dedicated-settings-file #3

Merged
servostar merged 7 commits from dedicated-settings-file into main 2023-12-15 19:56:43 +00:00
16 changed files with 219 additions and 76 deletions

View File

@ -1,8 +1,10 @@
{ lib, ... }:
let
settings = import ./../settings.nix;
in
{
imports = [
./java.nix
./dotnet.nix
./printing.nix
./xdg.nix
];
imports = lib.optionals settings.printing.enable [ ./printing.nix ]
++ lib.optionals settings.xdg.enable [ ./xdg.nix ]
++ lib.optionals settings.java [ ./java.nix ]
++ lib.optionals settings.dotnet [ ./dotnet.nix ];
}

View File

@ -1,13 +1,24 @@
{ pkgs, config, ... }: {
services.printing.enable = true;
services.avahi.enable = true;
# for a WiFi printer
services.avahi.openFirewall = true;
services.avahi.nssmdns = false; # Use the settings from below
# settings from avahi-daemon.nix where mdns is replaced with mdns4
system.nssModules = pkgs.lib.optional (!config.services.avahi.nssmdns) pkgs.nssmdns;
system.nssDatabases.hosts = with pkgs.lib; optionals (!config.services.avahi.nssmdns) (mkMerge [
(mkBefore [ "mdns4_minimal [NOTFOUND=return]" ]) # before resolve
(mkAfter [ "mdns4" ]) # after dns
]);
{ pkgs, lib, config, ... }:
let
settings = import ./../settings.nix;
in
{
config = lib.mkMerge [
{
services.printing.enable = true;
}
# Avahi daemon
(lib.mkIf settings.printing.avahi {
services.avahi.enable = true;
# for a WiFi printer
services.avahi.openFirewall = true;
services.avahi.nssmdns = false; # Use the settings from below
# settings from avahi-daemon.nix where mdns is replaced with mdns4
system.nssModules = pkgs.lib.optional (!config.services.avahi.nssmdns) pkgs.nssmdns;
system.nssDatabases.hosts = with pkgs.lib; optionals (!config.services.avahi.nssmdns) (mkMerge [
(mkBefore [ "mdns4_minimal [NOTFOUND=return]" ]) # before resolve
(mkAfter [ "mdns4" ]) # after dns
]);
})
];
}

View File

@ -1,15 +1,12 @@
{ pkgs, config, ... }: {
{ pkgs, ... }:
let
settings = import ./../settings.nix;
in
{
xdg.portal = {
enable = true;
extraPortals = [
pkgs.xdg-desktop-portal-gtk
pkgs.xdg-desktop-portal-kde
];
extraPortals = settings.xdg.extraPortals;
};
environment.systemPackages = with pkgs; [
pkgs.xdg-desktop-portal-gtk
pkgs.xdg-desktop-portal-kde
];
environment.systemPackages = settings.xdg.extraPortals;
}

View File

@ -1,10 +1,12 @@
{ pkgs, lib, config, ... }:
let
settings = import ./../settings.nix;
in
{
imports = [
./language-server.nix
./dotnet.nix
./docker-rootless.nix
./platformio.nix
./qemu.nix
./latex.nix
];
imports = lib.optionals settings.dev.lsp.enable [ ./lsp.nix ]
++ lib.optionals settings.virtualisation.docker-rootless.enable [ ./docker-rootless.nix ]
++ lib.optionals settings.virtualisation.qemu.enable [ ./qemu.nix ]
++ lib.optionals settings.dev.platformio [ ./platformio.nix ]
++ lib.optionals settings.dev.latex [ ./latex.nix ]
++ lib.optionals settings.dev.dotnet [ ./dotnet.nix ];
}

View File

@ -1,9 +1,13 @@
{ pkgs, config, ... }: {
{ pkgs, config, ... }:
let
settings = import ./../settings.nix;
in
{
# enable rootless docker for more security
virtualisation.docker.rootless = {
enable = true;
setSocketVariable = true;
};
# regulary clean unused docker images
virtualisation.docker.autoPrune.enable = true;
virtualisation.docker.autoPrune.enable = settings.virtualisation.docker-rootless.autoPrune;
}

View File

@ -1,10 +0,0 @@
{ pkgs, config, ... }: {
# various language server used by IDEs and by my Neovim config
environment.systemPackages = with pkgs; [
shellcheck
lua-language-server
pyright
arduino-language-server
clang
];
}

13
dev/lsp.nix Normal file
View File

@ -0,0 +1,13 @@
{ pkgs, lib, ... }:
let
settings = import ./../settings.nix;
in
{
# various language server used by IDEs and by Neovim lsp-config
environment.systemPackages = with pkgs;
lib.optionals settings.dev.lsp.shellcheck [ shellcheck ]
++ lib.optionals settings.dev.lsp.luals [ lua-language-server ]
++ lib.optionals settings.dev.lsp.pyright[ pyright ]
++ lib.optionals settings.dev.lsp.arduino [ arduino-language-server ]
++ lib.optionals settings.dev.lsp.clangd [ clang ];
}

View File

@ -1,10 +1,14 @@
{ pkgs, config, ... }: {
{ pkgs, config, ... }:
let
settings = import ./../settings.nix;
in
{
# KVM
virtualisation.libvirtd.enable = true;
# programs.virt-manager.enable = true; # after 23.11
programs.virt-manager.enable = settings.virtualisation.qemu.virt-manager; # after 23.11
# only before 23.11
environment.systemPackages = (with pkgs; [
virt-manager
]);
# environment.systemPackages = (with pkgs; [
# virt-manager
# ]);
}

View File

@ -1,8 +1,12 @@
{ lib, ... }:
let
settings = import ./../settings.nix;
in
{
imports = [
./bluray.nix
./dvd.nix
./yubikey.nix
./wireguard.nix
];
# Optionally import modules for non-essential extras
imports =
lib.optionals settings.hardware.yubikey.enable [ ./yubikey.nix ]
++ lib.optionals settings.dvd [ ./dvd.nix ]
++ lib.optionals settings.bluray [ ./bluray.nix ]
++ lib.optionals settings.networking.wireguard [ ./wireguard.nix ];
}

View File

@ -1,12 +1,16 @@
{ pkgs, config, ... }: {
{ pkgs, lib, ... }:
let
settings = import ./../settings.nix;
in
{
services.pcscd.enable = true; # enable support for smart cards
environment.systemPackages = with pkgs; [
# Yubikey stuff
yubioath-flutter # Yubico authentictor app for managing accounts
yubikey-manager # CLI tool for ykman
yubikey-manager-qt # GUI tool for ykman
pcsclite
];
environment.systemPackages = with pkgs; [ pcsclite ]
# Yubico authentictor app for managing accounts
++ (lib.optionals settings.hardware.yubikey.authenticator [ yubioath-flutter ])
# ykman CLI and Qt-GUI
++ (lib.optionals settings.hardware.yubikey.ykman [
yubikey-manager # CLI tool for ykman
yubikey-manager-qt # GUI tool for ykman
]);
}

View File

@ -1,6 +1,10 @@
{ lib, ... }:
let
settings = import ./../settings.nix;
in
{
imports = [
./steam.nix
./prismlauncher.nix
];
# Optionally import modules for game launchers, games or compatability layers
imports =
lib.optionals settings.games.prismlauncher [ ./prismlauncher.nix ]
++ lib.optionals settings.games.steam [ ./steam.nix ];
}

View File

@ -1,8 +1,14 @@
{ pkgs, config, ... }: {
{ pkgs, lib, ... }:
{
# Adapted from: https://github.com/NixOS/nixos-hardware/blob/master/common/gpu/amd/default.nix
# Make the kernel use the correct driver early
boot.initrd.kernelModules = [ "amdgpu" ];
# Make sure Xserver uses the `amdgpu` driver
services.xserver.enable = true;
services.xserver.videoDrivers = [ "amdgpu" ];
# For 32 bit applications
hardware.opengl.driSupport32Bit = true;
@ -12,6 +18,11 @@
rocmPackages.clr.icd
];
# For 32 bit applications
hardware.opengl.extraPackages32 = with pkgs; [
driversi686Linux.amdvlk
];
environment.systemPackages = with pkgs; [
nvtop-amd
clinfo

View File

@ -1,5 +1,11 @@
{ lib, ... }:
let
settings = import ./../settings.nix;
in
{
imports = [
./amdgpu.nix
];
# Optionally import modules for specific hardware
imports =
lib.optionals settings.hardware.amdgpu [ ./amdgpu.nix ]
++ lib.optionals settings.hardware.intelgpu [ ./intelgpu.nix ]
++ lib.optionals settings.hardware.nvidiagpu [ ./nvidiagpu.nix ];
}

16
hardware/intelgpu.nix Normal file
View File

@ -0,0 +1,16 @@
{ pkgs, lib, ... }:
{
# Excerpt: https://github.com/NixOS/nixos-hardware/blob/master/common/gpu/intel/default.nix
boot.initrd.kernelModules = [ "i915" ];
environment.variables = {
VDPAU_DRIVER = lib.mkIf config.hardware.opengl.enable (lib.mkDefault "va_gl");
};
hardware.opengl.extraPackages = with pkgs; [
(if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then vaapiIntel else intel-vaapi-driver)
libvdpau-va-gl
intel-media-driver
];
}

8
hardware/nvidia.nix Normal file
View File

@ -0,0 +1,8 @@
{ pkgs, lib, ... }:
{
# Excerpt from: https://github.com/NixOS/nixos-hardware/blob/master/common/gpu/nvidia/default.nix
services.xserver.videoDrivers = lib.mkDefault [ "nvidia" ];
hardware.opengl.extraPackages = with pkgs; [
vaapiVdpau
];
}

67
settings.nix Normal file
View File

@ -0,0 +1,67 @@
with import <nixpkgs> {}; {
hardware = {
# support for GPUs
amdgpu = true;
intelgpu = false;
nvidiagpu = false;
# support for yubikey and additional software
yubikey = {
enable = true;
# additional software
ykman = false;
authenticator = true; # flutter yubico authenticator
};
};
virtualisation = {
docker-rootless = {
enable = true;
autoPrune = true;
};
qemu = {
enable = true;
virt-manager = true;
};
};
dev = {
platformio = true;
latex = true;
dotnet = false;
lsp = {
enable = true;
# various language server
shellcheck = true;
luals = true;
pyright = true;
arduino = true;
clangd = true;
};
};
dvd = true; # enable DVD decryption + ripping via Handbrake
bluray = true; # enable Bluray decryption (requires additional setup)
printing = {
enable = true;
avahi = true;
};
xdg = {
enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-gtk
xdg-desktop-portal-kde
];
};
java = true;
dotnet = true;
networking = {
wireguard = true; # enable wireguard protocol
};
games = {
prismlauncher = true;
steam = true;
};
}