Wtf why did it remove everything.

2025-02-28 12:21:09 -05:00 · 2025-02-28 12:21:09 -05:00 · 2144d9ef61
commit 2144d9ef61
parent d58b606d90
73 changed files with 1077 additions and 0 deletions
--- a/modules/system/settings/minimal/default.nix
+++ b/modules/system/settings/minimal/default.nix
@ -0,0 +1,21 @@
+{ ... }:
+{
+  environment = {
+    defaultPackages = [ ];
+    stub-ld.enable = false;
+  };
+
+  documentation = {
+    doc.enable = false;
+    info.enable = false;
+    nixos.enable = false;
+  };
+
+  programs = {
+    nano.enable = false;
+    less.lessopen = null;
+    command-not-found.enable = false;
+  };
+
+  services.logrotate.enable = false;
+}
--- a/modules/system/settings/nix/default.nix
+++ b/modules/system/settings/nix/default.nix
@ -0,0 +1,23 @@
+{ config, lib, pkgs, unstable, ... }:
+{
+  imports = [ ./gc ];
+
+  options.nixpkgs.allowUnfreePackages = lib.mkOption {
+    type = with lib.types; listOf str;
+  };
+
+  config = {
+    nix.settings = {
+      experimental-features = [
+        "nix-command"
+        "flakes"
+      ];
+      auto-optimise-store = true;
+    };
+
+    _module.args.pkgsUnstable = import unstable {
+      inherit (pkgs.stdenv.hostPlatform) system;
+      inherit (config.nixpkgs) config;
+    };
+  };
+}
--- a/modules/system/settings/nix/gc/default.nix
+++ b/modules/system/settings/nix/gc/default.nix
@ -0,0 +1,8 @@
+{ ... }:
+{
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 7d";
+  };
+}
--- a/modules/system/settings/security/apparmor/default.nix
+++ b/modules/system/settings/security/apparmor/default.nix
@ -0,0 +1,4 @@
+{ ... }:
+{
+  security.apparmor.enable = true;
+}
--- a/modules/system/settings/security/default.nix
+++ b/modules/system/settings/security/default.nix
@ -2,6 +2,7 @@
 {
  imports = [
    ./apparmor
+    ./polkit
    ./privilege
  ];
 }
--- a/modules/system/settings/security/polkit/default.nix
+++ b/modules/system/settings/security/polkit/default.nix
@ -0,0 +1,7 @@
+{ config, lib, ... }:
+{
+  security = lib.mkIf config.system.desktop.enable {
+    polkit.enable = true;
+    rtkit.enable = true;
+  };
+}
--- a/modules/system/settings/security/privilege/default.nix
+++ b/modules/system/settings/security/privilege/default.nix
@ -0,0 +1,16 @@
+{ ... }:
+{
+  security = {
+    sudo.enable = false;
+    doas = {
+      enable = true;
+      extraRules = [
+        { # Give wheel root access
+          groups = [ "wheel" ];
+          keepEnv = true;
+          persist = true;
+        }
+      ];
+    };
+  };
+}
--- a/modules/system/settings/timezone/default.nix
+++ b/modules/system/settings/timezone/default.nix
@ -0,0 +1,4 @@
+{ ... }:
+{
+  time.timeZone = "America/Toronto";
+}