satr14/nix-flake
1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

modularize system config

Browse source
This commit is contained in:
Satria 2026-02-01 21:27:03 +07:00
commit d7453265a1
14 changed files with 217 additions and 180 deletions
Download patch file Download diff file Expand all files Collapse all files

8
.gitignore vendored
View file

@ -1,8 +0,0 @@
# ---> Nix
# Ignore build outputs from performing a nix-build or `nix build` command
result
result-*
# Ignore automatically generated direnv output
.direnv

5
modules/hardware/thinkpad.nix
View file

@ -31,8 +31,5 @@
initrd.availableKernelModules = [ "thinkpad_acpi" ]; initrd.availableKernelModules = [ "thinkpad_acpi" ];
}; };
services = { services.fwupd.enable = true;
fstrim.enable = true;
fwupd.enable = true;
};
} }

1
modules/scans/thinkpad.nix
View file

@ -1,4 +1,3 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.

19
modules/system/base.nix
View file

@ -1,20 +1,9 @@
{ hostname, timezone, ... }: { { hostname, timezone, ... }: {
system.stateVersion = "24.11"; system.stateVersion = "24.11";
imports = [ ./apps.nix ]; imports = [
./utilities.nix
nixpkgs.config.allowUnfree = true; ./nix-conf.nix
nix = { ];
settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
};
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d -d";
};
optimise.automatic = true;
};
networking.hostName = "${hostname}"; networking.hostName = "${hostname}";
time.timeZone = timezone; time.timeZone = timezone;

21
modules/system/bootloader.nix Normal file
View file

@ -0,0 +1,21 @@
{ pkgs, legacy-boot, ... }: {
boot = {
plymouth.enable = true;
loader = {
efi.canTouchEfiVariables = true;
systemd-boot = {
enable = !legacy-boot;
configurationLimit = 3;
sortKey = "z-nixos";
editor = false;
};
grub = {
enable = legacy-boot;
device = "/dev/sda";
useOSProber = true;
default = "saved";
theme = "${pkgs.libsForQt5.breeze-grub}/grub/themes/breeze";
};
};
};
}

162
modules/system/default.nix
View file

@ -1,148 +1,20 @@
{ pkgs, config, swapfile, locale, legacy-boot, wol, enable-dm, zerotier, ... }: { { pkgs, locale, ... }: {
imports = [ imports = [
../hardware/scan.nix
../rice/system.nix
./base.nix ./base.nix
./network.nix
./user.nix
./kernel.nix
./bootloader.nix
./filesystem.nix
./virtualization.nix
./desktop.nix
./programs.nix
]; ];
boot = {
kernelModules = [ "rndis_host" "cdc_ether" ];
supportedFilesystems = [ "ext4" "btrfs" "vfat" "ntfs" "exfat" ];
plymouth.enable = true;
kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
loader = {
efi.canTouchEfiVariables = true;
systemd-boot = {
enable = !legacy-boot;
configurationLimit = 3;
sortKey = "z-nixos";
editor = false;
};
grub = {
enable = legacy-boot; #true;
device = "/dev/sda";
useOSProber = true;
default = "saved";
theme = "${pkgs.libsForQt5.breeze-grub}/grub/themes/breeze";
};
};
kernelParams = [
#"quiet"
"boot.shell_on_fail"
"loglevel=3"
"rd.systemd.show_status=true"
#"rd.udev.log_level=3"
"udev.log_priority=3"
];
};
swapDevices = if swapfile == 0 then [] else [
{
device = "/swapfile";
size = swapfile;
}
];
virtualisation = {
# waydroid.enable = true;
docker.enable = true;
# libvirtd = {
# enable = true;
# qemu = {
# package = pkgs.qemu_kvm;
# swtpm.enable = true;
# runAsRoot = false;
# ovmf = {
# enable = false;
# packages = [(pkgs.OVMF.override {
# secureBoot = true;
# tpmSupport = true;
# }).fd];
# };
# };
# };
};
networking = {
networkmanager.enable = true;
firewall.enable = false;
nameservers = ["1.1.1.1" "1.0.0.1"];
};
hardware.graphics = {
enable = true;
extraPackages = [ pkgs.libva-vdpau-driver ];
};
i18n.defaultLocale = locale; i18n.defaultLocale = locale;
environment.localBinInPath = true; environment.localBinInPath = true;
systemd.services."wol" = {
enable = wol != "";
description = "Wake-on-LAN for ${wol}";
requires = [ "network.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${wol} wol g";
Type = "oneshot";
};
wantedBy = [ # just in case
"multi-user.target"
"sleep.target"
"suspend.target"
"hibernate.target"
"hybrid-sleep.target"
"shutdown.target"
"reboot.target"
"halt.target"
];
};
services = {
displayManager.gdm.enable = enable-dm;
xserver = {
enable = true;
xkb = {
layout = "us";
variant = "";
};
};
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
sunshine = {
enable = true;
autoStart = true;
capSysAdmin = true;
openFirewall = true;
};
avahi = {
enable = true;
nssmdns4 = true;
};
printing = {
enable = true;
drivers = with pkgs; [ hplip ];
};
zerotierone = {
enable = true;
joinNetworks = zerotier.networks;
};
cloudflare-warp.enable = true;
gnome.gnome-keyring.enable = true;
gvfs.enable = true;
blueman.enable = true;
pulseaudio.enable = false;
resolved.enable = true;
};
security = { security = {
rtkit.enable = true;
sudo.configFile = '' sudo.configFile = ''
Defaults insults Defaults insults
Defaults passwd_tries = 5 Defaults passwd_tries = 5
@ -152,18 +24,4 @@
fonts.packages = with pkgs; [ fonts.packages = with pkgs; [
corefonts corefonts
]; ];
}
programs = {
gdk-pixbuf.modulePackages = [ pkgs.librsvg ];
zsh.enable = true;
nix-ld.enable = true;
steam.enable = true;
appimage = {
enable = true;
binfmt = true;
};
kdeconnect = {
enable = true;
};
};
}

30
modules/system/desktop.nix Normal file
View file

@ -0,0 +1,30 @@
{ pkgs, enable-dm, ... }: {
hardware.graphics = {
enable = true;
extraPackages = [ pkgs.libva-vdpau-driver ];
};
services = {
displayManager.gdm.enable = enable-dm;
xserver = {
enable = true;
xkb = {
layout = "us";
variant = "";
};
};
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
gnome.gnome-keyring.enable = true;
gvfs.enable = true;
blueman.enable = true;
pulseaudio.enable = false;
};
security.rtkit.enable = true;
}

23
modules/system/filesystem.nix Normal file
View file

@ -0,0 +1,23 @@
{ swapfile, ... }:
{
boot.supportedFilesystems = [
"ext4"
"btrfs"
"vfat"
"ntfs"
"exfat"
];
swapDevices =
if swapfile == 0 then
[ ]
else
[
{
device = "/swapfile";
size = swapfile;
}
];
services.fstrim.enable = true;
}

12
modules/system/kernel.nix Normal file
View file

@ -0,0 +1,12 @@
{ ... }: {
boot = {
kernelParams = [
#"quiet"
"boot.shell_on_fail"
"loglevel=3"
"rd.systemd.show_status=true"
#"rd.udev.log_level=3"
"udev.log_priority=3"
];
};
}

52
modules/system/network.nix Normal file
View file

@ -0,0 +1,52 @@
{ pkgs, wol, ... }: {
boot = {
kernelModules = [
"rndis_host"
"cdc_ether"
];
kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
};
networking = {
networkmanager.enable = true;
firewall.enable = false;
nameservers = [
"1.1.1.1"
"1.0.0.1"
];
};
systemd.services."wol" = {
enable = wol != "";
description = "Wake-on-LAN for ${wol}";
requires = [ "network.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${wol} wol g";
Type = "oneshot";
};
wantedBy = [
# just in case
"multi-user.target"
"sleep.target"
"suspend.target"
"hibernate.target"
"hybrid-sleep.target"
"shutdown.target"
"reboot.target"
"halt.target"
];
};
services = {
avahi = {
enable = true;
nssmdns4 = true;
};
cloudflare-warp.enable = true;
resolved.enable = true;
};
}

15
modules/system/nix-conf.nix Normal file
View file

@ -0,0 +1,15 @@
{ ... }: {
nixpkgs.config.allowUnfree = true;
nix = {
settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
};
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d -d";
};
optimise.automatic = true;
};
}

28
modules/system/programs.nix Normal file
View file

@ -0,0 +1,28 @@
{ pkgs, ... }: {
services = {
sunshine = {
enable = true;
autoStart = true;
capSysAdmin = true;
openFirewall = true;
};
printing = {
enable = true;
drivers = with pkgs; [ hplip ];
};
};
programs = {
gdk-pixbuf.modulePackages = [ pkgs.librsvg ];
zsh.enable = true;
nix-ld.enable = true;
steam.enable = true;
appimage = {
enable = true;
binfmt = true;
};
kdeconnect = {
enable = true;
};
};
}

0
modules/system/apps.nix → modules/system/utilities.nix
View file

21
modules/system/virtualization.nix Normal file
View file

@ -0,0 +1,21 @@
{ ... }: {
virtualisation = {
# waydroid.enable = true;
docker.enable = true;
# libvirtd = {
# enable = true;
# qemu = {
# package = pkgs.qemu_kvm;
# swtpm.enable = true;
# runAsRoot = false;
# ovmf = {
# enable = false;
# packages = [(pkgs.OVMF.override {
# secureBoot = true;
# tpmSupport = true;
# }).fd];
# };
# };
# };
};
}