diff --git a/provision/hosts/bulwark/configuration.nix b/provision/hosts/bulwark/configuration.nix index af20e518..819d201c 100644 --- a/provision/hosts/bulwark/configuration.nix +++ b/provision/hosts/bulwark/configuration.nix @@ -15,6 +15,7 @@ # Modules modules = { base-plus.enable = true; + physical.enable = true; desktop = { enable = true; gnome.enable = true; diff --git a/provision/hosts/bulwark/default.nix b/provision/hosts/bulwark/default.nix index 251b177a..fa47c546 100644 --- a/provision/hosts/bulwark/default.nix +++ b/provision/hosts/bulwark/default.nix @@ -6,9 +6,7 @@ in { inherit system; specialArgs = { inherit user hostname inputs home-manager jovian-nixos; }; modules = [ - ../default # shared by all configs - ../default/physical/configuration.nix # shared by physical machines - ./configuration.nix # bulwark specific + ./configuration.nix ./hardware.nix ../../modules agenix.nixosModules.default diff --git a/provision/hosts/default/default.nix b/provision/hosts/default/default.nix deleted file mode 100644 index 2c65560a..00000000 --- a/provision/hosts/default/default.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ config, pkgs, user, lib, inputs, ... }: -{ - nix = { - package = pkgs.nixVersions.stable; - extraOptions = "experimental-features = nix-command flakes"; - settings.auto-optimise-store = true; - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 7d"; - }; - }; - - # Add user age key to identity path - age.identityPaths = [ - "/home/${user}/.ssh/keys/age" - "/etc/ssh/ssh_host_ed25519_key" - "/etc/ssh/ssh_host_rsa_key" - ]; - - # Add non-free packages - nixpkgs.config.allowUnfree = true; - nixpkgs.overlays = import ../../lib/overlays.nix; - - # Set your time zone. - time.timeZone = "America/Los_Angeles"; - i18n.defaultLocale = "en_US.UTF-8"; - - environment.systemPackages = with pkgs; [ - inputs.agenix.packages.x86_64-linux.default - ]; - - # Define user account. - users.users.${user} = { - isNormalUser = true; - extraGroups = [ "dialout" "wheel" "docker" "libvirtd" ]; - shell = pkgs.bash; - }; - - # Did you read the comment? - system.stateVersion = "23.11"; - - home-manager.users.${user} = { - home.username = "${user}"; - home.homeDirectory = "/home/${user}"; - programs.home-manager.enable = true; - - # Did you read the comment? - home.stateVersion = "23.11"; - }; -} diff --git a/provision/hosts/default/physical/configuration.nix b/provision/hosts/default/physical/configuration.nix deleted file mode 100644 index 3434637e..00000000 --- a/provision/hosts/default/physical/configuration.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, pkgs, user, lib, inputs, ... }: -{ - nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" "openssl-1.1.1w" ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - home-manager.users.${user} = { - programs.vscode = { - enable = true; - package = pkgs.vscode.fhs; - }; - }; -} diff --git a/provision/hosts/htpc/configuration.nix b/provision/hosts/htpc/configuration.nix index 4f5357e1..bef0e2ef 100644 --- a/provision/hosts/htpc/configuration.nix +++ b/provision/hosts/htpc/configuration.nix @@ -11,6 +11,7 @@ # Modules modules = { base-plus.enable = true; + physical.enable = true; desktop = { enable = true; gnome.enable = true; diff --git a/provision/hosts/htpc/default.nix b/provision/hosts/htpc/default.nix index 29312e91..2b3f1af4 100644 --- a/provision/hosts/htpc/default.nix +++ b/provision/hosts/htpc/default.nix @@ -6,9 +6,7 @@ in { inherit system; specialArgs = { inherit user hostname inputs home-manager; }; modules = [ - ../default # shared by all configs - ../default/physical/configuration.nix # shared by physical machines - ./configuration.nix # htpc specific + ./configuration.nix ../../modules /etc/nixos/hardware-configuration.nix agenix.nixosModules.default diff --git a/provision/hosts/kestrel/configuration.nix b/provision/hosts/kestrel/configuration.nix index 5a323653..66174ab4 100644 --- a/provision/hosts/kestrel/configuration.nix +++ b/provision/hosts/kestrel/configuration.nix @@ -33,6 +33,7 @@ # Modules modules = { base-plus.enable = true; + physical.enable = true; desktop = { enable = true; gnome.enable = true; diff --git a/provision/hosts/kestrel/default.nix b/provision/hosts/kestrel/default.nix index 0f63c0f7..04a495c8 100644 --- a/provision/hosts/kestrel/default.nix +++ b/provision/hosts/kestrel/default.nix @@ -6,9 +6,7 @@ in { inherit system; specialArgs = { inherit user hostname inputs home-manager; }; modules = [ - ../default # shared by all configs - ../default/physical/configuration.nix # shared by physical machines - ./configuration.nix # kestrel specific + ./configuration.nix ./hardware.nix ../../modules agenix.nixosModules.default diff --git a/provision/hosts/osprey/configuration.nix b/provision/hosts/osprey/configuration.nix index d8e94ab5..e09fa85d 100644 --- a/provision/hosts/osprey/configuration.nix +++ b/provision/hosts/osprey/configuration.nix @@ -29,6 +29,7 @@ # Modules modules = { base-plus.enable = true; + physical.enable = true; desktop = { enable = true; gnome.enable = true; diff --git a/provision/hosts/osprey/default.nix b/provision/hosts/osprey/default.nix index 48de2f26..04a495c8 100644 --- a/provision/hosts/osprey/default.nix +++ b/provision/hosts/osprey/default.nix @@ -6,9 +6,7 @@ in { inherit system; specialArgs = { inherit user hostname inputs home-manager; }; modules = [ - ../default # shared by all configs - ../default/physical/configuration.nix # shared by physical machines - ./configuration.nix # osprey specific + ./configuration.nix ./hardware.nix ../../modules agenix.nixosModules.default diff --git a/provision/hosts/shivan/configuration.nix b/provision/hosts/shivan/configuration.nix index 437b524b..1bb0eaaa 100644 --- a/provision/hosts/shivan/configuration.nix +++ b/provision/hosts/shivan/configuration.nix @@ -15,6 +15,7 @@ # Modules modules = { base-plus.enable = true; + physical.enable = true; desktop = { enable = true; gnome.enable = true; diff --git a/provision/hosts/shivan/default.nix b/provision/hosts/shivan/default.nix index 1210b7e3..7e035318 100644 --- a/provision/hosts/shivan/default.nix +++ b/provision/hosts/shivan/default.nix @@ -6,9 +6,7 @@ in { inherit system; specialArgs = { inherit user inputs home-manager; }; modules = [ - ../default # shared by all configs - ../default/physical/configuration.nix # shared by physical machines - ./configuration.nix # shivan specific + ./configuration.nix ./hardware.nix ../../modules agenix.nixosModules.default diff --git a/provision/hosts/torus/configuration.nix b/provision/hosts/torus/configuration.nix index 64bf58fe..65d7f9f6 100644 --- a/provision/hosts/torus/configuration.nix +++ b/provision/hosts/torus/configuration.nix @@ -98,6 +98,7 @@ # Modules modules = { base-plus.enable = true; + physical.enable = true; services = { ssh.enable = true; syncthing = { diff --git a/provision/hosts/torus/default.nix b/provision/hosts/torus/default.nix index 60b9005b..04a495c8 100644 --- a/provision/hosts/torus/default.nix +++ b/provision/hosts/torus/default.nix @@ -6,9 +6,7 @@ in { inherit system; specialArgs = { inherit user hostname inputs home-manager; }; modules = [ - ../default # shared by all configs - ../default/physical/configuration.nix # shared by physical machines - ./configuration.nix # torus specific + ./configuration.nix ./hardware.nix ../../modules agenix.nixosModules.default diff --git a/provision/hosts/wsl/default.nix b/provision/hosts/wsl/default.nix index 805ea5f7..216c7d6a 100644 --- a/provision/hosts/wsl/default.nix +++ b/provision/hosts/wsl/default.nix @@ -6,8 +6,7 @@ in { inherit system; specialArgs = { inherit user hostname inputs nixos-wsl home-manager; }; modules = [ - ../default # shared by all configs - ./configuration.nix # wsl specific + ./configuration.nix ../../modules agenix.nixosModules.default home-manager.nixosModules.home-manager { diff --git a/provision/modules/base/default.nix b/provision/modules/base/default.nix index aa064c8e..f66ac428 100644 --- a/provision/modules/base/default.nix +++ b/provision/modules/base/default.nix @@ -1,10 +1,63 @@ -{ ... }: +{ config, lib, inputs, pkgs, user, home-manager, ... }: { imports = [ ./terminal.nix - ./plus ../programs/chezmoi.nix ../programs/git.nix ../programs/nvim.nix + ./physical.nix + ./plus ]; + + # base nix options + nix = { + package = pkgs.nixVersions.stable; + extraOptions = "experimental-features = nix-command flakes"; + settings.auto-optimise-store = true; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + }; + + # Add user age key to identity path + age.identityPaths = [ + "/home/${user}/.ssh/keys/age" + "/etc/ssh/ssh_host_ed25519_key" + "/etc/ssh/ssh_host_rsa_key" + ]; + + # Add non-free packages + nixpkgs.config.allowUnfree = true; + nixpkgs.overlays = import ../../lib/overlays.nix; + + # Set your time zone. + time.timeZone = "America/Los_Angeles"; + i18n.defaultLocale = "en_US.UTF-8"; + + # system packages + environment.systemPackages = with pkgs; [ + inputs.agenix.packages.x86_64-linux.default + ]; + + # define user account. + users.users.${user} = { + isNormalUser = true; + extraGroups = [ "dialout" "wheel" "docker" "libvirtd" ]; + shell = pkgs.bash; + }; + + # Did you read the comment? + system.stateVersion = "23.11"; + + # base home manager config + home-manager.users.${user} = { + home.username = "${user}"; + home.homeDirectory = "/home/${user}"; + programs.home-manager.enable = true; + + # Did you read the comment? + home.stateVersion = "23.11"; + }; } diff --git a/provision/modules/base/physical.nix b/provision/modules/base/physical.nix new file mode 100644 index 00000000..fbad4166 --- /dev/null +++ b/provision/modules/base/physical.nix @@ -0,0 +1,11 @@ +{ config, pkgs, user, lib, inputs, ... }: + +let cfg = config.modules.physical; +in { + options.modules.physical.enable = lib.mkEnableOption "physical"; + config = lib.mkIf cfg.enable { + # use the systemd-boot EFI boot loader + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + }; +}