mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
mjallen18
2025-09-03 17:54:33 -05:00
parent 67b840c40f
commit c4911b9d5f
31 changed files with 339 additions and 223 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
flake.lock generated
View File

@@ -1063,11 +1063,11 @@
},
"nixpkgs_13": {
"locked": {
"lastModified": 1756542300,
"narHash": "sha256-tlOn88coG5fzdyqz6R93SQL5Gpq+m/DsWpekNFhqPQk=",
"lastModified": 1756787288,
"narHash": "sha256-rw/PHa1cqiePdBxhF66V7R+WAP8WekQ0mCDG4CFqT8Y=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d7600c775f877cd87b4f5a831c28aa94137377aa",
"rev": "d0fc30899600b9b3466ddb260fd83deb486c32f1",
"type": "github"
},
"original": {

2
flake.nix
View File

@@ -266,7 +266,7 @@
# Add mjallen-lib to the flake outputs
overlays = {
mjallen-lib = final: prev: {
mjallen-lib = _final: _prev: {
mjallen-lib = (import ./lib { inherit inputs; }).mjallen-lib;
};
};

2
homes/aarch64-linux/matt@macbook-pro-nixos/default.nix
View File

@@ -23,7 +23,7 @@ in
home.stateVersion = "23.11";
mjallen = {
desktop.hyprland = {
programs.hyprland = {
enable = true;
primaryDisplay = "eDP-1";

2
lib/examples/default.nix
View File

@@ -1,4 +1,4 @@
{ inputs, ... }:
{ ... }:
{
# Import all examples
sops = import ./sops.nix;

8
lib/examples/file-utils.nix
View File

@@ -10,7 +10,8 @@ let
scanSystems
filterNixOSSystems
filterDarwinSystems
scanHomes;
scanHomes
;
in
{
# Example of reading a file
@@ -20,7 +21,7 @@ in
fileExists = pathExists ./example.txt;
# Example of safely importing a file
myConfig = safeImport ./my-config.nix {};
myConfig = safeImport ./my-config.nix { };
# Example of scanning a directory
directoryContents = scanDir ./modules;
@@ -51,7 +52,8 @@ in
inherit system;
modules = [
{ networking.hostName = hostname; }
] ++ importModulesRecursive ./modules/nixos;
]
++ importModulesRecursive ./modules/nixos;
};
}
) nixosSystems;

11
lib/examples/home-sops.nix
View File

@@ -1,6 +1,11 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
inherit (lib.mjallen.module) mkModule mkOpt mkBoolOpt;
inherit (lib.mjallen.module) mkModule mkOpt;
in
mkModule {
name = "sops";
@@ -8,7 +13,7 @@ mkModule {
options = {
defaultSopsFile = mkOpt lib.types.path null "Default sops file.";
sshKeyPaths = mkOpt (lib.types.listOf lib.types.str) [] "SSH Key paths to use.";
sshKeyPaths = mkOpt (lib.types.listOf lib.types.str) [ ] "SSH Key paths to use.";
};
config = {
home.packages = with pkgs; [

12
lib/examples/sops.nix
View File

@@ -10,7 +10,9 @@ mkModule {
generateAgeKey = mkBoolOpt true "Whether to automatically generate an age key if one doesn't exist.";
ageKeyPath = mkOpt (lib.types.nullOr lib.types.str) null "Custom path to the age key file. If null, will use the default path.";
ageKeyPath =
mkOpt (lib.types.nullOr lib.types.str) null
"Custom path to the age key file. If null, will use the default path.";
sshKeyPaths = mkOpt (lib.types.listOf lib.types.str) [
"/etc/ssh/ssh_host_ed25519_key"
@@ -25,9 +27,11 @@ mkModule {
age = {
inherit (config.mjallen.sops) generateAgeKey;
keyFile = if config.mjallen.sops.ageKeyPath != null
then config.mjallen.sops.ageKeyPath
else "${config.users.users.${config.mjallen.user.name}.home}/.config/sops/age/keys.txt";
keyFile =
if config.mjallen.sops.ageKeyPath != null then
config.mjallen.sops.ageKeyPath
else
"${config.users.users.${config.mjallen.user.name}.home}/.config/sops/age/keys.txt";
sshKeyPaths = config.mjallen.sops.sshKeyPaths;
};

35
lib/examples/system-utils.nix
View File

@@ -5,7 +5,8 @@ let
mkNixpkgsConfig
mkHomeConfigs
mkHomeManagerConfig
mkSpecialArgs;
mkSpecialArgs
;
in
{
# Example of creating NixOS configurations
@@ -32,7 +33,12 @@ in
# Create home-manager configuration
homeManagerConfig = mkHomeManagerConfig {
inherit extendedLib inputs system matchingHomes;
inherit
extendedLib
inputs
system
matchingHomes
;
isNixOS = true;
};
in
@@ -55,7 +61,8 @@ in
{
nixpkgs = {
inherit system;
} // mkNixpkgsConfig inputs.self;
}
// mkNixpkgsConfig inputs.self;
}
# Import home-manager module
@@ -66,7 +73,8 @@ in
# Import all nixos modules recursively
../${system}/${hostname}
] ++ (extendedLib.mjallen.file.importModulesRecursive ../modules/nixos);
]
++ (extendedLib.mjallen.file.importModulesRecursive ../modules/nixos);
};
}
) nixosSystems;
@@ -79,7 +87,14 @@ in
in
inputs.nixpkgs.lib.mapAttrs' (
name:
{ system, username, hostname, userAtHost, path, ... }:
{
system,
username,
hostname,
userAtHost,
path,
...
}:
let
# Create extended lib with mjallen-lib
extendedLib = mkExtendedLib inputs.self inputs.nixpkgs;
@@ -93,7 +108,12 @@ in
};
extraSpecialArgs = {
inherit inputs hostname username system;
inherit
inputs
hostname
username
system
;
inherit (inputs) self;
lib = extendedLib;
};
@@ -104,7 +124,8 @@ in
# Import the home configuration
path
] ++ (extendedLib.mjallen.file.importModulesRecursive ../modules/home);
]
++ (extendedLib.mjallen.file.importModulesRecursive ../modules/home);
};
}
) allHomes;

8
lib/system/common.nix
View File

@@ -3,9 +3,13 @@ let
inherit (inputs.nixpkgs.lib) filterAttrs mapAttrs';
in
{
mkExtendedLib = flake: nixpkgs: nixpkgs.lib.extend (final: prev: {
mkExtendedLib =
flake: nixpkgs:
nixpkgs.lib.extend (
_final: _prev: {
mjallen = flake.mjallen-lib;
});
}
);
mkNixpkgsConfig = flake: {
overlays = builtins.attrValues flake.overlays;

1
modules/home/sops/default.nix
View File

@@ -1,7 +1,6 @@
{
config,
lib,
namespace,
...
}:
let

34
modules/nixos/boot/common/default.nix
View File

@@ -1,13 +1,27 @@
{
config,
pkgs,
system,
lib,
namespace,
...
}:
with lib;
let
inherit (lib.${namespace}) mkOpt mkBoolOpt;
cfg = config.${namespace}.boot.common;
isArm = ("aarch64-linux" == system) || ("aarch64-darwin" == system);
in
{
options.${namespace}.boot.common = {
enable = mkBoolOpt true "Enable common boot stuff";
yubikeyEncryption = mkBoolOpt false "Enable Yubikey root encryption";
yubikeyGracePeriod = mkOpt types.int 180 "Time to wait for yubikey in seconds";
};
config = mkIf cfg.enable {
boot = {
kernelParams = [
"quiet"
@@ -29,7 +43,27 @@ in
consoleLogLevel = lib.mkForce 3;
bootspec.enable = (!isArm);
initrd = {
luks = mkIf cfg.yubikeyEncryption {
devices = {
"${config.disko.devices.disk.main.content.partitions.root.name}" = {
yubikey = {
storage = {
device = "/dev/disk/by-label/${config.disko.devices.disk.main.content.partitions.root.name}";
fsType = config.${namespace}.hardware.disko.filesystem;
path = "/";
};
slot = 2;
twoFactor = false;
gracePeriod = yubikeyGracePeriod;
};
};
};
};
};
};
zramSwap.enable = lib.mkDefault true;
};
}

7
modules/nixos/boot/systemd-boot/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
inherit (lib.${namespace}) mkOpt;

7
modules/nixos/desktop/hyprland/options.nix
View File

@@ -1,4 +1,9 @@
{ lib, pkgs, namespace, ... }:
{
lib,
pkgs,
namespace,
...
}:
with lib;
let
inherit (lib.${namespace}) mkOpt;

8
modules/nixos/desktop/hyprland/wallpapers/default.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, namespace, ... }:
{
config,
lib,
pkgs,
namespace,
...
}:
let
cfg = config.${namespace}.desktop.hyprland;

1
modules/nixos/disko/x86_64-linux/default.nix
View File

@@ -58,6 +58,7 @@ let
# BCacheFS root partition configuration
bcachefsRoot = {
name = "bcachefs-root";
size = "100%";
content = {
type = "bcachefs";

4
modules/nixos/hardware/raspberry-pi/default.nix
View File

@@ -23,9 +23,7 @@ in
config = lib.mkIf cfg.enable {
# Common Raspberry Pi packages
environment.systemPackages =
with pkgs;
[
environment.systemPackages = with pkgs; [
i2c-tools
libraspberrypi
raspberrypi-eeprom

14
modules/nixos/impermanence/default.nix
View File

@@ -19,7 +19,9 @@ in
};
# extraDirectories = mkOpt (types.listOf types.path) [ ] "Extra directory paths to add to impermanence";
extraDirectories = mkOpt (types.listOf (types.either types.str (types.submodule {
extraDirectories = mkOpt (types.listOf (
types.either types.str (
types.submodule {
options = {
directory = mkOption {
type = types.str;
@@ -41,7 +43,9 @@ in
description = "Directory permissions";
};
};
}))) [ ] "Extra directory paths to add to impermanence";
}
)
)) [ ] "Extra directory paths to add to impermanence";
extraFiles = mkOpt (types.listOf types.path) [ ] "Extra file paths to add to impermanence";
};
@@ -79,10 +83,12 @@ in
group = "jallen-nas";
mode = "u=rwx,g=rx,o=rx";
}
] ++ cfg.extraDirectories;
]
++ cfg.extraDirectories;
files = [
"/etc/machine-id"
] ++ cfg.extraFiles;
]
++ cfg.extraFiles;
};
security.sudo.extraConfig = ''

11
modules/nixos/network/default.nix
View File

@@ -21,16 +21,19 @@ let
autoconnect-priority = profile.priority;
interface-name = cfg.ipv4.interface;
};
ipv4 =
{
ipv4 = {
method = cfg.ipv4.method;
} // (if (cfg.ipv4.method == "auto") then { }
}
// (
if (cfg.ipv4.method == "auto") then
{ }
else
{
address = cfg.ipv4.address;
gateway = cfg.ipv4.gateway;
dns = cfg.ipv4.dns;
});
}
);
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";

20
modules/nixos/network/options.nix
View File

@@ -53,7 +53,9 @@ in
powersave = mkBoolOpt false "Whether to enable WiFi power saving.";
profiles = mkOpt (types.attrsOf (
profiles =
mkOpt
(types.attrsOf (
types.submodule {
options = {
ssid = mkOpt types.str "" "SSID of the WiFi network.";
@@ -62,9 +64,13 @@ in
autoconnect = mkBoolOpt true "autoconnect to this connection";
autoconnect-retries = mkOpt types.int (-1) "The number of times a connection should be tried when autoactivating before giving up. Zero means forever, -1 means the global default (4 times if not overridden)";
autoconnect-retries =
mkOpt types.int (-1)
"The number of times a connection should be tried when autoactivating before giving up. Zero means forever, -1 means the global default (4 times if not overridden)";
priority = mkOpt types.int 0 "connection priority in range -999 to 999. The higher number means higher priority.";
priority =
mkOpt types.int 0
"connection priority in range -999 to 999. The higher number means higher priority.";
psk = mkOpt types.str "$PSK" "PSK environment variable for the WiFi password.";
@@ -73,8 +79,12 @@ in
}
))
{
"Joey's Jungle 6G" = { priority = -900; };
"Joey's Jungle 5G" = { priority = -999; };
"Joey's Jungle 6G" = {
priority = -900;
};
"Joey's Jungle 5G" = {
priority = -999;
};
}
"network profiles.";
};

7
modules/nixos/power/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
inherit (lib.${namespace}) mkOpt;

7
modules/nixos/security/tpm/default.nix
View File

@@ -1,4 +1,9 @@
{ config, lib, namespace, ... }:
{
config,
lib,
namespace,
...
}:
with lib;
let
# inherit (lib.${namespace}) mkOpt;

7
modules/nixos/services/samba/default.nix
View File

@@ -1,4 +1,9 @@
{ lib, config, namespace, ... }:
{
lib,
config,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.samba;

5
modules/nixos/sops/options.nix
View File

@@ -28,7 +28,10 @@ with lib;
type = types.listOf types.str;
default = [ "/etc/ssh/ssh_host_ed25519_key" ];
description = "List of SSH key paths to use for age decryption.";
example = [ "/etc/ssh/ssh_host_ed25519_key" "/etc/ssh/ssh_host_rsa_key" ];
example = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_rsa_key"
];
};
validateSopsFiles = mkOption {

75
systems/aarch64-linux/macbook-pro-nixos/default.nix
View File

@@ -3,14 +3,6 @@
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ pkgs, namespace, ... }:
let
# Displays
display = {
input = "eDP-1";
resolution = "3456x2234";
refreshRate = "60.00000";
};
in
{
imports = [
./boot.nix
@@ -46,39 +38,47 @@ in
distrobox
];
};
programs = {
desktop = {
hyprland = {
enable = true;
primaryDisplay = "eDP-1";
display1 = {
input = "eDP-1";
resolution = "3456x2234";
refreshRate = "60.00000";
};
wallpaper = [
"${display.input}, /run/wallpaper.jpg"
];
monitor = [
"${display.input},${display.resolution}@${display.refreshRate},0x0,1.25,bitdepth,10,cm,hdr,sdrbrightness,1.2,sdrsaturation,0.98"
];
workspace = [
"name:firefox, monitor:${display.input}, default:false, special, class:(.*firefox.*)"
"name:discord, monitor:${display.input}, default:true, special, title:(.*vesktop.*), title:(.*Apple Music.*)"
"name:steam, monitor:${display.input}, default:false, special, class:(.*[Ss]team.*)"
];
windowRule = [
"size 2160 3356, tag:horizonrdp"
];
wallpaperSource = "nasa";
};
gnome.enable = false;
};
# programs = {
# hyprland = {
# enable = true;
# primaryDisplay = "eDP-1";
# display1 = {
# input = "eDP-1";
# resolution = "3456x2234";
# refreshRate = "60.00000";
# };
# wallpaper = [
# "${display.input}, /run/wallpaper.jpg"
# ];
# monitor = [
# "${display.input},${display.resolution}@${display.refreshRate},0x0,1.25,bitdepth,10,cm,hdr,sdrbrightness,1.2,sdrsaturation,0.98"
# ];
# workspace = [
# "name:firefox, monitor:${display.input}, default:false, special, class:(.*firefox.*)"
# "name:discord, monitor:${display.input}, default:true, special, title:(.*vesktop.*), title:(.*Apple Music.*)"
# "name:steam, monitor:${display.input}, default:false, special, class:(.*[Ss]team.*)"
# ];
# windowRule = [
# "size 2160 3356, tag:horizonrdp"
# ];
# };
# };
network = {
hostName = "macbook-pro-nixos";
wifi.enable = false;
networkmanager.enable = false;
iwd = {
enable = true;
settings = {
@@ -106,8 +106,9 @@ in
nixpkgs.config.allowUnsupportedSystem = true;
virtualisation = {
containers.enable = true;
podman.enable = true;
waydroid.enable = false;
# - CONFIG_ANDROID_BINDER_IPC is not enabled!
# - CONFIG_ANDROID_BINDERFS is not enabled
};
# List packages installed in system profile. To search, run:

12
systems/aarch64-linux/macbook-pro-nixos/services.nix
View File

@@ -65,10 +65,14 @@
};
logind = {
lidSwitch = "suspend";
lidSwitchExternalPower = "ignore";
powerKey = "suspend";
powerKeyLongPress = "poweroff";
settings = {
Login = {
HandleLidSwitchExternalPower = "ignore";
HandleLidSwitch = "suspend";
HandlePowerKeyLongPress = "poweroff";
HandlePowerKey = "suspend";
};
};
};
# Enable Flatpak

2
systems/aarch64-linux/pi4/default.nix
View File

@@ -56,7 +56,7 @@
allowedTCPPorts = [ 53 ];
allowedUDPPorts = [ 53 ];
};
networkmanger = {
networkmanager = {
profiles = {
"static-enabcm6e4ei0" = {
type = "ethernet";

10
systems/x86_64-linux/steamdeck/default.nix
View File

@@ -29,16 +29,6 @@
};
network = {
hostName = "steamdeck";
wifi = {
enable = true;
powersave = false;
profiles = {
"Joey's Jungle 5G" = {
ssid = "Joey's Jungle 5G";
keyMgmt = "sae";
};
};
};
};
};
}