
systemPackages = with pkgs; [
lm_sensors
tldr
ncdu
];
};
};
}

74
modules/desktop/default.nix
View file

@ -7,8 +7,13 @@
cfg = config.my.desktop;
in {
imports = [
<home-manager/nixos>
./gnome.nix
./kde.nix
./i18n.nix
./nixpkgs.nix
./vinzenz.nix
./ronja.nix
];
options.my.desktop = {
@ -16,6 +21,9 @@ in {
};
config = lib.mkIf cfg.enable {
home-manager.useUserPackages = true;
home-manager.useGlobalPkgs = true;
services = {
# Enable the X11 windowing system / wayland depending on DE
xserver.enable = true;
@ -23,7 +31,15 @@ in {
# Enable CUPS to print documents.
printing.enable = true;
openssh.settings.PermitRootLogin = "no";
# Enable the OpenSSH daemon.
openssh = {
enable = true;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
};
# Enable sound with pipewire.
@ -46,20 +62,48 @@ in {
};
# unblock kde connect / gsconnect
networking.firewall = {
allowedTCPPortRanges = [
{
# KDE Connect
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = [
{
# KDE Connect
from = 1714;
to = 1764;
}
networking = {
networkmanager.enable = true;
firewall.enable = true;
firewall = {
allowedTCPPortRanges = [
{
# KDE Connect
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = [
{
# KDE Connect
from = 1714;
to = 1764;
}
];
};
};
systemd.extraConfig = ''
DefaultTimeoutStopSec=12s
'';
programs = {
zsh.enable = true;
git = {
enable = true;
package = pkgs.gitFull;
};
};
environment = {
pathsToLink = ["/share/zsh"];
systemPackages = with pkgs; [
lm_sensors
tldr
ncdu
];
};
};

10
modules/desktop/gnome.nix
View file

@ -4,7 +4,9 @@
lib,
...
}: let
cfg = config.my.gnome;
desktopCfg = config.my.desktop;
cfg = desktopCfg.gnome;
applyGnomeUserSettings = {
home.packages = with pkgs; [
gnome.gpaste
@ -17,7 +19,7 @@
};
};
in {
options.my.gnome = {
options.my.desktop.gnome = {
enable = lib.mkEnableOption "gnome desktop";
};
@ -56,8 +58,8 @@ in {
];
home-manager.users = {
vinzenz = lib.mkIf config.my.home.vinzenz.enable applyGnomeUserSettings;
ronja = lib.mkIf config.my.home.ronja.enable applyGnomeUserSettings;
vinzenz = lib.mkIf desktopCfg.vinzenz.enable applyGnomeUserSettings;
ronja = lib.mkIf desktopCfg.ronja.enable applyGnomeUserSettings;
};
};
}

0
modules/i18n.nix → modules/desktop/i18n.nix
View file

9
modules/desktop/kde.nix
View file

@ -4,7 +4,8 @@
lib,
...
}: let
cfg = config.my.kde;
desktopCfg = config.my.desktop;
cfg = desktopCfg.kde;
applyKdeUserSettings = {
home = {
@ -17,7 +18,7 @@
};
};
in {
options.my.kde = {
options.my.desktop.kde = {
enable = lib.mkEnableOption "KDE desktop";
};
@ -56,8 +57,8 @@ in {
};
home-manager.users = {
vinzenz = lib.mkIf config.my.home.vinzenz.enable applyKdeUserSettings;
ronja = lib.mkIf config.my.home.ronja.enable applyKdeUserSettings;
vinzenz = lib.mkIf desktopCfg.vinzenz.enable applyKdeUserSettings;
ronja = lib.mkIf desktopCfg.ronja.enable applyKdeUserSettings;
};
};
}

0
modules/nixpkgs.nix → modules/desktop/nixpkgs.nix
View file

5
modules/home/ronja.nix → modules/desktop/ronja.nix
View file

@ -5,9 +5,9 @@
...
}:
with lib; let
cfg = config.my.home.ronja;
cfg = config.my.desktop.ronja;
in {
options.my.home.ronja = {
options.my.desktop.ronja = {
enable = lib.mkEnableOption "user ronja";
};
@ -21,7 +21,6 @@ in {
};
# home manager
my.home.enable = true;
home-manager.users.ronja = {
config,
pkgs,

5
modules/home/vinzenz.nix → modules/desktop/vinzenz.nix
View file

@ -4,9 +4,9 @@
lib,
...
}: let
cfg = config.my.home.vinzenz;
cfg = config.my.desktop.vinzenz;
in {
options.my.home.vinzenz = {
options.my.desktop.vinzenz = {
enable = lib.mkEnableOption "user vinzenz";
};
@ -20,7 +20,6 @@ in {
};
# home manager
my.home.enable = true;
home-manager.users.vinzenz = {
config,
pkgs,

0
hardware/common-desktop.nix → modules/hardware/common-desktop.nix
View file

0
hardware/default.nix → modules/hardware/default.nix
View file

0
hardware/hetzner-vpn1.nix → modules/hardware/hetzner-vpn1.nix
View file

0
hardware/vinzenz-lpt.nix → modules/hardware/vinzenz-lpt.nix
View file

0
hardware/vinzenz-pc2.nix → modules/hardware/vinzenz-pc2.nix
View file

25
modules/home/default.nix
View file

@ -1,25 +0,0 @@
{
config,
pkgs,
lib,
...
}: let
cfg = config.my.home;
in {
imports =
[
./vinzenz.nix
./ronja.nix
# enable home manager
]
++ lib.optional (builtins.pathExists <home-manager/nixos>) <home-manager/nixos>;
options.my.home = {
enable = lib.mkEnableOption "my home management";
};
config = lib.mkIf cfg.enable {
home-manager.useUserPackages = true;
home-manager.useGlobalPkgs = true;
};
}

20
modules/server/default.nix
View file

@ -14,13 +14,25 @@ in {
config = lib.mkIf cfg.enable {
services = {
services.openssh.enable = true;
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
settings = {
# PermitRootLogin = "no"; # this is managed through authorized keys
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
};
programs = {
git.enable = true;
zsh.enable = true;
};
networking.firewall = {
enable = true;
allowedTCPPortRanges = [
{
# ssh
@ -29,5 +41,11 @@ in {
}
];
};
environment = {
systemPackages = with pkgs; [
ncdu
];
};
};
}

11
vinzenz-lpt.nix
View file

@ -1,13 +1,16 @@
{...}: {
imports = [
./modules
(import ./hardware "vinzenz-lpt")
./modules/desktop
(import ./modules/hardware "vinzenz-lpt")
];
config = {
my = {
gnome.enable = true;
home.vinzenz.enable = true;
desktop = {
enable = true;
gnome.enable = true;
vinzenz.enable = true;
};
};
services.flatpak.enable = true;

7
vinzenz-pc2.nix
View file

@ -1,13 +1,14 @@
{...}: {
imports = [
./modules
(import ./hardware "vinzenz-pc2")
(import ./modules/hardware "vinzenz-pc2")
];
config = {
my = {
kde.enable = true;
home = {
desktop = {
enable = true;
kde.enable = true;
vinzenz.enable = true;
ronja.enable = true;
};