diff --git a/.gitattributes b/.gitattributes index b196730..84f7963 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1 +1 @@ -system/secrets/** filter=git-crypt diff=git-crypt +modules/system/secrets/** filter=git-crypt diff=git-crypt diff --git a/flake.nix b/flake.nix index e9a8e6b..3b2d960 100644 --- a/flake.nix +++ b/flake.nix @@ -28,7 +28,7 @@ }@inputs: { nixosConfigurations.rubble = nixpkgs.lib.nixosSystem { - modules = [ ./system ]; + modules = [ ./host ]; specialArgs = inputs; }; }; diff --git a/host/default.nix b/host/default.nix new file mode 100644 index 0000000..9ace3ed --- /dev/null +++ b/host/default.nix @@ -0,0 +1,19 @@ +{ ... }: +{ + imports = [ + ./disko + ./hardware + ../modules/system + ]; + + networking = { + hostName = "rubble"; + hostId = "e0b1fcef"; + }; + + system = { + extlinux.enable = true; + wireless.enable = true; + stateVersion = "24.11"; + }; +} diff --git a/system/devices/disks/disko/default.nix b/host/disko/default.nix similarity index 92% rename from system/devices/disks/disko/default.nix rename to host/disko/default.nix index 260124f..4022bcc 100644 --- a/system/devices/disks/disko/default.nix +++ b/host/disko/default.nix @@ -68,12 +68,8 @@ mountOptions = [ "compress=zstd" "noatime" "ssd" ]; }; "/persist/.snapshots" = { }; - - "/persist/home/jules" = { }; - "/persist/home/jules/.snapshots" = { }; - - "/persist/home/jimbo" = { }; - "/persist/home/jimbo/.snapshots" = { }; + "/persist/home/${config.sysusers.main}" = { }; + "/persist/home/${config.sysusers.main}/.snapshots" = { }; }; }; }; diff --git a/system/devices/hardware/default.nix b/host/hardware/default.nix similarity index 100% rename from system/devices/hardware/default.nix rename to host/hardware/default.nix diff --git a/home/jimbo/id_ed25519.pub b/host/id_ed25519.pub similarity index 100% rename from home/jimbo/id_ed25519.pub rename to host/id_ed25519.pub diff --git a/home/jimbo/default.nix b/modules/home/default.nix similarity index 100% rename from home/jimbo/default.nix rename to modules/home/default.nix diff --git a/home/jimbo/programs/btop/default.nix b/modules/home/programs/btop/default.nix similarity index 100% rename from home/jimbo/programs/btop/default.nix rename to modules/home/programs/btop/default.nix diff --git a/home/jimbo/programs/default.nix b/modules/home/programs/default.nix similarity index 100% rename from home/jimbo/programs/default.nix rename to modules/home/programs/default.nix diff --git a/home/jimbo/programs/eza/default.nix b/modules/home/programs/eza/default.nix similarity index 100% rename from home/jimbo/programs/eza/default.nix rename to modules/home/programs/eza/default.nix diff --git a/home/jimbo/programs/fastfetch/config.jsonc b/modules/home/programs/fastfetch/config.jsonc similarity index 100% rename from home/jimbo/programs/fastfetch/config.jsonc rename to modules/home/programs/fastfetch/config.jsonc diff --git a/home/jimbo/programs/fastfetch/default.nix b/modules/home/programs/fastfetch/default.nix similarity index 100% rename from home/jimbo/programs/fastfetch/default.nix rename to modules/home/programs/fastfetch/default.nix diff --git a/home/jimbo/programs/fastfetch/small/default.nix b/modules/home/programs/fastfetch/small/default.nix similarity index 100% rename from home/jimbo/programs/fastfetch/small/default.nix rename to modules/home/programs/fastfetch/small/default.nix diff --git a/home/jimbo/programs/fastfetch/small/small.jsonc b/modules/home/programs/fastfetch/small/small.jsonc similarity index 100% rename from home/jimbo/programs/fastfetch/small/small.jsonc rename to modules/home/programs/fastfetch/small/small.jsonc diff --git a/home/jimbo/programs/git/default.nix b/modules/home/programs/git/default.nix similarity index 100% rename from home/jimbo/programs/git/default.nix rename to modules/home/programs/git/default.nix diff --git a/home/jimbo/programs/headless/default.nix b/modules/home/programs/headless/default.nix similarity index 100% rename from home/jimbo/programs/headless/default.nix rename to modules/home/programs/headless/default.nix diff --git a/home/jimbo/programs/neovim/default.nix b/modules/home/programs/neovim/default.nix similarity index 100% rename from home/jimbo/programs/neovim/default.nix rename to modules/home/programs/neovim/default.nix diff --git a/home/jimbo/programs/nh/default.nix b/modules/home/programs/nh/default.nix similarity index 100% rename from home/jimbo/programs/nh/default.nix rename to modules/home/programs/nh/default.nix diff --git a/home/jimbo/programs/nix-index/default.nix b/modules/home/programs/nix-index/default.nix similarity index 100% rename from home/jimbo/programs/nix-index/default.nix rename to modules/home/programs/nix-index/default.nix diff --git a/home/jimbo/programs/ranger/default.nix b/modules/home/programs/ranger/default.nix similarity index 100% rename from home/jimbo/programs/ranger/default.nix rename to modules/home/programs/ranger/default.nix diff --git a/home/jimbo/programs/tmux/default.nix b/modules/home/programs/tmux/default.nix similarity index 100% rename from home/jimbo/programs/tmux/default.nix rename to modules/home/programs/tmux/default.nix diff --git a/home/jimbo/programs/zsh/default.nix b/modules/home/programs/zsh/default.nix similarity index 100% rename from home/jimbo/programs/zsh/default.nix rename to modules/home/programs/zsh/default.nix diff --git a/home/jimbo/settings/aliases/default.nix b/modules/home/settings/aliases/default.nix similarity index 100% rename from home/jimbo/settings/aliases/default.nix rename to modules/home/settings/aliases/default.nix diff --git a/home/jimbo/settings/default.nix b/modules/home/settings/default.nix similarity index 100% rename from home/jimbo/settings/default.nix rename to modules/home/settings/default.nix diff --git a/home/jimbo/settings/nix/default.nix b/modules/home/settings/nix/default.nix similarity index 100% rename from home/jimbo/settings/nix/default.nix rename to modules/home/settings/nix/default.nix diff --git a/home/jimbo/user/default.nix b/modules/home/user/default.nix similarity index 100% rename from home/jimbo/user/default.nix rename to modules/home/user/default.nix diff --git a/system/accounts/default.nix b/modules/system/accounts/default.nix similarity index 100% rename from system/accounts/default.nix rename to modules/system/accounts/default.nix diff --git a/system/accounts/groups/default.nix b/modules/system/accounts/groups/default.nix similarity index 100% rename from system/accounts/groups/default.nix rename to modules/system/accounts/groups/default.nix diff --git a/system/accounts/groups/nfsShare/default.nix b/modules/system/accounts/groups/nfsShare/default.nix similarity index 100% rename from system/accounts/groups/nfsShare/default.nix rename to modules/system/accounts/groups/nfsShare/default.nix diff --git a/system/accounts/users/custom/default.nix b/modules/system/accounts/users/custom/default.nix similarity index 78% rename from system/accounts/users/custom/default.nix rename to modules/system/accounts/users/custom/default.nix index ea5f7b8..d2600a9 100644 --- a/system/accounts/users/custom/default.nix +++ b/modules/system/accounts/users/custom/default.nix @@ -1,9 +1,7 @@ { home-manager, ... }: { imports = [ - ./jules - ./jimbo - + ./main home-manager.nixosModules.home-manager ]; } diff --git a/modules/system/accounts/users/custom/jules/default.nix b/modules/system/accounts/users/custom/jules/default.nix new file mode 100644 index 0000000..fe5fbf9 --- /dev/null +++ b/modules/system/accounts/users/custom/jules/default.nix @@ -0,0 +1,48 @@ +{ config, lib, pkgs, ... }: +{ + options.sysusers = lib.mkOption { + type = lib.types.attrs; + }; + + config = { + sysusers.main = "jimbo"; + + users.users."${config.sysusers.main}" = { + hashedPassword = config.secrets.mainAccPass; + isNormalUser = true; + openssh.authorizedKeys.keyFiles = [ + ../../../../../../hosts/tower/id_ed25519.pub + + ../../../../../../hosts/envy/id_ed25519.pub + ../../../../../../hosts/redmond/id_ed25519.pub + + ../../../../../../hosts/kitty/id_ed25519.pub + ../../../../../../hosts/midas/id_ed25519.pub + ../../../../../../hosts/prophet/id_ed25519.pub + ../../../../../../hosts/rubble/id_ed25519.pub + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9" + ]; + extraGroups = [ + "wheel" + "audio" + "video" + "input" + "disk" + "dialout" + "rtkit" + "kvm" + "libvirtd" + "qemu-libvirtd" + "nginx" + "minecraft" + "nfsShare" + ]; + uid = 1000; + shell = pkgs.zsh; + }; + + home-manager.users."${config.sysusers.main}" = import ../../../../../home; + }; +} diff --git a/modules/system/accounts/users/custom/main/default.nix b/modules/system/accounts/users/custom/main/default.nix new file mode 100644 index 0000000..d81968a --- /dev/null +++ b/modules/system/accounts/users/custom/main/default.nix @@ -0,0 +1,38 @@ +{ config, lib, pkgs, ... }: +{ + options.sysusers = lib.mkOption { + type = lib.types.attrs; + }; + + config = { + sysusers.main = "jimbo"; + + users.users."${config.sysusers.main}" = { + hashedPassword = config.secrets.mainAccPass; + isNormalUser = true; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2lMkUd+BbXITE5LTg94hEzmA6UKsIIbaf5YOjGoLzl" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFGHaxdTeC1xnTx2BY5LLR5LxhdSkmYoWuOeEuRIz0k" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9" + ]; + extraGroups = [ + "wheel" + "audio" + "video" + "input" + "disk" + "dialout" + "rtkit" + "kvm" + "libvirtd" + "qemu-libvirtd" + "nginx" + "nfsShare" + ]; + uid = 1000; + shell = pkgs.zsh; + }; + + home-manager.users."${config.sysusers.main}" = import ../../../../../home; + }; +} diff --git a/system/accounts/users/default.nix b/modules/system/accounts/users/default.nix similarity index 100% rename from system/accounts/users/default.nix rename to modules/system/accounts/users/default.nix diff --git a/system/accounts/users/system/default.nix b/modules/system/accounts/users/system/default.nix similarity index 100% rename from system/accounts/users/system/default.nix rename to modules/system/accounts/users/system/default.nix diff --git a/system/accounts/users/system/jellyfin/default.nix b/modules/system/accounts/users/system/jellyfin/default.nix similarity index 100% rename from system/accounts/users/system/jellyfin/default.nix rename to modules/system/accounts/users/system/jellyfin/default.nix diff --git a/system/accounts/users/system/liquidsoap/default.nix b/modules/system/accounts/users/system/liquidsoap/default.nix similarity index 100% rename from system/accounts/users/system/liquidsoap/default.nix rename to modules/system/accounts/users/system/liquidsoap/default.nix diff --git a/system/accounts/users/system/nextcloud/default.nix b/modules/system/accounts/users/system/nextcloud/default.nix similarity index 100% rename from system/accounts/users/system/nextcloud/default.nix rename to modules/system/accounts/users/system/nextcloud/default.nix diff --git a/system/accounts/users/system/nginx/default.nix b/modules/system/accounts/users/system/nginx/default.nix similarity index 100% rename from system/accounts/users/system/nginx/default.nix rename to modules/system/accounts/users/system/nginx/default.nix diff --git a/modules/system/default.nix b/modules/system/default.nix new file mode 100644 index 0000000..c3270fb --- /dev/null +++ b/modules/system/default.nix @@ -0,0 +1,16 @@ +{ lib, ... }: +{ + imports = [ + ./accounts + ./devices + ./programs + ./secrets + ./services + ./settings + ]; + + options.system = with lib; { + desktop.enable = lib.mkEnableOption "Enable desktop apps and services"; + server.enable = lib.mkEnableOption "Enable server apps and services"; + }; +} diff --git a/system/devices/boot/default.nix b/modules/system/devices/boot/default.nix similarity index 100% rename from system/devices/boot/default.nix rename to modules/system/devices/boot/default.nix diff --git a/modules/system/devices/boot/extlinux/default.nix b/modules/system/devices/boot/extlinux/default.nix new file mode 100644 index 0000000..95858ea --- /dev/null +++ b/modules/system/devices/boot/extlinux/default.nix @@ -0,0 +1,10 @@ +{ config, lib, ... }: +{ + options.system.extlinux.enable = lib.mkEnableOption "Enable extlinux"; + + config.boot.loader = lib.mkIf config.system.extlinux.enable { + grub.enable = false; + systemd-boot.enable = lib.mkForce false; + generic-extlinux-compatible.enable = true; + }; +} diff --git a/system/devices/boot/services/default.nix b/modules/system/devices/boot/services/default.nix similarity index 100% rename from system/devices/boot/services/default.nix rename to modules/system/devices/boot/services/default.nix diff --git a/system/devices/boot/services/root-reset/default.nix b/modules/system/devices/boot/services/root-reset/default.nix similarity index 100% rename from system/devices/boot/services/root-reset/default.nix rename to modules/system/devices/boot/services/root-reset/default.nix diff --git a/system/devices/default.nix b/modules/system/devices/default.nix similarity index 82% rename from system/devices/default.nix rename to modules/system/devices/default.nix index df4ca05..d4feeb6 100644 --- a/system/devices/default.nix +++ b/modules/system/devices/default.nix @@ -3,7 +3,6 @@ imports = [ ./boot ./disks - ./hardware ./networking ]; } diff --git a/system/devices/disks/default.nix b/modules/system/devices/disks/default.nix similarity index 89% rename from system/devices/disks/default.nix rename to modules/system/devices/disks/default.nix index 5e5151f..727bef5 100644 --- a/system/devices/disks/default.nix +++ b/modules/system/devices/disks/default.nix @@ -1,7 +1,6 @@ { ... }: { imports = [ - ./disko ./filesystems ./immutable ./impermanence diff --git a/system/devices/disks/filesystems/default.nix b/modules/system/devices/disks/filesystems/default.nix similarity index 100% rename from system/devices/disks/filesystems/default.nix rename to modules/system/devices/disks/filesystems/default.nix diff --git a/system/devices/disks/immutable/default.nix b/modules/system/devices/disks/immutable/default.nix similarity index 100% rename from system/devices/disks/immutable/default.nix rename to modules/system/devices/disks/immutable/default.nix diff --git a/system/devices/disks/impermanence/default.nix b/modules/system/devices/disks/impermanence/default.nix similarity index 80% rename from system/devices/disks/impermanence/default.nix rename to modules/system/devices/disks/impermanence/default.nix index 19c1af8..e73882d 100644 --- a/system/devices/disks/impermanence/default.nix +++ b/modules/system/devices/disks/impermanence/default.nix @@ -1,10 +1,8 @@ { impermanence, ... }: { imports = [ - ./jules - ./jimbo + ./main ./root - impermanence.nixosModules.impermanence ]; } diff --git a/modules/system/devices/disks/impermanence/main/default.nix b/modules/system/devices/disks/impermanence/main/default.nix new file mode 100644 index 0000000..cca8d2c --- /dev/null +++ b/modules/system/devices/disks/impermanence/main/default.nix @@ -0,0 +1,46 @@ +{ config, ... }: +{ + environment.persistence."/persist" = { + hideMounts = true; + users.${config.sysusers.main} = { + directories = [ + "Keepers" + "Documents" + "Pictures" + "Videos" + "Games" + "VMs" + + ".snapshots" + ".mozilla" + ".thunderbird" + + ".config/blender" + ".config/dconf" + ".config/vesktop" + ".config/sunshine" + ".config/heroic" + ".config/obs-studio" + + ".local/share/mpd" + ".local/share/nvim/undo" + ".local/share/PrismLauncher" + ".local/share/Steam" + ".local/share/TelegramDesktop" + + ".local/state/wireplumber" + + ".cache/nix-index" + + { directory = ".ssh"; mode = "0700"; } + { directory = ".gnupg"; mode = "0700"; } + { directory = ".local/share/keyrings"; mode = "0700"; } + ]; + files = [ + ".zsh_history" + ".local/state/lazygit/state.yml" + ".local/share/applications" # Create directory so nothing generates inside of it + ]; + }; + }; +} diff --git a/system/devices/disks/impermanence/root/default.nix b/modules/system/devices/disks/impermanence/root/default.nix similarity index 100% rename from system/devices/disks/impermanence/root/default.nix rename to modules/system/devices/disks/impermanence/root/default.nix diff --git a/system/devices/disks/snapper/default.nix b/modules/system/devices/disks/snapper/default.nix similarity index 85% rename from system/devices/disks/snapper/default.nix rename to modules/system/devices/disks/snapper/default.nix index 8135c66..112c378 100644 --- a/system/devices/disks/snapper/default.nix +++ b/modules/system/devices/disks/snapper/default.nix @@ -1,8 +1,7 @@ { ... }: { imports = [ - ./jules - ./jimbo + ./main ./root ]; diff --git a/system/devices/disks/snapper/jules/default.nix b/modules/system/devices/disks/snapper/main/default.nix similarity index 55% rename from system/devices/disks/snapper/jules/default.nix rename to modules/system/devices/disks/snapper/main/default.nix index b9bbf9e..cac62e4 100644 --- a/system/devices/disks/snapper/jules/default.nix +++ b/modules/system/devices/disks/snapper/main/default.nix @@ -1,7 +1,7 @@ { config, lib, ... }: { - services.snapper.configs.jules = lib.mkIf config.environment.persistence."/persist".enable { - SUBVOLUME = "/persist/home/jules"; + services.snapper.configs.${config.sysusers.main} = lib.mkIf config.environment.persistence."/persist".enable { + SUBVOLUME = "/persist/home/${config.sysusers.main}"; TIMELINE_CREATE = true; TIMELINE_CLEANUP = true; TIMELINE_LIMIT_DAILY = 1; diff --git a/system/devices/disks/snapper/root/default.nix b/modules/system/devices/disks/snapper/root/default.nix similarity index 100% rename from system/devices/disks/snapper/root/default.nix rename to modules/system/devices/disks/snapper/root/default.nix diff --git a/system/devices/networking/default.nix b/modules/system/devices/networking/default.nix similarity index 63% rename from system/devices/networking/default.nix rename to modules/system/devices/networking/default.nix index 34dfe97..5aafa71 100644 --- a/system/devices/networking/default.nix +++ b/modules/system/devices/networking/default.nix @@ -1,10 +1,9 @@ -{ config, pkgs, ... }: +{ config, ... }: { + imports = [ ./wireless ]; + networking = { - wireless = { - enable = false; - iwd.enable = true; - }; + wireless.enable = false; dhcpcd.enable = true; nftables.enable = true; firewall.allowPing = false; @@ -22,9 +21,4 @@ fallbackDns = config.networking.nameservers; dnsovertls = "true"; }; - - environment = { - systemPackages = with pkgs; [ impala ]; - persistence."/persist".directories = [ "/var/lib/iwd/" ]; - }; } diff --git a/modules/system/devices/networking/wireless/default.nix b/modules/system/devices/networking/wireless/default.nix new file mode 100644 index 0000000..cac36dc --- /dev/null +++ b/modules/system/devices/networking/wireless/default.nix @@ -0,0 +1,13 @@ +{ config, lib, pkgs, ... }: +{ + options.system.wireless.enable = lib.mkEnableOption "Enable wireless stack"; + + config = lib.mkIf config.system.wireless.enable { + networking.wireless.iwd.enable = true; + + environment = { + systemPackages = with pkgs; [ impala ]; + persistence."/persist".directories = [ "/var/lib/iwd/" ]; + }; + }; +} diff --git a/system/programs/default.nix b/modules/system/programs/default.nix similarity index 100% rename from system/programs/default.nix rename to modules/system/programs/default.nix diff --git a/system/programs/git/default.nix b/modules/system/programs/git/default.nix similarity index 100% rename from system/programs/git/default.nix rename to modules/system/programs/git/default.nix diff --git a/system/programs/home-manager/default.nix b/modules/system/programs/home-manager/default.nix similarity index 100% rename from system/programs/home-manager/default.nix rename to modules/system/programs/home-manager/default.nix diff --git a/system/programs/shells/default.nix b/modules/system/programs/shells/default.nix similarity index 100% rename from system/programs/shells/default.nix rename to modules/system/programs/shells/default.nix diff --git a/modules/system/secrets/default.nix b/modules/system/secrets/default.nix new file mode 100644 index 0000000..e3a32ce Binary files /dev/null and b/modules/system/secrets/default.nix differ diff --git a/system/services/default.nix b/modules/system/services/default.nix similarity index 100% rename from system/services/default.nix rename to modules/system/services/default.nix diff --git a/system/services/general/default.nix b/modules/system/services/general/default.nix similarity index 100% rename from system/services/general/default.nix rename to modules/system/services/general/default.nix diff --git a/system/services/general/earlyoom/default.nix b/modules/system/services/general/earlyoom/default.nix similarity index 100% rename from system/services/general/earlyoom/default.nix rename to modules/system/services/general/earlyoom/default.nix diff --git a/system/services/general/libvirtd/default.nix b/modules/system/services/general/libvirtd/default.nix similarity index 91% rename from system/services/general/libvirtd/default.nix rename to modules/system/services/general/libvirtd/default.nix index 76e0469..9324286 100644 --- a/system/services/general/libvirtd/default.nix +++ b/modules/system/services/general/libvirtd/default.nix @@ -33,5 +33,7 @@ "virbr0" "virbr1" ]; + + systemd.tmpfiles.rules = [ "f /dev/shm/looking-glass 0660 - libvirtd -" ]; }; } diff --git a/system/services/general/snowflake/default.nix b/modules/system/services/general/snowflake/default.nix similarity index 100% rename from system/services/general/snowflake/default.nix rename to modules/system/services/general/snowflake/default.nix diff --git a/system/services/general/ssh/default.nix b/modules/system/services/general/ssh/default.nix similarity index 100% rename from system/services/general/ssh/default.nix rename to modules/system/services/general/ssh/default.nix diff --git a/system/services/general/ssh/fail2ban/default.nix b/modules/system/services/general/ssh/fail2ban/default.nix similarity index 100% rename from system/services/general/ssh/fail2ban/default.nix rename to modules/system/services/general/ssh/fail2ban/default.nix diff --git a/system/services/general/tlp/default.nix b/modules/system/services/general/tlp/default.nix similarity index 100% rename from system/services/general/tlp/default.nix rename to modules/system/services/general/tlp/default.nix diff --git a/system/services/general/userborn/default.nix b/modules/system/services/general/userborn/default.nix similarity index 100% rename from system/services/general/userborn/default.nix rename to modules/system/services/general/userborn/default.nix diff --git a/system/services/server/cfdyndns/default.nix b/modules/system/services/server/cfdyndns/default.nix similarity index 100% rename from system/services/server/cfdyndns/default.nix rename to modules/system/services/server/cfdyndns/default.nix diff --git a/system/services/server/default.nix b/modules/system/services/server/default.nix similarity index 100% rename from system/services/server/default.nix rename to modules/system/services/server/default.nix diff --git a/system/services/server/fileserver/default.nix b/modules/system/services/server/fileserver/default.nix similarity index 100% rename from system/services/server/fileserver/default.nix rename to modules/system/services/server/fileserver/default.nix diff --git a/system/services/server/fileserver/jellyfin/default.nix b/modules/system/services/server/fileserver/jellyfin/default.nix similarity index 100% rename from system/services/server/fileserver/jellyfin/default.nix rename to modules/system/services/server/fileserver/jellyfin/default.nix diff --git a/system/services/server/fileserver/jellyfin/nginx/default.nix b/modules/system/services/server/fileserver/jellyfin/nginx/default.nix similarity index 100% rename from system/services/server/fileserver/jellyfin/nginx/default.nix rename to modules/system/services/server/fileserver/jellyfin/nginx/default.nix diff --git a/system/services/server/fileserver/nextcloud/collabora/default.nix b/modules/system/services/server/fileserver/nextcloud/collabora/default.nix similarity index 100% rename from system/services/server/fileserver/nextcloud/collabora/default.nix rename to modules/system/services/server/fileserver/nextcloud/collabora/default.nix diff --git a/system/services/server/fileserver/nextcloud/default.nix b/modules/system/services/server/fileserver/nextcloud/default.nix similarity index 100% rename from system/services/server/fileserver/nextcloud/default.nix rename to modules/system/services/server/fileserver/nextcloud/default.nix diff --git a/system/services/server/fileserver/nextcloud/nginx/default.nix b/modules/system/services/server/fileserver/nextcloud/nginx/default.nix similarity index 100% rename from system/services/server/fileserver/nextcloud/nginx/default.nix rename to modules/system/services/server/fileserver/nextcloud/nginx/default.nix diff --git a/system/services/server/fileserver/nfs/default.nix b/modules/system/services/server/fileserver/nfs/default.nix similarity index 100% rename from system/services/server/fileserver/nfs/default.nix rename to modules/system/services/server/fileserver/nfs/default.nix diff --git a/system/services/server/forgejo/default.nix b/modules/system/services/server/forgejo/default.nix similarity index 100% rename from system/services/server/forgejo/default.nix rename to modules/system/services/server/forgejo/default.nix diff --git a/system/services/server/forgejo/nginx/default.nix b/modules/system/services/server/forgejo/nginx/default.nix similarity index 100% rename from system/services/server/forgejo/nginx/default.nix rename to modules/system/services/server/forgejo/nginx/default.nix diff --git a/system/services/server/mysql/default.nix b/modules/system/services/server/mysql/default.nix similarity index 100% rename from system/services/server/mysql/default.nix rename to modules/system/services/server/mysql/default.nix diff --git a/system/services/server/socialserver/default.nix b/modules/system/services/server/socialserver/default.nix similarity index 100% rename from system/services/server/socialserver/default.nix rename to modules/system/services/server/socialserver/default.nix diff --git a/system/services/server/socialserver/mastodon/default.nix b/modules/system/services/server/socialserver/mastodon/default.nix similarity index 100% rename from system/services/server/socialserver/mastodon/default.nix rename to modules/system/services/server/socialserver/mastodon/default.nix diff --git a/system/services/server/socialserver/matrix/coturn/default.nix b/modules/system/services/server/socialserver/matrix/coturn/default.nix similarity index 100% rename from system/services/server/socialserver/matrix/coturn/default.nix rename to modules/system/services/server/socialserver/matrix/coturn/default.nix diff --git a/system/services/server/socialserver/matrix/coturn/nginx/default.nix b/modules/system/services/server/socialserver/matrix/coturn/nginx/default.nix similarity index 100% rename from system/services/server/socialserver/matrix/coturn/nginx/default.nix rename to modules/system/services/server/socialserver/matrix/coturn/nginx/default.nix diff --git a/system/services/server/socialserver/matrix/default.nix b/modules/system/services/server/socialserver/matrix/default.nix similarity index 100% rename from system/services/server/socialserver/matrix/default.nix rename to modules/system/services/server/socialserver/matrix/default.nix diff --git a/system/services/server/socialserver/matrix/element/default.nix b/modules/system/services/server/socialserver/matrix/element/default.nix similarity index 100% rename from system/services/server/socialserver/matrix/element/default.nix rename to modules/system/services/server/socialserver/matrix/element/default.nix diff --git a/system/services/server/socialserver/matrix/element/nginx/default.nix b/modules/system/services/server/socialserver/matrix/element/nginx/default.nix similarity index 100% rename from system/services/server/socialserver/matrix/element/nginx/default.nix rename to modules/system/services/server/socialserver/matrix/element/nginx/default.nix diff --git a/system/services/server/socialserver/matrix/synapse/default.nix b/modules/system/services/server/socialserver/matrix/synapse/default.nix similarity index 100% rename from system/services/server/socialserver/matrix/synapse/default.nix rename to modules/system/services/server/socialserver/matrix/synapse/default.nix diff --git a/system/services/server/socialserver/matrix/synapse/nginx/default.nix b/modules/system/services/server/socialserver/matrix/synapse/nginx/default.nix similarity index 100% rename from system/services/server/socialserver/matrix/synapse/nginx/default.nix rename to modules/system/services/server/socialserver/matrix/synapse/nginx/default.nix diff --git a/system/services/server/socialserver/owncast/default.nix b/modules/system/services/server/socialserver/owncast/default.nix similarity index 100% rename from system/services/server/socialserver/owncast/default.nix rename to modules/system/services/server/socialserver/owncast/default.nix diff --git a/system/services/server/socialserver/owncast/nginx/default.nix b/modules/system/services/server/socialserver/owncast/nginx/default.nix similarity index 100% rename from system/services/server/socialserver/owncast/nginx/default.nix rename to modules/system/services/server/socialserver/owncast/nginx/default.nix diff --git a/system/services/server/transmission/default.nix b/modules/system/services/server/transmission/default.nix similarity index 100% rename from system/services/server/transmission/default.nix rename to modules/system/services/server/transmission/default.nix diff --git a/system/services/server/transmission/nginx/default.nix b/modules/system/services/server/transmission/nginx/default.nix similarity index 100% rename from system/services/server/transmission/nginx/default.nix rename to modules/system/services/server/transmission/nginx/default.nix diff --git a/system/services/server/vaultwarden/default.nix b/modules/system/services/server/vaultwarden/default.nix similarity index 100% rename from system/services/server/vaultwarden/default.nix rename to modules/system/services/server/vaultwarden/default.nix diff --git a/system/services/server/vaultwarden/nginx/default.nix b/modules/system/services/server/vaultwarden/nginx/default.nix similarity index 100% rename from system/services/server/vaultwarden/nginx/default.nix rename to modules/system/services/server/vaultwarden/nginx/default.nix diff --git a/system/services/server/webserver/acme/default.nix b/modules/system/services/server/webserver/acme/default.nix similarity index 100% rename from system/services/server/webserver/acme/default.nix rename to modules/system/services/server/webserver/acme/default.nix diff --git a/system/services/server/webserver/default.nix b/modules/system/services/server/webserver/default.nix similarity index 100% rename from system/services/server/webserver/default.nix rename to modules/system/services/server/webserver/default.nix diff --git a/system/services/server/webserver/nginx/default.nix b/modules/system/services/server/webserver/nginx/default.nix similarity index 100% rename from system/services/server/webserver/nginx/default.nix rename to modules/system/services/server/webserver/nginx/default.nix diff --git a/system/services/server/webserver/nginx/rtmp/default.nix b/modules/system/services/server/webserver/nginx/rtmp/default.nix similarity index 100% rename from system/services/server/webserver/nginx/rtmp/default.nix rename to modules/system/services/server/webserver/nginx/rtmp/default.nix diff --git a/system/services/server/webserver/nginx/virtualhosts/default.nix b/modules/system/services/server/webserver/nginx/virtualhosts/default.nix similarity index 100% rename from system/services/server/webserver/nginx/virtualhosts/default.nix rename to modules/system/services/server/webserver/nginx/virtualhosts/default.nix diff --git a/system/services/server/webserver/nginx/virtualhosts/jimbosfiles/default.nix b/modules/system/services/server/webserver/nginx/virtualhosts/jimbosfiles/default.nix similarity index 100% rename from system/services/server/webserver/nginx/virtualhosts/jimbosfiles/default.nix rename to modules/system/services/server/webserver/nginx/virtualhosts/jimbosfiles/default.nix diff --git a/system/services/server/webserver/nginx/virtualhosts/nixfox/default.nix b/modules/system/services/server/webserver/nginx/virtualhosts/nixfox/default.nix similarity index 100% rename from system/services/server/webserver/nginx/virtualhosts/nixfox/default.nix rename to modules/system/services/server/webserver/nginx/virtualhosts/nixfox/default.nix diff --git a/system/settings/default.nix b/modules/system/settings/default.nix similarity index 100% rename from system/settings/default.nix rename to modules/system/settings/default.nix diff --git a/system/settings/minimal/default.nix b/modules/system/settings/minimal/default.nix similarity index 100% rename from system/settings/minimal/default.nix rename to modules/system/settings/minimal/default.nix diff --git a/system/settings/nix/default.nix b/modules/system/settings/nix/default.nix similarity index 100% rename from system/settings/nix/default.nix rename to modules/system/settings/nix/default.nix diff --git a/system/settings/nix/gc/default.nix b/modules/system/settings/nix/gc/default.nix similarity index 100% rename from system/settings/nix/gc/default.nix rename to modules/system/settings/nix/gc/default.nix diff --git a/system/settings/security/apparmor/default.nix b/modules/system/settings/security/apparmor/default.nix similarity index 100% rename from system/settings/security/apparmor/default.nix rename to modules/system/settings/security/apparmor/default.nix diff --git a/system/settings/security/default.nix b/modules/system/settings/security/default.nix similarity index 61% rename from system/settings/security/default.nix rename to modules/system/settings/security/default.nix index d9e1871..e187a55 100644 --- a/system/settings/security/default.nix +++ b/modules/system/settings/security/default.nix @@ -2,6 +2,7 @@ { imports = [ ./apparmor - ./doas + ./polkit + ./privilege ]; } diff --git a/modules/system/settings/security/polkit/default.nix b/modules/system/settings/security/polkit/default.nix new file mode 100644 index 0000000..2539503 --- /dev/null +++ b/modules/system/settings/security/polkit/default.nix @@ -0,0 +1,7 @@ +{ config, lib, ... }: +{ + security = lib.mkIf config.system.desktop.enable { + polkit.enable = true; + rtkit.enable = true; + }; +} diff --git a/system/settings/security/doas/default.nix b/modules/system/settings/security/privilege/default.nix similarity index 76% rename from system/settings/security/doas/default.nix rename to modules/system/settings/security/privilege/default.nix index cd2e2dd..b40d8ea 100644 --- a/system/settings/security/doas/default.nix +++ b/modules/system/settings/security/privilege/default.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ ... }: { security = { sudo.enable = false; @@ -13,6 +13,4 @@ ]; }; }; - - environment.systemPackages = with pkgs; [ doas-sudo-shim ]; } diff --git a/system/settings/timezone/default.nix b/modules/system/settings/timezone/default.nix similarity index 100% rename from system/settings/timezone/default.nix rename to modules/system/settings/timezone/default.nix diff --git a/system/accounts/users/custom/jimbo/default.nix b/system/accounts/users/custom/jimbo/default.nix deleted file mode 100644 index 4e10ca3..0000000 --- a/system/accounts/users/custom/jimbo/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - users.users.jimbo = { - hashedPassword = config.secrets.jimboAccPass; - isNormalUser = true; - createHome = true; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2lMkUd+BbXITE5LTg94hEzmA6UKsIIbaf5YOjGoLzl" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFGHaxdTeC1xnTx2BY5LLR5LxhdSkmYoWuOeEuRIz0k" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9" - ]; - extraGroups = [ - "wheel" - "input" - "disk" - "dialout" - "rtkit" - "kvm" - "libvirtd" - "qemu-libvirtd" - "nginx" - "nfsShare" - ]; - uid = 1000; - shell = pkgs.zsh; - }; - - home-manager.users.jimbo = import ../../../../../home/jimbo; -} diff --git a/system/accounts/users/custom/jules/default.nix b/system/accounts/users/custom/jules/default.nix deleted file mode 100644 index ed6dabc..0000000 --- a/system/accounts/users/custom/jules/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - users.users.jules = { - hashedPassword = config.secrets.jimboAccPass; - isNormalUser = true; - createHome = true; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHwxJcAWuHkKy/Ar37aIoqg34CDcZu7/bh978nYkOgzj jules@jules-pc" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEOszCNP+6rkIS75GyFVhn9o6QpUuGdx/J4rjzROrpSl jules@xeta" - ]; - extraGroups = [ - "wheel" - "input" - "disk" - "dialout" - "kvm" - "libvirtd" - "qemu-libvirtd" - "nginx" - "nfsShare" - ]; - uid = 1001; - shell = pkgs.fish; - }; - - #home-manager.users.jules = import ../../../../../jules/home; -} diff --git a/system/default.nix b/system/default.nix deleted file mode 100644 index e995e23..0000000 --- a/system/default.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ lib, ... }: -{ - imports = [ - ./accounts - ./devices - ./programs - ./secrets - ./services - ./settings - ]; - - options.system = with lib; { - server.enable = mkEnableOption "Enable server apps and services"; - }; - - config = { - networking = { - hostName = "rubble"; - hostId = "e0b1fcef"; - }; - - system.stateVersion = "24.11"; - }; -} diff --git a/system/devices/boot/extlinux/default.nix b/system/devices/boot/extlinux/default.nix deleted file mode 100644 index d22c081..0000000 --- a/system/devices/boot/extlinux/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ ... }: -{ - boot.loader = { - grub.enable = false; - systemd-boot.enable = false; - generic-extlinux-compatible.enable = true; - }; -} diff --git a/system/devices/disks/impermanence/jimbo/default.nix b/system/devices/disks/impermanence/jimbo/default.nix deleted file mode 100644 index 8b1ee41..0000000 --- a/system/devices/disks/impermanence/jimbo/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, ... }: -{ - environment.persistence."/persist" = { - hideMounts = true; - users.jimbo = { - directories = [ - "Keepers" - "Documents" - "Pictures" - "Videos" - "VMs" - - ".snapshots" - - ".cache/nix-index" - - { directory = ".ssh"; mode = "0700"; } - { directory = ".gnupg"; mode = "0700"; } - ]; - files = [ - ".zsh_history" - ".local/state/lazygit/state.yml" - ]; - }; - }; -} diff --git a/system/devices/disks/impermanence/jules/default.nix b/system/devices/disks/impermanence/jules/default.nix deleted file mode 100644 index 9a4a809..0000000 --- a/system/devices/disks/impermanence/jules/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, ... }: -{ - environment.persistence."/persist" = { - hideMounts = true; - users.jules = { - directories = [ - "Keepers" - "Documents" - "Pictures" - "Videos" - "VMs" - - ".snapshots" - - ".cache/nix-index" - - { directory = ".ssh"; mode = "0700"; } - { directory = ".gnupg"; mode = "0700"; } - ]; - files = [ - ".zsh_history" - ".local/state/lazygit/state.yml" - ]; - }; - }; -} diff --git a/system/devices/disks/snapper/jimbo/default.nix b/system/devices/disks/snapper/jimbo/default.nix deleted file mode 100644 index 229beef..0000000 --- a/system/devices/disks/snapper/jimbo/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, ... }: -{ - services.snapper.configs.jimbo = lib.mkIf config.environment.persistence."/persist".enable { - SUBVOLUME = "/persist/home/jimbo"; - TIMELINE_CREATE = true; - TIMELINE_CLEANUP = true; - TIMELINE_LIMIT_DAILY = 1; - TIMELINE_LIMIT_WEEKLY = 1; - TIMELINE_LIMIT_MONTHLY = 0; - TIMELINE_LIMIT_YEARLY = 0; - }; -} diff --git a/system/secrets/default.nix b/system/secrets/default.nix deleted file mode 100644 index 0d148b4..0000000 Binary files a/system/secrets/default.nix and /dev/null differ