From d6d4a1f3b581bb152ed209b13796a06ae78065cd Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Wed, 18 Jun 2025 15:31:01 +0200 Subject: [PATCH] refactor --- configuration.nix | 122 +++--------------- flake.nix | 4 +- home-modules/nx2site-backup.nix | 3 +- home-modules/pkgs-list/desktop.nix | 15 +++ home-modules/pkgs-list/programs.nix | 16 +++ home-modules/pkgs-list/shell.nix | 4 +- home-modules/waybar.nix | 3 +- home-modules/xdg.nix | 32 +++++ home.nix | 96 +------------- system-modules/base-packages.nix | 19 +++ system-modules/bluetooth.nix | 10 ++ system-modules/boot.nix | 120 ++++++++--------- system-modules/cache.nix | 11 ++ .../dicos.nix} | 0 .../{calendar-lec.nix => calendar/lec.nix} | 0 .../{calendar-lr.nix => calendar/lr.nix} | 0 .../publish.nix} | 6 +- system-modules/editor.nix | 12 ++ system-modules/gui.nix | 7 + system-modules/input.nix | 11 ++ system-modules/nx2site/nextcloud.nix | 3 +- system-modules/nx2site/proxy.nix | 2 +- system-modules/nx2site/radicale.nix | 3 +- system-modules/printing.nix | 3 + system-modules/security.nix | 6 + system-modules/terminal.nix | 7 + system-modules/tz.nix | 4 + 27 files changed, 243 insertions(+), 276 deletions(-) create mode 100644 home-modules/pkgs-list/desktop.nix create mode 100644 home-modules/pkgs-list/programs.nix create mode 100644 home-modules/xdg.nix create mode 100644 system-modules/base-packages.nix create mode 100644 system-modules/bluetooth.nix create mode 100644 system-modules/cache.nix rename system-modules/{calendar-dicos.nix => calendar/dicos.nix} (100%) rename system-modules/{calendar-lec.nix => calendar/lec.nix} (100%) rename system-modules/{calendar-lr.nix => calendar/lr.nix} (100%) rename system-modules/{calendar-publish.nix => calendar/publish.nix} (99%) create mode 100644 system-modules/editor.nix create mode 100644 system-modules/gui.nix create mode 100644 system-modules/input.nix create mode 100644 system-modules/printing.nix create mode 100644 system-modules/security.nix create mode 100644 system-modules/terminal.nix create mode 100644 system-modules/tz.nix diff --git a/configuration.nix b/configuration.nix index a41f14a..beee5b0 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,44 +1,44 @@ -{ pkgs, ... }@all: with all; +{ ... }@all: with all; { imports = [ inputs.sops-nix.nixosModules.sops - ./system-modules/adb.nix ./system-modules/auto-mount.nix + ./system-modules/tz.nix + ./system-modules/bluetooth.nix ./system-modules/boot.nix - ./system-modules/boot.nix ./system-modules/calendar.nix ./system-modules/dm.nix ./system-modules/docker.nix ./system-modules/fcitx5.nix ./system-modules/fonts.nix - ./system-modules/fonts.nix - ./system-modules/fuse.nix ./system-modules/fuse.nix ./system-modules/games.nix ./system-modules/gc.nix - ./system-modules/gc.nix ./system-modules/gpg.nix ./system-modules/hardware-configuration.nix - ./system-modules/hardware-configuration.nix ./system-modules/health_reminder.nix ./system-modules/hsmw.nix ./system-modules/kanata.nix + ./system-modules/terminal.nix ./system-modules/kodi.nix ./system-modules/networking.nix ./system-modules/nixd.nix ./system-modules/nvidia.nix - ./system-modules/nvidia.nix ./system-modules/ollama.nix ./system-modules/qmk.nix ./system-modules/scanning.nix ./system-modules/sops.nix ./system-modules/sound.nix - ./system-modules/sound.nix ./system-modules/sshd.nix + ./system-modules/base-packages.nix + ./system-modules/input.nix ./system-modules/syncthing.nix ./system-modules/tuda.nix - ./system-modules/users.nix + ./system-modules/gui.nix + ./system-modules/editor.nix + ./system-modules/printing.nix + ./system-modules/security.nix ./system-modules/users.nix ./system-modules/virtualisation.nix ./system-modules/ydotool.nix @@ -48,110 +48,20 @@ ./system-modules/postgres.nix ./system-modules/nx2site/proxy.nix ./system-modules/nx2site/audiobookshelf.nix - # ./system-modules/nx2site/dyn_dns.nix ./system-modules/nx2site/gitea.nix ./system-modules/nx2site/open-web-calendar.nix ./system-modules/nx2site/radicale.nix - # ./system-modules/nx2site/nextcloud.nix ./system-modules/nx2site/vaultwarden.nix ./system-modules/nx2site/paperless.nix - - ./system-modules/calendar-publish.nix - ./system-modules/calendar-lec.nix - ./system-modules/calendar-lr.nix - ./system-modules/calendar-dicos.nix + ./system-modules/calendar/publish.nix + ./system-modules/calendar/lec.nix + ./system-modules/calendar/lr.nix + ./system-modules/calendar/dicos.nix ] else [ ]); - - # Set your time zone. - time.timeZone = "Europe/Berlin"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - console.font = "Lat2-Terminus16"; - console.keyMap = "de"; - - services.xserver = { - enable = true; - xkb = { - layout = "de"; - options = "eurosign:e,caps:escape"; - }; - # lightdm in lightdm.nix - }; - # Enable CUPS to print documents. - services.printing.enable = true; - - # rtkit is optional but recommended - security.rtkit.enable = true; - - # Enable touchpad support (enabled default in most desktopManager). - services.libinput.enable = true; - hardware.uinput.enable = true; - - hardware.bluetooth = { - enable = true; - powerOnBoot = true; - package = pkgs.bluez5-experimental; - settings.Policy.AutoEnable = "true"; - settings.General.Enable = "Source,Sink,Media,Socket"; - }; - services.blueman.enable = true; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; ([ - git - git-crypt - lazygit # home-manager module is bugged - wget - curlHTTP3 - zip - unzip - p7zip - unar - nano - htop - direnv - openssl - blueman - dmidecode - file - parallel - ]); - - environment.variables = { - EDITOR = "hx"; - VISUAL = "hx"; - }; - - - programs.hyprland = { - # config is done with home-manager - enable = true; - xwayland.enable = true; - }; - systemd.extraConfig = "DefaultLimitNOFILE=2048"; - boot.tmp.useTmpfs = false; - - system.stateVersion = pkgs.version; - - # nixpkgs.pkgs = pkgs; - - nix = { - settings = { - experimental-features = [ "nix-command" "flakes" ]; - substitute = true; - substituters = [ - "https://yazi.cachix.org" - ]; - trusted-public-keys = [ - "yazi.cachix.org-1:Dcdz63NZKfvUCbDGngQDAZq6kOroIrFoyO064uvLh8k=" - ]; - }; - }; - + system.stateVersion = hyper.pkgs-version; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; programs.bash.shellInit = '' source $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh ''; diff --git a/flake.nix b/flake.nix index 236348a..37f839b 100644 --- a/flake.nix +++ b/flake.nix @@ -34,7 +34,7 @@ pkgs-version = "25.05"; }; - pkgs = builtins.removeAttrs (import nixpkgs { + pkgs = import nixpkgs { inherit system config; overlays = [ (final: prev: { @@ -43,7 +43,7 @@ version = "25.05"; }) ]; - }) [ "hyper" "host" ]; # this removes the programs from pkgs so I can use the variable name + }; nvidia-base = import ./flake-modules/nvidia.nix; secrets = import ./git-crypt/secrets.nix; diff --git a/home-modules/nx2site-backup.nix b/home-modules/nx2site-backup.nix index faff1fc..c12dc73 100644 --- a/home-modules/nx2site-backup.nix +++ b/home-modules/nx2site-backup.nix @@ -59,8 +59,7 @@ echo "Backup and encryption complete: $DESTINATION" echo "Space remaining:" - df -h | head -n 1 - df -h | grep -P "^/dev.+? " + dysk ''; }) ]; diff --git a/home-modules/pkgs-list/desktop.nix b/home-modules/pkgs-list/desktop.nix new file mode 100644 index 0000000..fcb4830 --- /dev/null +++ b/home-modules/pkgs-list/desktop.nix @@ -0,0 +1,15 @@ +{ pkgs, ... }@all: with all; { + home.packages = with pkgs; [ + brightnessctl + blueman + fontpreview + gsettings-desktop-schemas + imv + pavucontrol + # playerctl + swww + wev + wl-clipboard + xclip + ]; +} diff --git a/home-modules/pkgs-list/programs.nix b/home-modules/pkgs-list/programs.nix new file mode 100644 index 0000000..4ac2595 --- /dev/null +++ b/home-modules/pkgs-list/programs.nix @@ -0,0 +1,16 @@ +{ pkgs, hyper, ... }: { + home.packages = with pkgs; [ + chromium + element-desktop + mpv + qbittorrent + unstable.spotify + wl-clipboard + xfce.thunar + ] ++ (if (hyper.host != "NxACE") then [ + signal-desktop + obsidian + zoom-us + inkscape + ] else []); +} diff --git a/home-modules/pkgs-list/shell.nix b/home-modules/pkgs-list/shell.nix index f446d54..2e3bb5b 100644 --- a/home-modules/pkgs-list/shell.nix +++ b/home-modules/pkgs-list/shell.nix @@ -1,8 +1,6 @@ -{ pkgs, ... }@all: with all; -{ +{ pkgs, ... }@all: with all; { home.packages = with pkgs; [ bat - browsh cmake dig du-dust diff --git a/home-modules/waybar.nix b/home-modules/waybar.nix index 0827cac..6b95b1d 100644 --- a/home-modules/waybar.nix +++ b/home-modules/waybar.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }@all: with all; -let +{ pkgs, hyper, ... }@all: with all; let sep = " "; in { sops.secrets = { diff --git a/home-modules/xdg.nix b/home-modules/xdg.nix new file mode 100644 index 0000000..4542153 --- /dev/null +++ b/home-modules/xdg.nix @@ -0,0 +1,32 @@ +{ pkgs, ... }@all: with all; { + xdg = { + enable = true; + configHome = "${hyper.home}.config"; + cacheHome = "${hyper.home}.cache"; + dataHome = "${hyper.home}.local/share"; + stateHome = "${hyper.home}.local/state"; + mimeApps = { + enable = true; + defaultApplications = let + browser = "firefox.desktop"; + image = "imv.desktop"; + in { + "default-web-browser" = [ browser ]; + "text/html" = [ browser ]; + "text/htm" = [ browser ]; + "x-scheme-handler/http" = [ browser ]; + "x-scheme-handler/https" = [ browser ]; + "x-scheme-handler/about" = [ browser ]; + "x-scheme-handler/unknown" = [ browser ]; + "x-scheme-handler/mailto" = "thunderbird.desktop"; + "image/png" = image; + "image/jpg" = image; + "image/jpeg" = image; + "image/webp" = image; + "image/gif" = image; + "application/pdf" = "zathura.desktop"; + "inode/directory" = "thunar.desktop"; + }; + }; + }; +} diff --git a/home.nix b/home.nix index 57a7a75..7afd742 100644 --- a/home.nix +++ b/home.nix @@ -27,7 +27,6 @@ ./home-modules/latex.nix ./home-modules/mako.nix # ./home-modules/matrix.nix - # ./home-modules/nm.nix ./home-modules/nh.nix ./home-modules/nixd.nix ./home-modules/nvidia.nix @@ -36,6 +35,9 @@ ./home-modules/office.nix ./home-modules/ollama.nix ./home-modules/pandoc.nix + ./home-modules/pkgs-list/desktop.nix + ./home-modules/pkgs-list/programs.nix + ./home-modules/pkgs-list/shell.nix ./home-modules/pnx.nix ./home-modules/programming/c.nix ./home-modules/programming/gleam.nix @@ -57,6 +59,7 @@ ./home-modules/wallpaper-to-colors.nix ./home-modules/waybar.nix ./home-modules/wlogout.nix + ./home-modules/xdg.nix ./home-modules/yazi.nix ./home-modules/zathura.nix ./home-modules/zoxide.nix @@ -66,96 +69,7 @@ ] else []); home.username = hyper.user; # home.homeDirectory = hyper.home; # for some reason you cant use hyper.home here - home.homeDirectory = "/home/${hyper.user}"; + home.homeDirectory = "/home/${hyper.user}"; home.stateVersion = hyper.pkgs-version; - home.packages = with pkgs; [ - bat - brightnessctl - browsh - chromium - cmake - dig - du-dust - exiftool - eza - element-desktop - ffmpeg - figlet - fontpreview - fzf - glib - glow - gnumake - gsettings-desktop-schemas - imagemagick - imv - jq - lolcat - lynx - mediainfo - mpv - neofetch - pavucontrol - pdfgrep - piper-tts - pipes - playerctl - pv - qbittorrent - reflex - ripgrep - screen - spicetify-cli - sssnake - swww - systemctl-tui - tldr - unstable.spotify - w3m - wev - wl-clipboard - xclip - xfce.thunar - yt-dlp - ] ++ (if (hyper.host != "NxACE") then [ - signal-desktop - obsidian - zoom-us - inkscape - ] else []); - - xdg = { - enable = true; - configHome = "${hyper.home}.config"; - cacheHome = "${hyper.home}.cache"; - dataHome = "${hyper.home}.local/share"; - stateHome = "${hyper.home}.local/state"; - mimeApps = { - enable = true; - defaultApplications = let - browser = "firefox.desktop"; - in { - "default-web-browser" = [ browser ]; - "text/html" = [ browser ]; - "text/htm" = [ browser ]; - "x-scheme-handler/http" = [ browser ]; - "x-scheme-handler/https" = [ browser ]; - "x-scheme-handler/about" = [ browser ]; - "x-scheme-handler/unknown" = [ browser ]; - "x-scheme-handler/mailto" = "thunderbird.desktop"; - "image/png" = "imv.desktop"; - "image/jpg" = "imv.desktop"; - "image/jpeg" = "imv.desktop"; - "image/webp" = "imv.desktop"; - "image/gif" = "imv.desktop"; - "application/pdf" = "zathura.desktop"; - "inode/directory" = "thunar.desktop"; - }; - }; - }; - # Wayland, X, etc. support for session vars - # systemd.user.sessionVariables = home.sessionVariables; - - # Let Home Manager install and manage itself. programs.home-manager.enable = true; } diff --git a/system-modules/base-packages.nix b/system-modules/base-packages.nix new file mode 100644 index 0000000..0ccdd77 --- /dev/null +++ b/system-modules/base-packages.nix @@ -0,0 +1,19 @@ +{ pkgs, ... }: { + environment.systemPackages = with pkgs; ([ + git + git-crypt + lazygit # home-manager module is bugged + wget + curlHTTP3 + zip + unzip + p7zip + unar + vim + htop + openssl + dmidecode + file + ]); + +} diff --git a/system-modules/bluetooth.nix b/system-modules/bluetooth.nix new file mode 100644 index 0000000..b04a08f --- /dev/null +++ b/system-modules/bluetooth.nix @@ -0,0 +1,10 @@ +{ pkgs, ... }@all: with all; { + hardware.bluetooth = { + enable = true; + powerOnBoot = true; + package = pkgs.bluez5-experimental; + settings.Policy.AutoEnable = "true"; + settings.General.Enable = "Source,Sink,Media,Socket"; + }; + services.blueman.enable = true; +} diff --git a/system-modules/boot.nix b/system-modules/boot.nix index 76621e3..c6d8345 100644 --- a/system-modules/boot.nix +++ b/system-modules/boot.nix @@ -7,70 +7,64 @@ let rev = "0.5.0"; hash = "sha256-e+55NYsSsWY6GPbYUtdVEB9krueuCAWT3Ce/Ghops1g="; }); -in -{ + device-boot = if hyper.host == "NxNORTH" then { + kernelPackages = pkgs.linuxPackages_zen; + environment.systemPackages = with pkgs; [ sbctl ]; + lanzaboote = { + enable = true; + pkiBundle = "/var/lib/sbctl"; + }; + loader.systemd-boot = { + enable = false; # let lanzaboote install systemd-boot + consoleMode = "max"; + configurationLimit = 10; + }; + } else if hyper.host == "NxXPS" then { + kernelPackages = pkgs.linuxPackages_latest; + extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; + kernelModules = [ "v4l2loopback" ]; + extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS VCam" exclusive_caps=1''; + loader = { + efi.canTouchEfiVariables = true; + grub = { + enable = true; + configurationLimit = 30; + device = "nodev"; + # useOSProber = true; + efiSupport = true; + theme = grub-theme-ascii-diana; + font = "${grub-theme-ascii-diana}/unicode.pf2"; + fontSize = 50; + extraEntries = '' + menuentry 'Windows 11' --class windows --class os $menuentry_id_option 'osprober-efi-0A97-7A2D' { + insmod part_gpt + insmod fat + search --no-floppy --fs-uuid --set=root 0A97-7A2D + chainloader /EFI/Microsoft/Boot/bootmgfw.efi + } + ''; + }; + }; + } else if hyper.host == "NxACE" then { + kernelPackages = pkgs.linuxPackages_6_12; + loader = { + efi.canTouchEfiVariables = true; + grub = { + enable = true; + device = "nodev"; + devices = []; + efiSupport = true; + }; + }; + } else assert 1 == "Unknown host"; {}; +in { imports = if hyper.host == "NxNORTH" then [ inputs.lanzaboote.nixosModules.lanzaboote ] else []; - config = if hyper.host == "NxNORTH" then { - # I have to boot with secureboot becasue of the chinese spyware called Vanguard - - environment.systemPackages = with pkgs; [ sbctl ]; - boot = { - lanzaboote = { - enable = true; - pkiBundle = "/var/lib/sbctl"; - }; - loader.systemd-boot = { - enable = false; # let lanzaboote install systemd-boot - consoleMode = "max"; - configurationLimit = 10; - }; - kernelPackages = pkgs.linuxPackages_zen; - extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; - kernelModules = [ "v4l2loopback" ]; - extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1''; - }; - security.polkit.enable = true; - } else if hyper.host == "NxXPS" then { - boot = { - loader = { - efi.canTouchEfiVariables = true; - grub = { - enable = true; - configurationLimit = 30; - device = "nodev"; - # useOSProber = true; - efiSupport = true; - theme = grub-theme-ascii-diana; - font = "${grub-theme-ascii-diana}/unicode.pf2"; - fontSize = 50; - extraEntries = '' - menuentry 'Windows 11' --class windows --class os $menuentry_id_option 'osprober-efi-0A97-7A2D' { - insmod part_gpt - insmod fat - search --no-floppy --fs-uuid --set=root 0A97-7A2D - chainloader /EFI/Microsoft/Boot/bootmgfw.efi - } - ''; - }; - }; - kernelPackages = pkgs.linuxPackages_latest; - extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; - kernelModules = [ "v4l2loopback" ]; - extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS VCam" exclusive_caps=1''; - }; - } else { # NxACE - boot = { - loader = { - efi.canTouchEfiVariables = true; - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - }; - }; - kernelPackages = pkgs.linuxPackages_6_12; - }; - }; + config.boot = { + extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; + kernelModules = [ "v4l2loopback" ]; + extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1''; + tmp.useTmpfs = false; + } // device-boot; } diff --git a/system-modules/cache.nix b/system-modules/cache.nix new file mode 100644 index 0000000..df98863 --- /dev/null +++ b/system-modules/cache.nix @@ -0,0 +1,11 @@ +{ ... }: { + nix.settings = { + substitute = true; + substituters = [ + "https://yazi.cachix.org" + ]; + trusted-public-keys = [ + "yazi.cachix.org-1:Dcdz63NZKfvUCbDGngQDAZq6kOroIrFoyO064uvLh8k=" + ]; + }; +} diff --git a/system-modules/calendar-dicos.nix b/system-modules/calendar/dicos.nix similarity index 100% rename from system-modules/calendar-dicos.nix rename to system-modules/calendar/dicos.nix diff --git a/system-modules/calendar-lec.nix b/system-modules/calendar/lec.nix similarity index 100% rename from system-modules/calendar-lec.nix rename to system-modules/calendar/lec.nix diff --git a/system-modules/calendar-lr.nix b/system-modules/calendar/lr.nix similarity index 100% rename from system-modules/calendar-lr.nix rename to system-modules/calendar/lr.nix diff --git a/system-modules/calendar-publish.nix b/system-modules/calendar/publish.nix similarity index 99% rename from system-modules/calendar-publish.nix rename to system-modules/calendar/publish.nix index 3a752d2..a4ddd32 100644 --- a/system-modules/calendar-publish.nix +++ b/system-modules/calendar/publish.nix @@ -1,9 +1,7 @@ -{ pkgs, ... }@all: with all; -let +{ pkgs, hyper, ... }@all: with all; let radicale-root = "/var/lib/radicale"; web-root = "/var/nginx/webroot"; -in -{ +in { systemd.timers."nx_cal_publish" = { enable = true; wantedBy = [ "timers.target" ]; diff --git a/system-modules/editor.nix b/system-modules/editor.nix new file mode 100644 index 0000000..795a9b0 --- /dev/null +++ b/system-modules/editor.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: { + environment = { + variables = { + EDITOR = "hx"; + VISUAL = "hx"; + }; + systemPackages = with pkgs; [ + helix + vim + ]; + }; +} diff --git a/system-modules/gui.nix b/system-modules/gui.nix new file mode 100644 index 0000000..94fb4b6 --- /dev/null +++ b/system-modules/gui.nix @@ -0,0 +1,7 @@ +{ ... }: { + programs.hyprland = { + enable = true; + xwayland.enable = true; + }; + services.xserver.enable = true; +} diff --git a/system-modules/input.nix b/system-modules/input.nix new file mode 100644 index 0000000..24f18ee --- /dev/null +++ b/system-modules/input.nix @@ -0,0 +1,11 @@ +{ ... }: { + services = { + xserver.xkb = { + layout = "de"; + options = "eurosign:e,caps:escape"; + }; + libinput.enable = true; + }; + hardware.uinput.enable = true; +} + diff --git a/system-modules/nx2site/nextcloud.nix b/system-modules/nx2site/nextcloud.nix index 37d067c..eb0148d 100644 --- a/system-modules/nx2site/nextcloud.nix +++ b/system-modules/nx2site/nextcloud.nix @@ -1,4 +1,4 @@ -{ config, hyper, ... }: +{ pkgs, ...}@all: with all; { sops.secrets = { "nx2site/nextcloud/admin-pass" = { owner = "nextcloud"; }; @@ -9,6 +9,7 @@ services = { nextcloud = { enable = true; + package = pkgs.nextcloud; hostName = "nc.${hyper.domain}"; https = true; configureRedis = true; diff --git a/system-modules/nx2site/proxy.nix b/system-modules/nx2site/proxy.nix index 5de496c..50bef19 100644 --- a/system-modules/nx2site/proxy.nix +++ b/system-modules/nx2site/proxy.nix @@ -1,4 +1,4 @@ -{ config, hyper, pkgs, ... }: +{ pkgs, ...}@all: with all; { sops.secrets = { "nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; }; diff --git a/system-modules/nx2site/radicale.nix b/system-modules/nx2site/radicale.nix index 56861df..b805c53 100644 --- a/system-modules/nx2site/radicale.nix +++ b/system-modules/nx2site/radicale.nix @@ -1,4 +1,4 @@ -{ config, hyper, ... }: +{ pkgs, ...}@all: with all; { sops.secrets = { "nx2site/radicale/htpasswd" = { @@ -10,6 +10,7 @@ radicale = { # is run by user radicale enable = true; + package = pkgs.radicale; settings = { server.hosts = let port = builtins.toString 5232; diff --git a/system-modules/printing.nix b/system-modules/printing.nix new file mode 100644 index 0000000..f97bb93 --- /dev/null +++ b/system-modules/printing.nix @@ -0,0 +1,3 @@ +{ ... }: { + services.printing.enable = true; # CUPS +} diff --git a/system-modules/security.nix b/system-modules/security.nix new file mode 100644 index 0000000..391a55a --- /dev/null +++ b/system-modules/security.nix @@ -0,0 +1,6 @@ +{ ... }: { + security = { + polkit.enable = true; + rtkit.enable = true; + }; +} diff --git a/system-modules/terminal.nix b/system-modules/terminal.nix new file mode 100644 index 0000000..fb298dd --- /dev/null +++ b/system-modules/terminal.nix @@ -0,0 +1,7 @@ +{ pkgs, ... }@all: with all; { + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "de"; + }; +} diff --git a/system-modules/tz.nix b/system-modules/tz.nix new file mode 100644 index 0000000..a33a822 --- /dev/null +++ b/system-modules/tz.nix @@ -0,0 +1,4 @@ +{ ... }: { + time.timeZone = "Europe/Berlin"; +} +