diff options
| -rw-r--r-- | config/emacs.org | 3 | ||||
| -rw-r--r-- | config/nix.org | 92 | ||||
| -rw-r--r-- | nix/flake.nix | 2 | ||||
| -rw-r--r-- | nix/modules/configuration.nix | 291 | ||||
| -rw-r--r-- | nix/modules/cuda.nix | 4 | ||||
| -rw-r--r-- | nix/modules/default.nix | 41 | ||||
| -rw-r--r-- | nix/modules/home/user.nix | 2 | ||||
| -rw-r--r-- | nix/modules/nvidia.nix | 27 | ||||
| -rw-r--r-- | nix/modules/postfix.nix | 2 | ||||
| -rw-r--r-- | nix/modules/ssh.nix | 2 | ||||
| -rw-r--r-- | nix/modules/xserver.nix | 18 | ||||
| -rw-r--r-- | nix/systems/affinity/default.nix | 15 | ||||
| -rw-r--r-- | nix/systems/affinity/home.nix | 9 | ||||
| -rw-r--r-- | nix/systems/continuity/default.nix | 2 | ||||
| -rw-r--r-- | nix/systems/continuity/home.nix | 6 | ||||
| -rw-r--r-- | nix/systems/home.nix | 11 | ||||
| -rw-r--r-- | nix/systems/spontaneity/default.nix | 4 | ||||
| -rw-r--r-- | nix/systems/spontaneity/home.nix | 6 |
18 files changed, 297 insertions, 240 deletions
diff --git a/config/emacs.org b/config/emacs.org index 76f5b95..6a9b698 100644 --- a/config/emacs.org +++ b/config/emacs.org @@ -41,10 +41,9 @@ Emacs is self documenting, after all! (make-backup-files nil "Don't make backups") (display-fill-column-indicator-column 150 "Draw a line at 100 characters") (line-spacing 2 "Default line spacing") - - ;; Editor comments (c-doc-comment-style '((c-mode . doxygen) (c++-mode . doxygen))) + :hook ((text-mode . auto-fill-mode) (text-mode . visual-line-mode) (prog-mode . auto-fill-mode) diff --git a/config/nix.org b/config/nix.org index 59d768b..1ecec87 100644 --- a/config/nix.org +++ b/config/nix.org @@ -71,7 +71,6 @@ so that adding new configurations that add modifications is made simple. sops-nix.nixosModules.sops { nixpkgs.overlays = [ nur.overlays.default ]; } { home-manager.extraSpecialArgs = attrs; } - ./systems/continuity/default.nix ]; }; @@ -86,7 +85,6 @@ so that adding new configurations that add modifications is made simple. sops-nix.nixosModules.sops { nixpkgs.overlays = [ nur.overlays.default ]; } { home-manager.extraSpecialArgs = attrs; } - ./systems/affinity/default.nix ]; }; @@ -216,10 +214,6 @@ under ~default.nix~ in the ~systems~ folder. }; config = { - home-manager.users."${config.monorepo.vars.userName}" = { - programs.home-manager.enable = config.monorepo.profiles.home.enable; - }; - environment.systemPackages = lib.mkIf config.monorepo.profiles.documentation.enable (with pkgs; [ linux-manual man-pages @@ -954,24 +948,6 @@ For my virtual machines. } #+end_src ** Home -Time for my home user configuration, which is managed by home-manager. First we start off with -this module to enter us into the home-manager namespace: -#+begin_src nix :tangle ../nix/modules/home/home.nix -{ config, sops-nix, ... }: -{ - home-manager = { - sharedModules = [ - sops-nix.homeManagerModules.sops - ]; - useGlobalPkgs = true; - useUserPackages = true; - users."${config.monorepo.vars.userName}" = import ./default.nix; - }; -} -#+end_src -as you can see, we import default.nix which puts us in the home-manager namespace. Everything -in the top level from now on will implicitly be located at -~users."${config.monorepo.vars.userName}".xxxxx~, and we will look at default.nix next. *** Default Home Profile As you can see, I have my installed home packages installed based on the profiles enabled. Also, I have many imports that we'll go through next. @@ -2610,6 +2586,22 @@ for these configurations. } #+end_src * Systems +** Home +This module dynamically imports the correct corresponding home.nix at +the path. +#+begin_src nix :tangle ../nix/systems/home.nix + { config, sops-nix, ... }: + { + home-manager = { + sharedModules = [ + sops-nix.homeManagerModules.sops + ]; + useGlobalPkgs = true; + useUserPackages = true; + users."${config.monorepo.vars.userName}" = import (./. + "/${config.monorepo.vars.hostName}/home.nix"); + }; + } +#+end_src ** Continuity This is pretty understandable, if you understand all the above. #+begin_src nix :tangle ../nix/systems/continuity/default.nix @@ -2617,8 +2609,19 @@ This is pretty understandable, if you understand all the above. { imports = [ ../../modules/default.nix - ../../modules/home/home.nix ../../modules/sda-simple.nix + ../home.nix + ]; + } +#+end_src +*** Home +Each system has a corresponding home configuration in order to set +monorepo home options. +#+begin_src nix :tangle ../nix/systems/continuity/home.nix + { lib, config, pkgs, ... }: + { + imports = [ + ../../modules/home/default.nix ]; } #+end_src @@ -2630,17 +2633,30 @@ as several other useful services. { imports = [ ../../modules/default.nix - ../../modules/home/home.nix ../../modules/nvme-simple.nix + ../home.nix ]; - config.monorepo = { - profiles = { - server.enable = true; - cuda.enable = true; + config = { + monorepo = { + profiles = { + server.enable = true; + cuda.enable = true; + }; + vars.hostName = "affinity"; }; - vars.hostName = "affinity"; }; - config.home-manager.users."${config.monorepo.vars.userName}".monorepo.profiles.cuda.enable = true; + } +#+end_src +*** Home +#+begin_src nix :tangle ../nix/systems/affinity/home.nix + { lib, config, pkgs, ... }: + { + imports = [ + ../../modules/home/default.nix + ]; + config.monorepo = { + profiles.cuda.enable = true; + }; } #+end_src ** Spontaneity @@ -2651,17 +2667,27 @@ Spontaneity is my VPS instance. imports = [ ../../modules/default.nix ../../modules/vda-simple.nix + ../home.nix ]; + config.monorepo = { profiles = { server.enable = true; ttyonly.enable = true; - home.enable = false; }; vars.hostName = "spontaneity"; }; } #+end_src +*** Home +#+begin_src nix :tangle ../nix/systems/spontaneity/home.nix + { lib, config, pkgs, ... }: + { + imports = [ + ../../modules/home/default.nix + ]; + } +#+end_src ** Installer My installer installs my systems almost completely without interaction. You can also make them install the exact version of the system that you want it to by pinning the commits to make it diff --git a/nix/flake.nix b/nix/flake.nix index 950e86a..39606b4 100644 --- a/nix/flake.nix +++ b/nix/flake.nix @@ -51,7 +51,6 @@ sops-nix.nixosModules.sops { nixpkgs.overlays = [ nur.overlays.default ]; } { home-manager.extraSpecialArgs = attrs; } - ./systems/continuity/default.nix ]; }; @@ -66,7 +65,6 @@ sops-nix.nixosModules.sops { nixpkgs.overlays = [ nur.overlays.default ]; } { home-manager.extraSpecialArgs = attrs; } - ./systems/affinity/default.nix ]; }; diff --git a/nix/modules/configuration.nix b/nix/modules/configuration.nix index 97b8764..62b02f6 100644 --- a/nix/modules/configuration.nix +++ b/nix/modules/configuration.nix @@ -24,7 +24,7 @@ environment = { etc = { - securetty.text = '' + securetty.text = '' # /etc/securetty: list of terminals on which root is allowed to login. # See securetty(5) and login(1). ''; @@ -35,13 +35,13 @@ coredump.enable = false; network.config.networkConfig.IPv6PrivacyExtensions = "kernel"; tmpfiles.settings = { - "restricthome"."/home/*".Z.mode = "~0700"; + "restricthome"."/home/*".Z.mode = "~0700"; - "restrictetcnixos"."/etc/nixos/*".Z = { - mode = "0000"; - user = "root"; - group = "root"; - }; + "restrictetcnixos"."/etc/nixos/*".Z = { + mode = "0000"; + user = "root"; + group = "root"; + }; }; }; @@ -50,126 +50,126 @@ extraModulePackages = [ ]; initrd = { - availableKernelModules = [ - "xhci_pci" - "ahci" - "usb_storage" - "sd_mod" - "nvme" - "sd_mod" - "ehci_pci" - "rtsx_pci_sdmmc" - "usbhid" - ]; - - kernelModules = [ ]; + availableKernelModules = [ + "xhci_pci" + "ahci" + "usb_storage" + "sd_mod" + "nvme" + "sd_mod" + "ehci_pci" + "rtsx_pci_sdmmc" + "usbhid" + ]; + + kernelModules = [ ]; }; lanzaboote = { - enable = config.monorepo.profiles.secureBoot.enable; - pkiBundle = "/etc/secureboot"; + enable = config.monorepo.profiles.secureBoot.enable; + pkiBundle = "/etc/secureboot"; }; loader = { - systemd-boot.enable = lib.mkForce (! config.monorepo.profiles.secureBoot.enable); - efi.canTouchEfiVariables = true; + systemd-boot.enable = lib.mkForce (! config.monorepo.profiles.secureBoot.enable); + efi.canTouchEfiVariables = true; }; kernelModules = [ - "snd-seq" - "snd-rawmidi" - "xhci_hcd" - "kvm_intel" + "snd-seq" + "snd-rawmidi" + "xhci_hcd" + "kvm_intel" ]; kernelParams = [ - "debugfs=off" - "page_alloc.shuffle=1" - "slab_nomerge" - "page_poison=1" - - # madaidan - "pti=on" - "randomize_kstack_offset=on" - "vsyscall=none" - "module.sig_enforce=1" - "lockdown=confidentiality" - - # cpu - "spectre_v2=on" - "spec_store_bypass_disable=on" - "tsx=off" - "tsx_async_abort=full,nosmt" - "mds=full,nosmt" - "l1tf=full,force" - "nosmt=force" - "kvm.nx_huge_pages=force" - - # hardened - "extra_latent_entropy" - - # mineral - "init_on_alloc=1" - "random.trust_cpu=off" - "random.trust_bootloader=off" - "intel_iommu=on" - "amd_iommu=force_isolation" - "iommu=force" - "iommu.strict=1" - "init_on_free=1" - "quiet" - "loglevel=0" + "debugfs=off" + "page_alloc.shuffle=1" + "slab_nomerge" + "page_poison=1" + + # madaidan + "pti=on" + "randomize_kstack_offset=on" + "vsyscall=none" + "module.sig_enforce=1" + "lockdown=confidentiality" + + # cpu + "spectre_v2=on" + "spec_store_bypass_disable=on" + "tsx=off" + "tsx_async_abort=full,nosmt" + "mds=full,nosmt" + "l1tf=full,force" + "nosmt=force" + "kvm.nx_huge_pages=force" + + # hardened + "extra_latent_entropy" + + # mineral + "init_on_alloc=1" + "random.trust_cpu=off" + "random.trust_bootloader=off" + "intel_iommu=on" + "amd_iommu=force_isolation" + "iommu=force" + "iommu.strict=1" + "init_on_free=1" + "quiet" + "loglevel=0" ]; blacklistedKernelModules = [ - "netrom" - "rose" - - "adfs" - "affs" - "bfs" - "befs" - "cramfs" - "efs" - "erofs" - "exofs" - "freevxfs" - "f2fs" - "hfs" - "hpfs" - "jfs" - "minix" - "nilfs2" - "ntfs" - "omfs" - "qnx4" - "qnx6" - "sysv" - "ufs" + "netrom" + "rose" + + "adfs" + "affs" + "bfs" + "befs" + "cramfs" + "efs" + "erofs" + "exofs" + "freevxfs" + "f2fs" + "hfs" + "hpfs" + "jfs" + "minix" + "nilfs2" + "ntfs" + "omfs" + "qnx4" + "qnx6" + "sysv" + "ufs" ]; kernel.sysctl = { - "kernel.ftrace_enabled" = false; - "net.core.bpf_jit_enable" = false; - "kernel.kptr_restrict" = 2; - - # madaidan - "vm.swappiness" = 1; - "vm.unprivileged_userfaultfd" = 0; - "dev.tty.ldisc_autoload" = 0; - "kernel.kexec_load_disabled" = 1; - "kernel.sysrq" = 4; - "kernel.perf_event_paranoid" = 3; - - # net - "net.ipv4.icmp_echo_ignore_broadcasts" = true; - - "net.ipv4.conf.all.accept_redirects" = false; - "net.ipv4.conf.all.secure_redirects" = false; - "net.ipv4.conf.default.accept_redirects" = false; - "net.ipv4.conf.default.secure_redirects" = false; - "net.ipv6.conf.all.accept_redirects" = false; - "net.ipv6.conf.default.accept_redirects" = false; + "kernel.ftrace_enabled" = false; + "net.core.bpf_jit_enable" = false; + "kernel.kptr_restrict" = 2; + + # madaidan + "vm.swappiness" = 1; + "vm.unprivileged_userfaultfd" = 0; + "dev.tty.ldisc_autoload" = 0; + "kernel.kexec_load_disabled" = 1; + "kernel.sysrq" = 4; + "kernel.perf_event_paranoid" = 3; + + # net + "net.ipv4.icmp_echo_ignore_broadcasts" = true; + + "net.ipv4.conf.all.accept_redirects" = false; + "net.ipv4.conf.all.secure_redirects" = false; + "net.ipv4.conf.default.accept_redirects" = false; + "net.ipv4.conf.default.secure_redirects" = false; + "net.ipv6.conf.all.accept_redirects" = false; + "net.ipv6.conf.default.accept_redirects" = false; }; }; @@ -177,32 +177,31 @@ useDHCP = lib.mkDefault true; hostName = config.monorepo.vars.hostName; networkmanager = { - enable = true; - # wifi.macAddress = ""; + enable = true; }; firewall = { - allowedTCPPorts = [ 22 11434 ]; - allowedUDPPorts = [ ]; + allowedTCPPorts = [ 22 11434 ]; + allowedUDPPorts = [ ]; }; }; hardware = { enableAllFirmware = true; cpu.intel.updateMicrocode = true; - graphics.enable = true; + graphics.enable = ! config.monorepo.profiles.ttyonly.enable; pulseaudio.enable = ! config.monorepo.profiles.pipewire.enable; bluetooth = { - enable = true; - powerOnBoot = true; + enable = true; + powerOnBoot = true; }; }; services = { chrony = { - enable = true; - enableNTS = true; - servers = [ "time.cloudflare.com" "ptbtime1.ptb.de" "ptbtime2.ptb.de" ]; + enable = true; + enableNTS = true; + servers = [ "time.cloudflare.com" "ptbtime1.ptb.de" "ptbtime2.ptb.de" ]; }; jitterentropy-rngd.enable = true; @@ -215,12 +214,12 @@ # Misc. udev = { - extraRules = ''''; - packages = with pkgs; [ - platformio-core - platformio-core.udev - openocd - ]; + extraRules = ''''; + packages = with pkgs; [ + platformio-core + platformio-core.udev + openocd + ]; }; printing.enable = true; @@ -237,20 +236,20 @@ nixpkgs = { hostPlatform = lib.mkDefault "x86_64-linux"; config = { - allowUnfree = true; - cudaSupport = lib.mkDefault config.monorepo.profiles.cuda.enable; + allowUnfree = true; + cudaSupport = lib.mkDefault config.monorepo.profiles.cuda.enable; }; }; security = { apparmor = { - enable = true; - killUnconfinedConfinables = true; + enable = true; + killUnconfinedConfinables = true; }; pam.loginLimits = [ - { domain = "*"; item = "nofile"; type = "-"; value = "32768"; } - { domain = "*"; item = "memlock"; type = "-"; value = "32768"; } + { domain = "*"; item = "nofile"; type = "-"; value = "32768"; } + { domain = "*"; item = "memlock"; type = "-"; value = "32768"; } ]; rtkit.enable = true; @@ -260,9 +259,9 @@ forcePageTableIsolation = true; tpm2 = { - enable = true; - pkcs11.enable = true; - tctiEnvironment.enable = true; + enable = true; + pkcs11.enable = true; + tctiEnvironment.enable = true; }; auditd.enable = true; @@ -275,9 +274,9 @@ enable = true; wlr.enable = true; extraPortals = with pkgs; [ - xdg-desktop-portal-gtk - xdg-desktop-portal - xdg-desktop-portal-hyprland + xdg-desktop-portal-gtk + xdg-desktop-portal + xdg-desktop-portal-hyprland ]; config.common.default = "*"; }; @@ -296,17 +295,17 @@ ]; git = { - isSystemUser = true; - home = "/srv/git"; - shell = "${pkgs.git}/bin/git-shell"; + isSystemUser = true; + home = "/srv/git"; + shell = "${pkgs.git}/bin/git-shell"; }; "${config.monorepo.vars.userName}" = { - initialPassword = "${config.monorepo.vars.userName}"; - isNormalUser = true; - description = config.monorepo.vars.fullName; - extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ]; - shell = pkgs.zsh; - packages = []; + initialPassword = "${config.monorepo.vars.userName}"; + isNormalUser = true; + description = config.monorepo.vars.fullName; + extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ]; + shell = pkgs.zsh; + packages = []; }; }; diff --git a/nix/modules/cuda.nix b/nix/modules/cuda.nix index dd5846b..d5d9b7c 100644 --- a/nix/modules/cuda.nix +++ b/nix/modules/cuda.nix @@ -1,9 +1,9 @@ { config, lib, pkgs, ... }: { - environment.systemPackages = with pkgs; [ + environment.systemPackages = (if config.monorepo.profiles.cuda.enable then with pkgs; [ cudatoolkit cudaPackages.cudnn cudaPackages.libcublas linuxPackages.nvidia_x11 - ]; + ] else []); } diff --git a/nix/modules/default.nix b/nix/modules/default.nix index ad4ccd3..f520d3b 100644 --- a/nix/modules/default.nix +++ b/nix/modules/default.nix @@ -7,36 +7,33 @@ options = { monorepo = { - profiles = { - cuda.enable = lib.mkEnableOption "Enables CUDA support"; - documentation.enable = lib.mkEnableOption "Enables documentation on system."; - secureBoot.enable = lib.mkEnableOption "Enables secure boot. See sbctl."; - pipewire.enable = lib.mkEnableOption "Enables pipewire low latency audio setup"; - tor.enable = lib.mkEnableOption "Enables tor along with torsocks"; - home.enable = lib.mkEnableOption "Enables home user"; - server.enable = lib.mkEnableOption "Enables server services"; - }; + profiles = { + cuda.enable = lib.mkEnableOption "Enables CUDA support"; + documentation.enable = lib.mkEnableOption "Enables documentation on system."; + secureBoot.enable = lib.mkEnableOption "Enables secure boot. See sbctl."; + pipewire.enable = lib.mkEnableOption "Enables pipewire low latency audio setup"; + tor.enable = lib.mkEnableOption "Enables tor along with torsocks"; + home.enable = lib.mkEnableOption "Enables home user"; + server.enable = lib.mkEnableOption "Enables server services"; + ttyonly.enable = lib.mkEnableOption "TTY only, no xserver"; + }; }; }; config = { - home-manager.users."${config.monorepo.vars.userName}" = { - programs.home-manager.enable = config.monorepo.profiles.home.enable; - }; - environment.systemPackages = lib.mkIf config.monorepo.profiles.documentation.enable (with pkgs; [ - linux-manual - man-pages - man-pages-posix + linux-manual + man-pages + man-pages-posix ]); monorepo = { - profiles = { - documentation.enable = lib.mkDefault true; - pipewire.enable = lib.mkDefault true; - tor.enable = lib.mkDefault true; - home.enable = lib.mkDefault true; - }; + profiles = { + documentation.enable = lib.mkDefault true; + pipewire.enable = lib.mkDefault true; + tor.enable = lib.mkDefault true; + home.enable = lib.mkDefault true; + }; }; }; } diff --git a/nix/modules/home/user.nix b/nix/modules/home/user.nix index 20a5749..7c470aa 100644 --- a/nix/modules/home/user.nix +++ b/nix/modules/home/user.nix @@ -26,6 +26,7 @@ packages = with pkgs; [ # wikipedia kiwix kiwix-tools + # passwords age sops @@ -64,6 +65,7 @@ acpilight pfetch libnotify + htop ]; }; diff --git a/nix/modules/nvidia.nix b/nix/modules/nvidia.nix index a1dc840..2973386 100644 --- a/nix/modules/nvidia.nix +++ b/nix/modules/nvidia.nix @@ -1,21 +1,22 @@ { config, lib, pkgs, ... }: { hardware = { - graphics.extraPackages = with pkgs; [ - vaapiVdpau - libvdpau-va-gl - nvidia-vaapi-driver - ]; + graphics.extraPackages = (if config.monorepo.profiles.cuda.enable + then with pkgs; [ + vaapiVdpau + libvdpau-va-gl + nvidia-vaapi-driver + ] else []); nvidia = { - modesetting.enable = true; - powerManagement = { - enable = true; - finegrained = false; - }; - nvidiaSettings = true; - open = false; - package = config.boot.kernelPackages.nvidiaPackages.stable; + modesetting.enable = lib.mkDefault config.monorepo.profiles.cuda.enable; + powerManagement = { + enable = lib.mkDefault config.monorepo.profiles.cuda.enable; + finegrained = false; + }; + nvidiaSettings = lib.mkDefault config.monorepo.profiles.cuda.enable; + open = lib.mkDefault false; + package = config.boot.kernelPackages.nvidiaPackages.stable; }; }; } diff --git a/nix/modules/postfix.nix b/nix/modules/postfix.nix index 90eb253..35c9e21 100644 --- a/nix/modules/postfix.nix +++ b/nix/modules/postfix.nix @@ -1,7 +1,7 @@ { config, lib, ... }: { services.postfix = { - enable = true; + enable = lib.mkDefault config.monorepo.profiles.server.enable; config = { }; }; diff --git a/nix/modules/ssh.nix b/nix/modules/ssh.nix index 55dc2fb..5c705c9 100644 --- a/nix/modules/ssh.nix +++ b/nix/modules/ssh.nix @@ -5,7 +5,7 @@ settings = { PasswordAuthentication = true; AllowUsers = [ config.monorepo.vars.userName ]; - PermitRootLogin = "no"; + PermitRootLogin = "prohibit-password"; KbdInteractiveAuthentication = false; }; }; diff --git a/nix/modules/xserver.nix b/nix/modules/xserver.nix index 0298f12..aab138d 100644 --- a/nix/modules/xserver.nix +++ b/nix/modules/xserver.nix @@ -3,24 +3,24 @@ services.xserver = { enable = lib.mkDefault true; displayManager = { - startx.enable = true; + startx.enable = true; }; windowManager = { - i3 = { - enable = true; - package = pkgs.i3-gaps; - }; + i3 = { + enable = ! config.monorepo.profiles.ttyonly.enable; + package = pkgs.i3-gaps; + }; }; desktopManager = { - runXdgAutostartIfNone = true; + runXdgAutostartIfNone = true; }; xkb = { - layout = "us"; - variant = ""; - options = "caps:escape"; + layout = "us"; + variant = ""; + options = "caps:escape"; }; videoDrivers = (if config.monorepo.profiles.cuda.enable then [ "nvidia" ] else []); diff --git a/nix/systems/affinity/default.nix b/nix/systems/affinity/default.nix index 4423440..606d934 100644 --- a/nix/systems/affinity/default.nix +++ b/nix/systems/affinity/default.nix @@ -2,15 +2,16 @@ { imports = [ ../../modules/default.nix - ../../modules/home/home.nix ../../modules/nvme-simple.nix + ../home.nix ]; - config.monorepo = { - profiles = { - server.enable = true; - cuda.enable = true; + config = { + monorepo = { + profiles = { + server.enable = true; + cuda.enable = true; + }; + vars.hostName = "affinity"; }; - vars.hostName = "affinity"; }; - config.home-manager.users."${config.monorepo.vars.userName}".monorepo.profiles.cuda.enable = true; } diff --git a/nix/systems/affinity/home.nix b/nix/systems/affinity/home.nix new file mode 100644 index 0000000..7b08138 --- /dev/null +++ b/nix/systems/affinity/home.nix @@ -0,0 +1,9 @@ +{ lib, config, pkgs, ... }: +{ + imports = [ + ../../modules/home/default.nix + ]; + config.monorepo = { + profiles.cuda.enable = true; + }; +} diff --git a/nix/systems/continuity/default.nix b/nix/systems/continuity/default.nix index 1bff83c..d067581 100644 --- a/nix/systems/continuity/default.nix +++ b/nix/systems/continuity/default.nix @@ -2,7 +2,7 @@ { imports = [ ../../modules/default.nix - ../../modules/home/home.nix ../../modules/sda-simple.nix + ../home.nix ]; } diff --git a/nix/systems/continuity/home.nix b/nix/systems/continuity/home.nix new file mode 100644 index 0000000..276ba52 --- /dev/null +++ b/nix/systems/continuity/home.nix @@ -0,0 +1,6 @@ +{ lib, config, pkgs, ... }: +{ + imports = [ + ../../modules/home/default.nix + ]; +} diff --git a/nix/systems/home.nix b/nix/systems/home.nix new file mode 100644 index 0000000..af4aa68 --- /dev/null +++ b/nix/systems/home.nix @@ -0,0 +1,11 @@ +{ config, sops-nix, ... }: +{ + home-manager = { + sharedModules = [ + sops-nix.homeManagerModules.sops + ]; + useGlobalPkgs = true; + useUserPackages = true; + users."${config.monorepo.vars.userName}" = import (./. + "/${config.monorepo.vars.hostName}/home.nix"); + }; +} diff --git a/nix/systems/spontaneity/default.nix b/nix/systems/spontaneity/default.nix index bc7ba81..5f79855 100644 --- a/nix/systems/spontaneity/default.nix +++ b/nix/systems/spontaneity/default.nix @@ -3,11 +3,13 @@ imports = [ ../../modules/default.nix ../../modules/vda-simple.nix + ../home.nix ]; + config.monorepo = { profiles = { server.enable = true; - home.enable = false; + ttyonly.enable = true; }; vars.hostName = "spontaneity"; }; diff --git a/nix/systems/spontaneity/home.nix b/nix/systems/spontaneity/home.nix new file mode 100644 index 0000000..276ba52 --- /dev/null +++ b/nix/systems/spontaneity/home.nix @@ -0,0 +1,6 @@ +{ lib, config, pkgs, ... }: +{ + imports = [ + ../../modules/home/default.nix + ]; +} |