From d7453265a1842bc8272a44979c7cf3118e996897 Mon Sep 17 00:00:00 2001 From: Satria Date: Sun, 1 Feb 2026 21:27:03 +0700 Subject: [PATCH] modularize system config --- .gitignore | 8 - modules/hardware/thinkpad.nix | 5 +- modules/scans/thinkpad.nix | 1 - modules/system/base.nix | 19 +-- modules/system/bootloader.nix | 21 +++ modules/system/default.nix | 162 ++------------------- modules/system/desktop.nix | 30 ++++ modules/system/filesystem.nix | 23 +++ modules/system/kernel.nix | 12 ++ modules/system/network.nix | 52 +++++++ modules/system/nix-conf.nix | 15 ++ modules/system/programs.nix | 28 ++++ modules/system/{apps.nix => utilities.nix} | 0 modules/system/virtualization.nix | 21 +++ 14 files changed, 217 insertions(+), 180 deletions(-) delete mode 100644 .gitignore create mode 100644 modules/system/bootloader.nix create mode 100644 modules/system/desktop.nix create mode 100644 modules/system/filesystem.nix create mode 100644 modules/system/kernel.nix create mode 100644 modules/system/network.nix create mode 100644 modules/system/nix-conf.nix create mode 100644 modules/system/programs.nix rename modules/system/{apps.nix => utilities.nix} (100%) create mode 100644 modules/system/virtualization.nix diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 3cb44c3..0000000 --- a/.gitignore +++ /dev/null @@ -1,8 +0,0 @@ -# ---> Nix -# Ignore build outputs from performing a nix-build or `nix build` command -result -result-* - -# Ignore automatically generated direnv output -.direnv - diff --git a/modules/hardware/thinkpad.nix b/modules/hardware/thinkpad.nix index f429cca..32652b2 100644 --- a/modules/hardware/thinkpad.nix +++ b/modules/hardware/thinkpad.nix @@ -31,8 +31,5 @@ initrd.availableKernelModules = [ "thinkpad_acpi" ]; }; - services = { - fstrim.enable = true; - fwupd.enable = true; - }; + services.fwupd.enable = true; } diff --git a/modules/scans/thinkpad.nix b/modules/scans/thinkpad.nix index cd20efd..730bff8 100644 --- a/modules/scans/thinkpad.nix +++ b/modules/scans/thinkpad.nix @@ -1,4 +1,3 @@ - # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. diff --git a/modules/system/base.nix b/modules/system/base.nix index c9aa53b..d64975b 100644 --- a/modules/system/base.nix +++ b/modules/system/base.nix @@ -1,20 +1,9 @@ { hostname, timezone, ... }: { system.stateVersion = "24.11"; - imports = [ ./apps.nix ]; - - nixpkgs.config.allowUnfree = true; - nix = { - settings = { - experimental-features = [ "nix-command" "flakes" ]; - auto-optimise-store = true; - }; - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 7d -d"; - }; - optimise.automatic = true; - }; + imports = [ + ./utilities.nix + ./nix-conf.nix + ]; networking.hostName = "${hostname}"; time.timeZone = timezone; diff --git a/modules/system/bootloader.nix b/modules/system/bootloader.nix new file mode 100644 index 0000000..cca3d3f --- /dev/null +++ b/modules/system/bootloader.nix @@ -0,0 +1,21 @@ +{ pkgs, legacy-boot, ... }: { + boot = { + plymouth.enable = true; + loader = { + efi.canTouchEfiVariables = true; + systemd-boot = { + enable = !legacy-boot; + configurationLimit = 3; + sortKey = "z-nixos"; + editor = false; + }; + grub = { + enable = legacy-boot; + device = "/dev/sda"; + useOSProber = true; + default = "saved"; + theme = "${pkgs.libsForQt5.breeze-grub}/grub/themes/breeze"; + }; + }; + }; +} \ No newline at end of file diff --git a/modules/system/default.nix b/modules/system/default.nix index bab73ab..2cf8d41 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -1,148 +1,20 @@ -{ pkgs, config, swapfile, locale, legacy-boot, wol, enable-dm, zerotier, ... }: { +{ pkgs, locale, ... }: { imports = [ - ../hardware/scan.nix - ../rice/system.nix ./base.nix + ./network.nix + ./user.nix + ./kernel.nix + ./bootloader.nix + ./filesystem.nix + ./virtualization.nix + ./desktop.nix + ./programs.nix ]; - boot = { - kernelModules = [ "rndis_host" "cdc_ether" ]; - supportedFilesystems = [ "ext4" "btrfs" "vfat" "ntfs" "exfat" ]; - plymouth.enable = true; - kernel.sysctl = { - "net.ipv4.ip_forward" = 1; - "net.ipv6.conf.all.forwarding" = 1; - }; - loader = { - efi.canTouchEfiVariables = true; - systemd-boot = { - enable = !legacy-boot; - configurationLimit = 3; - sortKey = "z-nixos"; - editor = false; - }; - grub = { - enable = legacy-boot; #true; - device = "/dev/sda"; - useOSProber = true; - default = "saved"; - theme = "${pkgs.libsForQt5.breeze-grub}/grub/themes/breeze"; - }; - }; - kernelParams = [ - #"quiet" - "boot.shell_on_fail" - "loglevel=3" - "rd.systemd.show_status=true" - #"rd.udev.log_level=3" - "udev.log_priority=3" - ]; - }; - swapDevices = if swapfile == 0 then [] else [ - { - device = "/swapfile"; - size = swapfile; - } - ]; - - virtualisation = { - # waydroid.enable = true; - docker.enable = true; - # libvirtd = { - # enable = true; - # qemu = { - # package = pkgs.qemu_kvm; - # swtpm.enable = true; - # runAsRoot = false; - # ovmf = { - # enable = false; - # packages = [(pkgs.OVMF.override { - # secureBoot = true; - # tpmSupport = true; - # }).fd]; - # }; - # }; - # }; - }; - - networking = { - networkmanager.enable = true; - firewall.enable = false; - nameservers = ["1.1.1.1" "1.0.0.1"]; - }; - - hardware.graphics = { - enable = true; - extraPackages = [ pkgs.libva-vdpau-driver ]; - }; i18n.defaultLocale = locale; environment.localBinInPath = true; - systemd.services."wol" = { - enable = wol != ""; - description = "Wake-on-LAN for ${wol}"; - requires = [ "network.target" ]; - after = [ "network.target" ]; - serviceConfig = { - ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${wol} wol g"; - Type = "oneshot"; - }; - wantedBy = [ # just in case - "multi-user.target" - "sleep.target" - "suspend.target" - "hibernate.target" - "hybrid-sleep.target" - "shutdown.target" - "reboot.target" - "halt.target" - ]; - }; - - services = { - displayManager.gdm.enable = enable-dm; - xserver = { - enable = true; - xkb = { - layout = "us"; - variant = ""; - }; - }; - pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - sunshine = { - enable = true; - autoStart = true; - capSysAdmin = true; - openFirewall = true; - }; - avahi = { - enable = true; - nssmdns4 = true; - }; - printing = { - enable = true; - drivers = with pkgs; [ hplip ]; - }; - zerotierone = { - enable = true; - joinNetworks = zerotier.networks; - }; - cloudflare-warp.enable = true; - gnome.gnome-keyring.enable = true; - gvfs.enable = true; - blueman.enable = true; - pulseaudio.enable = false; - resolved.enable = true; - }; - security = { - rtkit.enable = true; sudo.configFile = '' Defaults insults Defaults passwd_tries = 5 @@ -152,18 +24,4 @@ fonts.packages = with pkgs; [ corefonts ]; - - programs = { - gdk-pixbuf.modulePackages = [ pkgs.librsvg ]; - zsh.enable = true; - nix-ld.enable = true; - steam.enable = true; - appimage = { - enable = true; - binfmt = true; - }; - kdeconnect = { - enable = true; - }; - }; -} +} \ No newline at end of file diff --git a/modules/system/desktop.nix b/modules/system/desktop.nix new file mode 100644 index 0000000..abf8d4e --- /dev/null +++ b/modules/system/desktop.nix @@ -0,0 +1,30 @@ +{ pkgs, enable-dm, ... }: { + hardware.graphics = { + enable = true; + extraPackages = [ pkgs.libva-vdpau-driver ]; + }; + + services = { + displayManager.gdm.enable = enable-dm; + xserver = { + enable = true; + xkb = { + layout = "us"; + variant = ""; + }; + }; + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; + gnome.gnome-keyring.enable = true; + gvfs.enable = true; + blueman.enable = true; + pulseaudio.enable = false; + }; + + security.rtkit.enable = true; +} \ No newline at end of file diff --git a/modules/system/filesystem.nix b/modules/system/filesystem.nix new file mode 100644 index 0000000..b8603b7 --- /dev/null +++ b/modules/system/filesystem.nix @@ -0,0 +1,23 @@ +{ swapfile, ... }: +{ + boot.supportedFilesystems = [ + "ext4" + "btrfs" + "vfat" + "ntfs" + "exfat" + ]; + + swapDevices = + if swapfile == 0 then + [ ] + else + [ + { + device = "/swapfile"; + size = swapfile; + } + ]; + + services.fstrim.enable = true; +} \ No newline at end of file diff --git a/modules/system/kernel.nix b/modules/system/kernel.nix new file mode 100644 index 0000000..5d760eb --- /dev/null +++ b/modules/system/kernel.nix @@ -0,0 +1,12 @@ +{ ... }: { + boot = { + kernelParams = [ + #"quiet" + "boot.shell_on_fail" + "loglevel=3" + "rd.systemd.show_status=true" + #"rd.udev.log_level=3" + "udev.log_priority=3" + ]; + }; +} \ No newline at end of file diff --git a/modules/system/network.nix b/modules/system/network.nix new file mode 100644 index 0000000..93e0061 --- /dev/null +++ b/modules/system/network.nix @@ -0,0 +1,52 @@ +{ pkgs, wol, ... }: { + boot = { + kernelModules = [ + "rndis_host" + "cdc_ether" + ]; + kernel.sysctl = { + "net.ipv4.ip_forward" = 1; + "net.ipv6.conf.all.forwarding" = 1; + }; + }; + + networking = { + networkmanager.enable = true; + firewall.enable = false; + nameservers = [ + "1.1.1.1" + "1.0.0.1" + ]; + }; + + systemd.services."wol" = { + enable = wol != ""; + description = "Wake-on-LAN for ${wol}"; + requires = [ "network.target" ]; + after = [ "network.target" ]; + serviceConfig = { + ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${wol} wol g"; + Type = "oneshot"; + }; + wantedBy = [ + # just in case + "multi-user.target" + "sleep.target" + "suspend.target" + "hibernate.target" + "hybrid-sleep.target" + "shutdown.target" + "reboot.target" + "halt.target" + ]; + }; + + services = { + avahi = { + enable = true; + nssmdns4 = true; + }; + cloudflare-warp.enable = true; + resolved.enable = true; + }; +} diff --git a/modules/system/nix-conf.nix b/modules/system/nix-conf.nix new file mode 100644 index 0000000..5617350 --- /dev/null +++ b/modules/system/nix-conf.nix @@ -0,0 +1,15 @@ +{ ... }: { + nixpkgs.config.allowUnfree = true; + nix = { + settings = { + experimental-features = [ "nix-command" "flakes" ]; + auto-optimise-store = true; + }; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d -d"; + }; + optimise.automatic = true; + }; +} \ No newline at end of file diff --git a/modules/system/programs.nix b/modules/system/programs.nix new file mode 100644 index 0000000..fbe6f80 --- /dev/null +++ b/modules/system/programs.nix @@ -0,0 +1,28 @@ +{ pkgs, ... }: { + services = { + sunshine = { + enable = true; + autoStart = true; + capSysAdmin = true; + openFirewall = true; + }; + printing = { + enable = true; + drivers = with pkgs; [ hplip ]; + }; + }; + + programs = { + gdk-pixbuf.modulePackages = [ pkgs.librsvg ]; + zsh.enable = true; + nix-ld.enable = true; + steam.enable = true; + appimage = { + enable = true; + binfmt = true; + }; + kdeconnect = { + enable = true; + }; + }; +} \ No newline at end of file diff --git a/modules/system/apps.nix b/modules/system/utilities.nix similarity index 100% rename from modules/system/apps.nix rename to modules/system/utilities.nix diff --git a/modules/system/virtualization.nix b/modules/system/virtualization.nix new file mode 100644 index 0000000..ed10551 --- /dev/null +++ b/modules/system/virtualization.nix @@ -0,0 +1,21 @@ +{ ... }: { + virtualisation = { + # waydroid.enable = true; + docker.enable = true; + # libvirtd = { + # enable = true; + # qemu = { + # package = pkgs.qemu_kvm; + # swtpm.enable = true; + # runAsRoot = false; + # ovmf = { + # enable = false; + # packages = [(pkgs.OVMF.override { + # secureBoot = true; + # tpmSupport = true; + # }).fd]; + # }; + # }; + # }; + }; +} \ No newline at end of file