diff --git a/flake.nix b/flake.nix index cd8f74c6..fa61744c 100644 --- a/flake.nix +++ b/flake.nix @@ -78,7 +78,6 @@ nixosConfigurations = { tower = mkNix [ ./hosts/tower ] stable; # Main Desktop - pear = mkNix [ ./hosts/pear ] stable; # MacBook Pro 14,1 intuos = mkNix [ ./hosts/intuos ] stable; # Wacom Intuos Tablet jupiter = mkNix [ ./hosts/jupiter ] unstable; # Steam Deck redmond = mkNix [ ./hosts/redmond ] stable; # Lenovo Dual-Boot diff --git a/hosts/intuos/default.nix b/hosts/intuos/default.nix index f11da908..6efb8007 100644 --- a/hosts/intuos/default.nix +++ b/hosts/intuos/default.nix @@ -6,7 +6,7 @@ ./filesystems ./hardware ./network - ./users + ./user ../../modules/system ]; diff --git a/hosts/intuos/users/main/default.nix b/hosts/intuos/user/default.nix similarity index 100% rename from hosts/intuos/users/main/default.nix rename to hosts/intuos/user/default.nix diff --git a/hosts/intuos/users/default.nix b/hosts/intuos/users/default.nix deleted file mode 100644 index 57e7f20b..00000000 --- a/hosts/intuos/users/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./main ]; -} diff --git a/hosts/jupiter/default.nix b/hosts/jupiter/default.nix index 2a7a6afd..fb5554d1 100644 --- a/hosts/jupiter/default.nix +++ b/hosts/jupiter/default.nix @@ -6,7 +6,8 @@ ./filesystems ./hardware ./jovian - ./users + ./services + ./user ../../modules/system ]; diff --git a/hosts/jupiter/services/default.nix b/hosts/jupiter/services/default.nix new file mode 100644 index 00000000..f8518ca3 --- /dev/null +++ b/hosts/jupiter/services/default.nix @@ -0,0 +1,15 @@ +{ config, lib, ... }: +{ + config = lib.mkIf (!config.system.steamdeck.enable) { + services.globalprotect.enable = true; + + virtualisation.vmware.host.enable = true; + + nixpkgs.allowUnfreePackages = [ "vmware-workstation" ]; + + environment.persistence."/persist".users.${config.sysusers.main}.directories = [ + "vmware" + ".vmware" + ]; + }; +} diff --git a/hosts/jupiter/users/main/default.nix b/hosts/jupiter/user/default.nix similarity index 82% rename from hosts/jupiter/users/main/default.nix rename to hosts/jupiter/user/default.nix index 73b8eb2b..1daf3f0f 100644 --- a/hosts/jupiter/users/main/default.nix +++ b/hosts/jupiter/user/default.nix @@ -3,7 +3,9 @@ home-manager.users."${config.sysusers.main}".home = { desktop.enable = true; gaming.enable = true; + production.enable = true; remote-desktop.enable = true; + school.enable = true; enableNixpkgsReleaseCheck = false; stateVersion = lib.mkForce config.system.stateVersion; }; diff --git a/hosts/jupiter/users/default.nix b/hosts/jupiter/users/default.nix deleted file mode 100644 index 57e7f20b..00000000 --- a/hosts/jupiter/users/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./main ]; -} diff --git a/hosts/kitty/default.nix b/hosts/kitty/default.nix index 627820a5..64f97ede 100644 --- a/hosts/kitty/default.nix +++ b/hosts/kitty/default.nix @@ -6,7 +6,7 @@ ./filesystems ./hardware ./network - ./users + ./user ../../modules/system ]; @@ -17,6 +17,7 @@ system = { server.enable = true; + extraUsers.enable = true; stateVersion = "24.11"; }; diff --git a/hosts/kitty/users/main/default.nix b/hosts/kitty/user/default.nix similarity index 100% rename from hosts/kitty/users/main/default.nix rename to hosts/kitty/user/default.nix diff --git a/hosts/kitty/users/default.nix b/hosts/kitty/users/default.nix deleted file mode 100644 index 3653ee8e..00000000 --- a/hosts/kitty/users/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ ... }: -{ - imports = [ - ./corn - ./luna - ./main - ]; -} diff --git a/hosts/midas/default.nix b/hosts/midas/default.nix index 85422585..766fb372 100644 --- a/hosts/midas/default.nix +++ b/hosts/midas/default.nix @@ -7,7 +7,7 @@ ./hardware ./network ./services - ./users + ./user ../../modules/system ]; diff --git a/hosts/midas/users/main/default.nix b/hosts/midas/user/default.nix similarity index 100% rename from hosts/midas/users/main/default.nix rename to hosts/midas/user/default.nix diff --git a/hosts/midas/users/default.nix b/hosts/midas/users/default.nix deleted file mode 100644 index 57e7f20b..00000000 --- a/hosts/midas/users/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./main ]; -} diff --git a/hosts/pear/boot/default.nix b/hosts/pear/boot/default.nix deleted file mode 100644 index 3cf63f7f..00000000 --- a/hosts/pear/boot/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ pkgs, ... }: -{ - boot = { - kernelPackages = pkgs.linuxPackages_latest; - loader.systemd-boot.enable = true; - plymouth.enable = true; - }; -} diff --git a/hosts/pear/default.nix b/hosts/pear/default.nix deleted file mode 100644 index 0e1484fa..00000000 --- a/hosts/pear/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, lib, ... }: -{ - imports = [ - ./boot - ./disko - ./hardware - ./services - ./users - ../../modules/system - ]; - - networking.hostName = "pear"; - - system = { - desktop.enable = true; - stateVersion = "24.11"; - }; -} diff --git a/hosts/pear/disko/default.nix b/hosts/pear/disko/default.nix deleted file mode 100644 index 76161017..00000000 --- a/hosts/pear/disko/default.nix +++ /dev/null @@ -1,93 +0,0 @@ -{ config, disko, ... }: -{ - imports = [ disko.nixosModules.disko ]; - - disko.devices = { - disk = { - "${config.networking.hostName}" = { - type = "disk"; - device = "/dev/nvme0n1"; - content = { - type = "gpt"; - partitions = { - boot = { - size = "1M"; - type = "EF02"; - }; - ESP = { - size = "2G"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ "umask=0077" ]; - }; - }; - luks = { - size = "100%"; - content = { - type = "luks"; - name = "${config.networking.hostName}-disk"; - settings.allowDiscards = true; - passwordFile = "/tmp/secret.key"; - content = { - type = "lvm_pv"; - vg = "${config.networking.hostName}"; - }; - }; - }; - }; - }; - }; - }; - - lvm_vg = { - "${config.networking.hostName}" = { - type = "lvm_vg"; - lvs = { - root = { - size = "100%"; - content = { - type = "btrfs"; - extraArgs = [ "-f" ]; - subvolumes = { - "/root" = { - mountpoint = "/"; - mountOptions = [ "compress=zstd" "noatime" "ssd" ]; - }; - "/prev" = { - mountpoint = "/prev"; - mountOptions = [ "compress=zstd" "noatime" "ssd" ]; - }; - "/nix" = { - mountpoint = "/nix"; - mountOptions = [ "compress=zstd" "noatime" "ssd" ]; - }; - - # Impermanence - "/persist" = { - mountpoint = "/persist"; - mountOptions = [ "compress=zstd" "noatime" "ssd" ]; - }; - "/persist/.snapshots" = { }; - "/persist/home" = { }; - "/persist/home/.snapshots" = { }; - }; - }; - }; - swap = { - size = "4G"; - content = { - type = "swap"; - discardPolicy = "both"; - }; - }; - }; - }; - }; - }; - - # Needed for impermanence - fileSystems."/persist".neededForBoot = true; -} diff --git a/hosts/pear/hardware/default.nix b/hosts/pear/hardware/default.nix deleted file mode 100644 index cfa9a018..00000000 --- a/hosts/pear/hardware/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, lib, modulesPath, ... }: -{ - imports = [ - (modulesPath + "/hardware/network/broadcom-43xx.nix") - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot = { - initrd = { - availableKernelModules = [ - "nvme" - "sd_mod" - "usb_storage" - "xhci_pci" - ]; - kernelModules = [ - "applespi" - "atkbd" - "dm-snapshot" - "intel_lpss_pci" - "spi_pxa2xx_platform" - ]; - }; - kernelModules = [ "kvm-intel" ]; - }; - - networking.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/pear/id_ed25519.pub b/hosts/pear/id_ed25519.pub deleted file mode 100644 index fce57ec7..00000000 --- a/hosts/pear/id_ed25519.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKdjgz+N6uAhMwX/1f9AcgELphPS/dIUoPuLiqeOv5Or diff --git a/hosts/pear/services/default.nix b/hosts/pear/services/default.nix deleted file mode 100644 index 3cf2a048..00000000 --- a/hosts/pear/services/default.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ config, ... }: -{ - services.globalprotect.enable = true; - - virtualisation = { - libvirtd.enable = true; - vmware.host.enable = true; - }; - - nixpkgs.allowUnfreePackages = [ "vmware-workstation" ]; - - environment.persistence."/persist".users.${config.sysusers.main}.directories = [ - "vmware" - ".vmware" - ]; -} diff --git a/hosts/pear/users/default.nix b/hosts/pear/users/default.nix deleted file mode 100644 index 57e7f20b..00000000 --- a/hosts/pear/users/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./main ]; -} diff --git a/hosts/pear/users/main/default.nix b/hosts/pear/users/main/default.nix deleted file mode 100644 index b4d550f7..00000000 --- a/hosts/pear/users/main/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, lib, ... }: -{ - home-manager.users."${config.sysusers.main}".home = { - desktop.enable = true; - remote-desktop.enable = true; - school.enable = true; - stateVersion = lib.mkForce config.system.stateVersion; - }; -} diff --git a/hosts/prophet/default.nix b/hosts/prophet/default.nix index 9303b80f..cafc1fea 100644 --- a/hosts/prophet/default.nix +++ b/hosts/prophet/default.nix @@ -6,7 +6,7 @@ ./filesystems ./hardware ./services - ./users + ./user ../../modules/system (modulesPath + "/profiles/headless.nix") ]; diff --git a/hosts/prophet/users/main/default.nix b/hosts/prophet/user/default.nix similarity index 100% rename from hosts/prophet/users/main/default.nix rename to hosts/prophet/user/default.nix diff --git a/hosts/prophet/users/default.nix b/hosts/prophet/users/default.nix deleted file mode 100644 index 57e7f20b..00000000 --- a/hosts/prophet/users/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./main ]; -} diff --git a/hosts/redmond/default.nix b/hosts/redmond/default.nix index 13049635..a07d29c8 100644 --- a/hosts/redmond/default.nix +++ b/hosts/redmond/default.nix @@ -6,7 +6,7 @@ ./filesystems ./hardware ./network - ./users + ./user ../../modules/system ]; diff --git a/hosts/redmond/users/main/default.nix b/hosts/redmond/user/default.nix similarity index 100% rename from hosts/redmond/users/main/default.nix rename to hosts/redmond/user/default.nix diff --git a/hosts/redmond/users/default.nix b/hosts/redmond/users/default.nix deleted file mode 100644 index 57e7f20b..00000000 --- a/hosts/redmond/users/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./main ]; -} diff --git a/hosts/tower/default.nix b/hosts/tower/default.nix index 2f15c2c3..362aba9c 100644 --- a/hosts/tower/default.nix +++ b/hosts/tower/default.nix @@ -6,7 +6,7 @@ ./filesystems ./hardware ./network - ./users + ./user ../../modules/system ]; diff --git a/hosts/tower/users/main/default.nix b/hosts/tower/user/default.nix similarity index 100% rename from hosts/tower/users/main/default.nix rename to hosts/tower/user/default.nix diff --git a/hosts/tower/users/default.nix b/hosts/tower/users/default.nix deleted file mode 100644 index 57e7f20b..00000000 --- a/hosts/tower/users/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./main ]; -} diff --git a/modules/home/programs/gui/obs/default.nix b/modules/home/programs/gui/obs/default.nix index 9366ae5f..950c8bb8 100644 --- a/modules/home/programs/gui/obs/default.nix +++ b/modules/home/programs/gui/obs/default.nix @@ -4,7 +4,6 @@ programs.obs-studio = { enable = true; plugins = with pkgs.obs-studio-plugins; [ - looking-glass-obs obs-multi-rtmp obs-pipewire-audio-capture obs-tuna diff --git a/modules/system/settings/security/apparmor/default.nix b/modules/system/settings/security/apparmor/default.nix deleted file mode 100644 index d2475784..00000000 --- a/modules/system/settings/security/apparmor/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - security.apparmor.enable = true; -} diff --git a/modules/system/settings/security/default.nix b/modules/system/settings/security/default.nix index 68e9b8e6..c5f01c6e 100644 --- a/modules/system/settings/security/default.nix +++ b/modules/system/settings/security/default.nix @@ -1,7 +1,6 @@ { ... }: { imports = [ - ./apparmor ./privilege ./rtkit ]; diff --git a/hosts/kitty/users/corn/default.nix b/modules/system/users/corn/default.nix similarity index 72% rename from hosts/kitty/users/corn/default.nix rename to modules/system/users/corn/default.nix index f2782987..82483f41 100644 --- a/hosts/kitty/users/corn/default.nix +++ b/modules/system/users/corn/default.nix @@ -1,12 +1,16 @@ -{ pkgs, ... }: +{ config, lib, pkgs, ... }: { - users.users."freecorn" = { + users.users."freecorn" = lib.mkIf config.system.extraUsers.enable { isNormalUser = true; createHome = true; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBCADciME1/rtWOlR2BxaAkRSgIZt61SYOgjTi6hw+yS Chinook" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICtoHVAmq8Ps7EguBsV3VY4snagzkhH6aXqwbKzuGs2H Radiant" ]; + extraGroups = [ + "audio" + "video" + ]; uid = 1001; shell = pkgs.zsh; }; diff --git a/modules/system/users/default.nix b/modules/system/users/default.nix index 57e7f20b..138e7f2e 100644 --- a/modules/system/users/default.nix +++ b/modules/system/users/default.nix @@ -1,4 +1,6 @@ -{ ... }: +{ lib, ... }: { imports = [ ./main ]; + + options.system.extraUsers.enable = lib.mkEnableOption "Enable a shared system"; } diff --git a/hosts/kitty/users/luna/default.nix b/modules/system/users/luna/default.nix similarity index 86% rename from hosts/kitty/users/luna/default.nix rename to modules/system/users/luna/default.nix index d8a23c2e..683b8015 100644 --- a/hosts/kitty/users/luna/default.nix +++ b/modules/system/users/luna/default.nix @@ -1,11 +1,15 @@ -{ ... }: +{ config, lib, ... }: { - users.users."luna" = { + users.users."luna" = lib.mkIf config.system.extraUsers.enable { isNormalUser = true; createHome = true; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJ3hzXkv5MVuGZy4HqfEZD0Ck7ZKiLeVmUTFzGSwZkumCpwX/zirD/tY4SNutPczhhYNn1jwkwnnyCwgkaQ7QWBs72G0opmjXDcSqxXJskSKYgjnUHoPV8uAcMwp5C5GNlwo3DFKXc1c7Sipy1s6y9ZnoKfVmjsr0AhamnC/bHEWg8vx0zuamCzvQ5vLWfpULRKwj286f0s2xaAvYaAJwGD0QMHC0ylFYZuq7Og4HVdlnUt+40BxCi+GAQqsFd4vM+RFjZKKD7ioP5DcIDfvfvxX4UpdKtCxVjeyyF+UJpFnQKytO9HvH4H+CRSAuJ+Vguiq/F3lGhvF0yIQ9M2MD3+tl3RZAj4D6n2ew30mn+QGh2fZgC7Utuzo02pMVUzkpm+mM4x8VyESpC1AuBdh0TAKBwS3ubMpegiCWCfIbNC0CQ/zgIq/5xwhXL8zhmfQrIiULBCd1xqThye0tt7knoPZlVCzOuVYoqxYnwYYGcXhzlArrmgRquyMYHdpFd+DTzJfcQIGdT4a+s0Mc2jRa0KT3A4ZrjziP0OPMQ+cpTd1tmQdEKXN6YhB87Hp9meCefFdzGvVembose82d3BOl45+rWM2ZcH93fNguWwYX0ez8+GiGW4P+gDQcfWfQCNa1daDjgoBwjmbG5rYoS6tfLxSSvYB1YOOK9U3AlPxEuTw== luna@ThinkPad-T480-Arch" ]; + extraGroups = [ + "audio" + "video" + ]; uid = 1002; }; diff --git a/modules/system/users/main/default.nix b/modules/system/users/main/default.nix index dca2af50..e5dba59f 100644 --- a/modules/system/users/main/default.nix +++ b/modules/system/users/main/default.nix @@ -14,7 +14,6 @@ openssh.authorizedKeys.keyFiles = [ ../../../../hosts/tower/id_ed25519.pub - ../../../../hosts/pear/id_ed25519.pub ../../../../hosts/intuos/id_ed25519.pub ../../../../hosts/jupiter/id_ed25519.pub ../../../../hosts/redmond/id_ed25519.pub