migrate most of the nixos system

2026-02-01 16:54:44 +07:00 · 2026-02-01 16:54:44 +07:00 · e7f0cdb4a2
commit e7f0cdb4a2
parent c06032eb48
8 changed files with 426 additions and 1 deletions
--- a/modules/system/apps.nix
+++ b/modules/system/apps.nix
@ -0,0 +1,64 @@
+{ pkgs, ... }: {
+  nixpkgs.config.permittedInsecurePackages = [
+    "ventoy-qt5-1.1.10"
+  ];
+
+  environment.systemPackages = with pkgs; [
+    baobab
+    file-roller
+    gnome-network-displays
+    gnome-disk-utility
+    
+    smartmontools
+    lm_sensors
+    ntfs3g
+    virt-viewer
+    dconf2nix
+    pciutils
+    gparted
+    exfatprogs
+    pavucontrol
+    jq
+    powertop
+    smartmontools
+    fastfetch
+    ethtool
+    dig
+    dnslookup
+    lsof
+    gucharmap
+    ncdu
+    zip
+    blueman
+    shared-mime-info
+    usbutils
+
+    android-tools
+    scrcpy
+    distrobox
+
+    ventoy-full-qt
+    home-manager
+    vim
+    wget
+    curl
+    openssl_3
+    htop
+    nmap
+    sysstat
+    netcat
+    p7zip
+    stress
+    wakeonlan
+    coreutils-full
+    traceroute
+    lxappearance
+    freerdp
+
+    nix-index
+    nixd
+    nil
+    nh
+    git
+  ];
+}
--- a/modules/system/base.nix
+++ b/modules/system/base.nix
@ -0,0 +1,25 @@
+{ hostname, timezone, ... }: {
+  system.stateVersion = "24.11";
+  imports = [ ./apps.nix ];
+
+  nixpkgs.config.allowUnfree = true;
+  nix = {
+    settings = {
+      experimental-features = [ "nix-command" "flakes" ];
+      auto-optimise-store = true;
+    };
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 7d -d";
+    };
+    optimise.automatic = true;
+  };
+
+  networking.hostName = "${hostname}";
+  time.timeZone = timezone;
+  services = {
+    openssh.enable = true;
+    tailscale.enable = true;
+  };
+}
--- a/modules/system/default.nix
+++ b/modules/system/default.nix
@ -0,0 +1,169 @@
+{ pkgs, config, swapfile, locale, legacy-boot, wol, enable-dm, zerotier, ... }: {
+  imports = [
+    ../hardware/scan.nix
+    ../rice/system.nix
+    ./base.nix
+  ];
+
+  boot = {
+    kernelModules = [ "rndis_host" "cdc_ether" ];
+    supportedFilesystems = [ "ext4" "btrfs" "vfat" "ntfs" "exfat" ];
+    plymouth.enable = true;
+    kernel.sysctl = {
+      "net.ipv4.ip_forward" = 1;
+      "net.ipv6.conf.all.forwarding" = 1;
+    };
+    loader = {
+      efi.canTouchEfiVariables = true;
+      systemd-boot = {
+        enable = !legacy-boot;
+        configurationLimit = 3;
+        sortKey = "z-nixos";
+        editor = false;
+      };
+      grub = {
+        enable = legacy-boot; #true;
+        device = "/dev/sda";
+        useOSProber = true;
+        default = "saved";
+        theme = "${pkgs.libsForQt5.breeze-grub}/grub/themes/breeze";
+      };
+    };
+    kernelParams = [
+      #"quiet"
+      "boot.shell_on_fail"
+      "loglevel=3"
+      "rd.systemd.show_status=true"
+      #"rd.udev.log_level=3"
+      "udev.log_priority=3"
+    ];
+  };
+  swapDevices = if swapfile == 0 then [] else [
+    {
+      device = "/swapfile";
+      size = swapfile;
+    }
+  ];
+
+  virtualisation = {
+    # waydroid.enable = true;
+    docker.enable = true;
+    # libvirtd = {
+    #   enable = true;
+    #   qemu = {
+    #     package = pkgs.qemu_kvm;
+    #     swtpm.enable = true;
+    #     runAsRoot = false;
+    #     ovmf = {
+    #       enable = false;
+    #       packages = [(pkgs.OVMF.override {
+    #         secureBoot = true;
+    #         tpmSupport = true;
+    #       }).fd];
+    #     };
+    #   };
+    # };
+  };
+
+  networking = {
+    networkmanager.enable = true;
+    firewall.enable = false;
+    nameservers = ["1.1.1.1" "1.0.0.1"];
+  };
+
+  hardware.graphics = {
+    enable = true;
+    extraPackages = [ pkgs.libva-vdpau-driver ];
+  };
+  i18n.defaultLocale = locale;
+  environment.localBinInPath = true;
+
+  systemd.services."wol" = {
+    enable = wol != "";
+    description = "Wake-on-LAN for ${wol}";
+    requires = [ "network.target" ];
+    after = [ "network.target" ];
+    serviceConfig = {
+      ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${wol} wol g";
+      Type = "oneshot";
+    };
+    wantedBy = [ # just in case 
+      "multi-user.target"
+      "sleep.target"
+      "suspend.target"
+      "hibernate.target"
+      "hybrid-sleep.target"
+      "shutdown.target"
+      "reboot.target"
+      "halt.target"
+    ];
+  };
+
+  services = {
+    displayManager.gdm.enable = enable-dm;
+    xserver = {
+      enable = true;
+      xkb = {
+        layout = "us";
+        variant = "";
+      };
+    };
+    pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+      jack.enable = true;
+    };
+    sunshine = {
+      enable = true;
+      autoStart = true;
+      capSysAdmin = true;
+      openFirewall = true;
+    };
+    avahi = {
+      enable = true;
+      nssmdns4 = true;
+    };
+    printing = {
+      enable = true;
+      drivers = with pkgs; [ hplip ];
+    };
+    zerotierone = {
+      enable = true;
+      joinNetworks = zerotier.networks;
+    };
+    cloudflare-warp.enable = true;
+    gnome.gnome-keyring.enable = true;
+    gvfs.enable = true;
+    blueman.enable = true;
+    pulseaudio.enable = false;
+    resolved.enable = true;
+  };
+
+  security = {
+    rtkit.enable = true;
+    sudo.configFile = ''
+      Defaults insults
+      Defaults passwd_tries = 5
+    '';
+  };
+
+  fonts.packages = with pkgs; [
+    corefonts
+  ];
+
+  programs = {
+    gdk-pixbuf.modulePackages = [ pkgs.librsvg ];
+    zsh.enable = true;
+    nix-ld.enable = true;
+    steam.enable = true;
+    appimage = {
+      enable = true;
+      binfmt = true;
+    };
+    kdeconnect = {
+      enable = true;
+    };
+  };
+}