fireproof/nixos
1
0
Fork 0
mirror of https://github.com/nickolaj-jepsen/nixos.git synced 2026-01-22 08:06:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: prepare new modules structure

Browse source
This commit is contained in:
Nickolaj Jepsen 2025-05-20 20:05:23 +02:00
parent d25e24c15b
commit bf82970b9e
65 changed files with 94 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

22
modules/base/default.nix Normal file
View file

@ -0,0 +1,22 @@
_: {
options.fireproof.base = {};
imports = [
./boot.nix
./defaults.nix
./gc.nix
./home-manager.nix
./hosts.nix
./keyd.nix
./ld.nix
./networking.nix
./nix.nix
./secrets.nix
./security.nix
./ssh.nix
./time.nix
./usb.nix
./user.nix
./yubikey.nix
];
}

5
modules/base/default-apps.nix → modules/base/defaults.nix
View file

@ -1,5 +1,6 @@
{lib, ...}: {
options.fireproof.default-apps = {
{lib, ...}:
{
options.fireproof.base.defaults = {
terminal = lib.mkOption {
type = lib.types.str;
description = "The terminal to use";

5
modules/base/envvar.nix
View file

@ -1,5 +0,0 @@
{config, ...}: {
environment.variables = {
EDITOR = config.defaults.editor;
};
}

24
modules/base/home-manager.nix Normal file
View file

@ -0,0 +1,24 @@
{
lib,
options,
username,
...
}:
with lib; {
options.fireproof = {
home-manager = lib.mkOption {
type = options.home-manager.users.type.nestedTypes.elemType;
};
};
config = {
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
};
home-manager.users.${username} = mkAliasDefinitions options.fireproof.home-manager;
# set the same version of home-manager as the system
fireproof.home-manager.home.stateVersion = "24.11";
system.stateVersion = "24.11";
};
}

17
modules/base/hosts.nix Normal file
View file

@ -0,0 +1,17 @@
{
config,
...
}: {
age.secrets.hosts-private = {
# Contains IP addresses that i have no business sharing
rekeyFile = ../../secrets/hosts-private.age;
};
# Inject the private hosts file, because setting networking.hostFiles doesn't work
system.activationScripts.hosts-private = ''
cat /etc/hosts > /etc/hosts.bak
rm /etc/hosts
cat /etc/hosts.bak "${config.age.secrets.hosts-private.path}" >> /etc/hosts
rm /etc/hosts.bak
'';
}

14
modules/base/networking.nix
View file

@ -1,21 +1,7 @@
{
config,
hostname,
...
}: {
age.secrets.hosts-private = {
# Contains IP addresses that i have no business sharing
rekeyFile = ../../secrets/hosts-private.age;
};
# Inject the private hosts file, because setting networking.hostFiles doesn't work
system.activationScripts.hosts-private = ''
cat /etc/hosts > /etc/hosts.bak
rm /etc/hosts
cat /etc/hosts.bak "${config.age.secrets.hosts-private.path}" >> /etc/hosts
rm /etc/hosts.bak
'';
networking = {
hostName = hostname;
};

4
modules/base/usb.nix Normal file
View file

@ -0,0 +1,4 @@
_: {
services.devmon.enable = true;
services.udisks2.enable = true;
}

19
modules/base/user.nix
View file

@ -1,18 +1,11 @@
{
lib,
options,
username,
config,
...
}:
with lib; let
let
inherit (config.age) secrets;
in {
options.fireproof = {
home-manager = lib.mkOption {
type = options.home-manager.users.type.nestedTypes.elemType;
};
};
config = {
age.secrets.hashed-user-password.rekeyFile = ../../secrets/hashed-user-password.age;
@ -21,15 +14,5 @@ in {
extraGroups = ["wheel"];
hashedPasswordFile = secrets.hashed-user-password.path;
};
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
};
home-manager.users.${username} = mkAliasDefinitions options.fireproof.home-manager;
# set the same version of home-manager as the system
fireproof.home-manager.home.stateVersion = "24.11";
system.stateVersion = "24.11";
};
}

3
modules/base/yubikey.nix Normal file
View file

@ -0,0 +1,3 @@
_: {
services.pcscd.enable = true;
}