mirror of
https://github.com/youwen5/nixos.git
synced 2025-01-18 05:02:10 -08:00
refactor: modularize core
This commit is contained in:
parent
c3fa2197cb
commit
a6224c13c2
2 changed files with 124 additions and 66 deletions
|
@ -14,8 +14,6 @@ in
|
||||||
config = {
|
config = {
|
||||||
services.playerctld.enable = lib.mkIf cfg.enable true;
|
services.playerctld.enable = lib.mkIf cfg.enable true;
|
||||||
hardware.pulseaudio.enable = lib.mkIf cfg.enable false;
|
hardware.pulseaudio.enable = lib.mkIf cfg.enable false;
|
||||||
# TODO: move to other file
|
|
||||||
security.rtkit.enable = true;
|
|
||||||
services.pipewire = lib.mkIf cfg.enable {
|
services.pipewire = lib.mkIf cfg.enable {
|
||||||
enable = true;
|
enable = true;
|
||||||
alsa.enable = true;
|
alsa.enable = true;
|
||||||
|
|
|
@ -2,9 +2,60 @@
|
||||||
inputs,
|
inputs,
|
||||||
pkgs,
|
pkgs,
|
||||||
config,
|
config,
|
||||||
|
lib,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.liminalOS.system.core;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
|
options.liminalOS.system.core = {
|
||||||
|
enable = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
default = config.liminalOS.enable;
|
||||||
|
description = ''
|
||||||
|
Whether to enable core liminalOS system utilities and configurations (such as security policies, Nix options, etc)
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
replaceSudoWithDoas = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
default = cfg.enable;
|
||||||
|
description = ''
|
||||||
|
Whether to replace sudo with doas, the Dedicated OpenBSD Application Subexecutor. Doas is the preferred liminalOS setuid program.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
waylandFixes = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
default = cfg.enable;
|
||||||
|
description = ''
|
||||||
|
Whether to enable some Wayland fixes, like setting NIXOS_OZONE_WL to hint Electron apps to use the Wayland windowing system.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
nixSaneDefaults = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
default = cfg.enable;
|
||||||
|
description = ''
|
||||||
|
Whether to set sane defaults for Nix, such as optimization and automatic garbage collection.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
useNh = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
default = cfg.nixSaneDefaults;
|
||||||
|
description = ''
|
||||||
|
Whether to enable the `nh` cli (yet another Nix helper), a reimplementation of some core NixOS utilities like nix-collect-garbage and nixos-rebuild. If enabled, automatic garbage collection will use `nh` instead of `nix-collect-garbage` and will be able to garbage collect `result` symlinks.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
flakeLocation = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "";
|
||||||
|
description = ''
|
||||||
|
Absolute filepath location of the NixOS system configuration flake.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
suppressWarnings = lib.mkEnableOption "suppress warnings";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
inputs.viminal.packages.${pkgs.system}.default
|
inputs.viminal.packages.${pkgs.system}.default
|
||||||
];
|
];
|
||||||
|
@ -14,13 +65,14 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# tells electron apps to use Wayland
|
# tells electron apps to use Wayland
|
||||||
environment.sessionVariables = {
|
environment.sessionVariables = lib.mkIf cfg.waylandFixes {
|
||||||
NIXOS_OZONE_WL = "1";
|
NIXOS_OZONE_WL = "1";
|
||||||
};
|
};
|
||||||
|
|
||||||
security.sudo.enable = false;
|
security = {
|
||||||
|
sudo.enable = !cfg.replaceSudoWithDoas;
|
||||||
|
|
||||||
security.doas = {
|
doas = lib.mkIf cfg.replaceSudoWithDoas {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraRules = [
|
extraRules = [
|
||||||
{
|
{
|
||||||
|
@ -31,15 +83,19 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
rtkit.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
services.gnome.gnome-keyring.enable = true;
|
services.gnome.gnome-keyring.enable = true;
|
||||||
|
|
||||||
nix = {
|
nix = lib.mkIf cfg.nixSaneDefaults {
|
||||||
|
gc = lib.mkIf (!cfg.useNh) {
|
||||||
|
automatic = true;
|
||||||
|
dates = "weekly";
|
||||||
|
options = "--delete-older-than 14d";
|
||||||
|
};
|
||||||
|
|
||||||
optimise.automatic = true;
|
optimise.automatic = true;
|
||||||
# gc = {
|
|
||||||
# automatic = true;
|
|
||||||
# dates = "weekly";
|
|
||||||
# options = "--delete-older-than 14d";
|
|
||||||
# };
|
|
||||||
# Free up to 1GiB when there is less than 100MiB left
|
# Free up to 1GiB when there is less than 100MiB left
|
||||||
extraOptions = ''
|
extraOptions = ''
|
||||||
min-free = ${toString (100 * 1024 * 1024)}
|
min-free = ${toString (100 * 1024 * 1024)}
|
||||||
|
@ -62,20 +118,24 @@
|
||||||
channel.enable = false;
|
channel.enable = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.nh = {
|
programs.nh = lib.mkIf cfg.useNh {
|
||||||
enable = true;
|
enable = true;
|
||||||
clean.enable = true;
|
clean = lib.mkIf cfg.nixSaneDefaults {
|
||||||
clean.extraArgs = "--keep-since 4d --keep 3";
|
enable = true;
|
||||||
flake = "/home/youwen/.config/liminalOS";
|
extraArgs = "--keep-since 4d --keep 3";
|
||||||
};
|
};
|
||||||
# Enable CUPS to print documents.
|
flake = cfg.flakeLocation;
|
||||||
services.printing.enable = true;
|
|
||||||
|
|
||||||
services.avahi = {
|
|
||||||
enable = true;
|
|
||||||
nssmdns4 = true;
|
|
||||||
openFirewall = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.tmp.cleanOnBoot = true;
|
boot.tmp.cleanOnBoot = true;
|
||||||
|
|
||||||
|
warnings =
|
||||||
|
if !cfg.suppressWarnings && cfg.useNh && cfg.flakeLocation == "" then
|
||||||
|
[
|
||||||
|
''The `nh` CLI is enabled but `liminalOS.system.core.flakeLocation` is not set. It is recommended that you set this option so that `nh` can work without specifying the flake path every time. You can disable this warning by setting `liminalOS.system.core.suppressWarnings`.''
|
||||||
|
]
|
||||||
|
else
|
||||||
|
[ ];
|
||||||
|
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue