diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ff547be --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +./hostname diff --git a/features/audio.nix b/features/audio.nix deleted file mode 100644 index a7b02ed..0000000 --- a/features/audio.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ lib, pkgs, localPackages, ... }: { - environment.systemPackages = with pkgs; [ - pulseaudio - pavucontrol - feishin - easyeffects - helvum - ]; - - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; -} diff --git a/features/gaming.nix b/features/gaming.nix index c00f557..684017d 100644 --- a/features/gaming.nix +++ b/features/gaming.nix @@ -3,7 +3,7 @@ protonup-qt vesktop lutris - gamescope-dbg + gamescope-old wine ]; diff --git a/features/gui.nix b/features/gui.nix index cf03e6b..d064709 100644 --- a/features/gui.nix +++ b/features/gui.nix @@ -12,10 +12,18 @@ wayland-pipewire-idle-inhibit firefox mpv + cinny-desktop + thunderbird + protonmail-bridge + libsecret ]; programs.sway.enable = true; programs.thunar.enable = true; + programs.dconf.enable = true; + + services.gnome.gnome-keyring.enable = true; + services.dbus.packages = [ pkgs.gnome.seahorse ]; xdg.portal.wlr.enable = true; diff --git a/flake.lock b/flake.lock index 06d72df..dc409d8 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1716930911, - "narHash": "sha256-t4HT5j3Jy7skRB5PINnxcEBCkgE89rGBpwTI7YS4Ffo=", + "lastModified": 1717316182, + "narHash": "sha256-Xi0EpZcu39N0eW7apLjFfUOR9y80toyjYizez7J1wMI=", "owner": "nix-community", "repo": "home-manager", - "rev": "a9b36cbe9292a649222b89fdb9ae9907e9c74086", + "rev": "9b53a10f4c91892f5af87cf55d08fba59ca086af", "type": "github" }, "original": { @@ -22,11 +22,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1716509168, - "narHash": "sha256-4zSIhSRRIoEBwjbPm3YiGtbd8HDWzFxJjw5DYSDy1n8=", + "lastModified": 1716948383, + "narHash": "sha256-SzDKxseEcHR5KzPXLwsemyTR/kaM9whxeiJohbL04rs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bfb7a882678e518398ce9a31a881538679f6f092", + "rev": "ad57eef4ef0659193044870c731987a6df5cf56b", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 2407411..6239c59 100644 --- a/flake.nix +++ b/flake.nix @@ -9,51 +9,100 @@ outputs = inputs@{ self, nixpkgs, home-manager, ... }: let inherit (self) outputs; - in { + + hostname = + if (builtins.pathExists ./hostname) then + builtins.readFile(./hostname) + else + "default-hostname"; + + configs."ankaa" = { + openssh = { + enable = true; + port = 2222; + }; + + backup = { + enable = true; + user = "eesim"; + paths = [ "/home/eesim" ]; + repo = "rf030789@rf030789.repo.borgbase.com:repo"; + excludes = [ + "/home/eesim/.local/share/Steam/steamapps/common" + "/home/eesim/.cache" + ]; + passphrase = "/home/eesim/.ssh/borgbase_passphrase"; + key = "/home/eesim/.ssh/id_ed25519_borgbase"; + repeat = "daily"; + }; + + audio = { + pipewire.enable = true; + music.enable = true; + tools = { + helvum = true; + easyeffects = true; + }; + }; + + gui = { + enable = true; + protonmail = true; + matrix = true; + }; + + games.enable = true; + + common.nil.enable = true; + + networking.wireguard.enable = true; + + }; + + configs."alpheratz" = { + audio = { + pipewire.enable = true; + music.enable = true; + + gui = { + enable = true; + protonmail = true; + matrix = true; + }; + }; + + common.nil.enable = true; + + networking.wireguard.enable = true; + }; + + configs."default-hostname" = { + + }; + + in { nixosConfigurations = { - ankaa = nixpkgs.lib.nixosSystem { + "${hostname}" = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit (outputs) localPackages; - openssh-port = 2222; }; modules = [ - ./hosts/ankaa/configuration.nix - ./hosts/ankaa/hardware-configuration.nix - ./features/audio.nix - ./features/common.nix - ./features/gui.nix - ./features/networking.nix - ./features/gaming.nix - ./modules/backups/home-ankaa.nix - ./modules/openssh.nix + { + networking.hostName = hostname; + } + (import ./modules/nix) + { + simmer = configs."${hostname}"; + } + (./. + "/hosts/${hostname}/system.nix") + (./. + "/hosts/${hostname}/hardware-configuration.nix") home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; - home-manager.users.eesim = import ./hosts/ankaa/home.nix; - } - ]; - }; - alpheratz = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - inherit (outputs) localPackages; - }; - modules = [ - ./hosts/alpheratz/configuration.nix - ./hosts/alpheratz/hardware-configuration.nix - ./features/common.nix - ./features/gui.nix - ./features/audio.nix - ./features/networking.nix - ./features/laptop.nix - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.eesim = import ./hosts/alpheratz/home.nix; + home-manager.users.eesim = import (./. + "/hosts/${hostname}/home.nix"); } ]; }; diff --git a/hostname b/hostname new file mode 100644 index 0000000..8e167af --- /dev/null +++ b/hostname @@ -0,0 +1 @@ +ankaa \ No newline at end of file diff --git a/hosts/alpheratz/home.nix b/hosts/alpheratz/home.nix index 69d6043..134da89 100644 --- a/hosts/alpheratz/home.nix +++ b/hosts/alpheratz/home.nix @@ -5,7 +5,9 @@ }: { - imports = []; + imports = [ + ../../modules/home + ]; home = { username = "eesim"; @@ -17,42 +19,7 @@ home.file.".config/waybar".source = ./dotfiles/waybar; home.file.".config/fish/config.fish".source = ./dotfiles/fish/config.fish; - programs.git = { - enable = true; - userName = "Ethan Simmons"; - userEmail = "eesimmons9105@gmail.com"; - extraConfig = { - core.sshCommand = "'ssh -i /home/eesim/.ssh/id_ed25519'"; - }; - }; - - programs.direnv = { - enable = true; - enableBashIntegration = true; - nix-direnv.enable = true; - }; - programs.home-manager.enable = true; - gtk = { - enable = true; - cursorTheme = { - name = "phinger-cursors-dark"; - package = pkgs.phinger-cursors; - }; - theme = { - name = "adw-gtk3-dark"; - package = pkgs.adw-gtk3; - }; - }; - - qt = { - style = { - name = "adwaita-dark"; - package = pkgs.adwaita-qt; - }; - }; - - home.stateVersion = "23.11"; } diff --git a/hosts/alpheratz/configuration.nix b/hosts/alpheratz/system.nix similarity index 90% rename from hosts/alpheratz/configuration.nix rename to hosts/alpheratz/system.nix index 208101b..efccf9a 100644 --- a/hosts/alpheratz/configuration.nix +++ b/hosts/alpheratz/system.nix @@ -36,13 +36,6 @@ "/nix".options = [ "compress=zstd" "noatime" ]; }; - networking.hostName = "alpheratz"; - networking.networkmanager.enable = true; - networking.nameservers = [ "192.168.0.100" ]; - - networking.firewall = { - allowedUDPPorts = [ 51820 ]; - }; networking.wg-quick.interfaces = { wg0 = { address = [ "10.6.0.5" ]; @@ -55,7 +48,7 @@ publicKey = "pEWHugUnnhWXkJzCIhXryRRZMoCAuvAITDeP4ItenQk="; presharedKeyFile = "/root/wireguard-keys/wg0/preshared"; allowedIPs = [ "10.2.0.0/24" "192.168.0.0/24" ]; - endpoint = "jellyfin.simmer505.com:51820"; + endpoint = "simmer505.com:51820"; persistentKeepalive = 25; } ]; diff --git a/hosts/ankaa/dotfiles/sway/config b/hosts/ankaa/dotfiles/sway/config index 377883d..2115258 100644 --- a/hosts/ankaa/dotfiles/sway/config +++ b/hosts/ankaa/dotfiles/sway/config @@ -280,7 +280,7 @@ exec --no-startup-id ydotoold exec --no-startup-id easyeffects --gapplication-service exec --no-startup-id wayland-pipewire-idle-inhibit exec --no-startup-id /usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1 -exec --no-startup-id protonmail-bridge +exec --no-startup-id protonmail-bridge --noninteractive exec --no-startup-id swayidle -w \ timeout 600 'swaymsg "output * dpms off"' \ resume 'swaymsg "output * dpms on"' diff --git a/hosts/ankaa/home.nix b/hosts/ankaa/home.nix index 32621da..0e60f82 100644 --- a/hosts/ankaa/home.nix +++ b/hosts/ankaa/home.nix @@ -3,9 +3,12 @@ pkgs, ... }: + { - imports = []; + imports = [ + ../../modules/home + ]; home = { username = "eesim"; @@ -22,39 +25,7 @@ # Fix for slow steam download speeds https://old.reddit.com/r/linux_gaming/comments/16e1l4h/slow_steam_downloads_try_this/ home.file.".steam/steam/steam_dev.cfg".source = ./dotfiles/steam/steam_dev.cfg; - programs.git = { - enable = true; - userName = "Ethan Simmons"; - userEmail = "eesimmons9105@gmail.com"; - }; - - programs.direnv = { - enable = true; - enableBashIntegration = true; - nix-direnv.enable = true; - }; - programs.home-manager.enable = true; - gtk = { - enable = true; - iconTheme = { - name = "awaida-dark"; - package = pkgs.gnome.adwaita-icon-theme; - }; - theme = { - name = "adw-gtk3-dark"; - package = pkgs.adw-gtk3; - }; - }; - - qt = { - style = { - name = "adwaita-dark"; - package = pkgs.adwaita-qt; - }; - }; - - home.stateVersion = "23.11"; } diff --git a/hosts/ankaa/configuration.nix b/hosts/ankaa/system.nix similarity index 92% rename from hosts/ankaa/configuration.nix rename to hosts/ankaa/system.nix index 29a0dc5..3ce38aa 100644 --- a/hosts/ankaa/configuration.nix +++ b/hosts/ankaa/system.nix @@ -33,10 +33,6 @@ "/nix".options = [ "compress=zstd" "noatime" ]; }; - networking.hostName = "ankaa"; - networking.networkmanager.enable = true; - networking.nameservers = [ "192.168.0.100" ]; - # Set your time zone. time.timeZone = "America/Chicago"; diff --git a/modules/backups/home-ankaa.nix b/modules/backups/home-ankaa.nix deleted file mode 100644 index 160f400..0000000 --- a/modules/backups/home-ankaa.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ pkgs, lib, ... }: { - services.borgbackup.jobs = { - home-ankaa = - let - user = "eesim"; - home = "/home/${user}"; - excludes = [ ".local/share/Steam/steamapps/common" ".cache" ]; - in - { - inherit user; - paths = [ home ]; - exclude = builtins.map (e: "${home}/${e}") excludes; - repo = "rf030789@rf030789.repo.borgbase.com:repo"; - encryption = { - mode = "repokey-blake2"; - passCommand = "cat ${home}/.ssh/borgbase_passphrase"; - }; - environment.BORG_RSH = "ssh -i ${home}/.ssh/id_ed25519_borgbase"; - compression = "auto,lzma"; - startAt = "daily"; - }; - }; -} diff --git a/modules/home/default.nix b/modules/home/default.nix new file mode 100644 index 0000000..8452bb0 --- /dev/null +++ b/modules/home/default.nix @@ -0,0 +1,14 @@ +{ lib +, pkgs +, config +, ... +}: + +{ + imports = [ + ./git.nix + ./direnv.nix + ./git.nix + ./qt.nix + ]; +} diff --git a/modules/home/direnv.nix b/modules/home/direnv.nix new file mode 100644 index 0000000..f65797a --- /dev/null +++ b/modules/home/direnv.nix @@ -0,0 +1,26 @@ +{ lib +, pkgs +, config +, ... +}: + +with lib; let + cfg = config.simmer.direnv; +in +{ + options.simmer.direnv = { + enable = mkOption { + description = "Whether to install and configure direnv"; + type = types.bool; + default = true; + }; + }; + + config = mkIf cfg.enable { + programs.direnv = { + enable = true; + enableBashIntegration = true; + nix-direnv.enable = true; + }; + }; +} diff --git a/modules/home/git.nix b/modules/home/git.nix new file mode 100644 index 0000000..ad15dfe --- /dev/null +++ b/modules/home/git.nix @@ -0,0 +1,26 @@ +{ lib +, pkgs +, config +, ... +}: + +with lib; let + cfg = config.simmer.git; +in +{ + options.simmer.git = { + enable = mkOption { + description = "Whether to install and configure git"; + type = types.bool; + default = true; + }; + }; + + config = mkIf cfg.enable { + programs.git = { + enable = true; + userName = "Ethan Simmons"; + userEmail = "eesimmons9105@gmail.com"; + }; + }; +} diff --git a/modules/home/gtk.nix b/modules/home/gtk.nix new file mode 100644 index 0000000..893c83a --- /dev/null +++ b/modules/home/gtk.nix @@ -0,0 +1,37 @@ +{ lib +, pkgs +, config +, ... +}: + +with lib; let + cfg = config.simmer.gtk; + gui = config.simmer.gui; +in +{ + options.simmer.gtk = { + theme.enable = mkOption { + description = "Whether to enable gtk themes"; + type = types.bool; + default = gui.enable; + }; + }; + + config = { + gtk = mkIf cfg.enable { + enable = true; + cursorTheme = { + name = "phinger-cursors-dark"; + package = pkgs.phinger-cursors; + }; + iconTheme = { + name = "awaida-dark"; + package = pkgs.gnome.adwaita-icon-theme; + }; + theme = { + name = "adw-gtk3-dark"; + package = pkgs.adw-gtk3; + }; + }; + }; +} diff --git a/modules/home/qt.nix b/modules/home/qt.nix new file mode 100644 index 0000000..decc4f3 --- /dev/null +++ b/modules/home/qt.nix @@ -0,0 +1,26 @@ +{ lib +, pkgs +, config +, ... +}: + +with lib; let + cfg = config.simmer.qt; + gui = config.simmer.gui; +in +{ + options.simmer.qt = { + theme.enable = mkOption { + description = "Whether to enable qt themes"; + type = types.bool; + default = gui.enable; + }; + }; + + config = { + qt.style = mkIf cfg.theme.enable { + name = "adwaita-dark"; + package = pkgs.adwaita-qt; + }; + }; +} diff --git a/modules/nix/audio.nix b/modules/nix/audio.nix new file mode 100644 index 0000000..3718002 --- /dev/null +++ b/modules/nix/audio.nix @@ -0,0 +1,78 @@ +{ lib +, pkgs +, config +, ... +}: + +with lib; let + cfg = config.simmer.audio; +in +{ + + options.simmer.audio = { + pipewire = { + enable = mkOption { + description = "Enable pipewire"; + type = types.bool; + default = false; + }; + pulseSupport = mkOption { + description = "Enable pulse support for pipewire"; + type = types.bool; + default = true; + }; + alsaSupport = mkOption { + description = "Enable alsa support for pipewire"; + type = types.bool; + default = true; + }; + }; + + music = { + enable = mkOption { + description = "Install music player"; + type = types.bool; + default = false; + }; + }; + + tools = { + helvum = mkOption { + description = "Install helvum"; + type = types.bool; + default = false; + }; + easyeffects = mkOption { + description = "Install easyeffects"; + type = types.bool; + default = false; + }; + pavucontrol = mkOption { + description = "Install pavucontrol"; + type = types.bool; + default = cfg.pipewire.enable; + }; + }; + }; + + config = { + environment.systemPackages = + with pkgs; [] + ++ optional cfg.tools.helvum helvum + ++ optional cfg.tools.easyeffects easyeffects + ++ optional cfg.tools.pavucontrol pavucontrol + ++ optional cfg.pipewire.pulseSupport pulseaudio + ++ optional cfg.music.enable feishin; + + + security.rtkit.enable = mkIf cfg.pipewire.enable true; + services.pipewire = mkIf cfg.pipewire.enable { + enable = true; + alsa = mkIf cfg.pipewire.alsaSupport { + enable = true; + support32Bit = true; + }; + pulse.enable = mkIf cfg.pipewire.pulseSupport true; + }; + }; +} diff --git a/modules/nix/backup.nix b/modules/nix/backup.nix new file mode 100644 index 0000000..f3b7d29 --- /dev/null +++ b/modules/nix/backup.nix @@ -0,0 +1,74 @@ +{ pkgs +, lib +, config +, ... +}: + +with lib; let + cfg = config.simmer.backup; +in +{ + options.simmer.backup = { + enable = mkOption { + description = "Whether backups should be enabled"; + type = types.bool; + default = false; + }; + + repo = mkOption { + description = "Which repository to backup to"; + type = types.str; + }; + + paths = mkOption { + description = "Which paths to backup"; + type = types.listOf types.str; + }; + + user = mkOption { + description = "Which user to run backup commands with"; + type = types.str; + default = "root"; + }; + + excludes = mkOption { + description = "Which directories to exclude"; + type = types.listOf types.str; + default = []; + }; + + passphrase = mkOption { + description = "path to file containing passphrase"; + type = types.path; + }; + + key = mkOption { + description = "Path to file containing SSH Key"; + type = types.path; + }; + + repeat = mkOption { + description = "How often to run the backup (hourly, daily, weekly)"; + type = types.enum [ "hourly" "daily" "weekly" ]; + }; + + }; + + config = mkIf cfg.enable { + services.borgbackup.jobs = { + backup = { + user = cfg.user; + paths = cfg.paths; + exclude = cfg.excludes; + repo = cfg.repo; + encryption = { + mode = "repokey-blake2"; + passCommand = "cat ${cfg.passphrase}"; + }; + environment.BORG_RSH = "ssh -i ${cfg.key}"; + compression = "auto,lzma"; + startAt = cfg.repeat; + }; + }; + }; +} diff --git a/modules/nix/common.nix b/modules/nix/common.nix new file mode 100644 index 0000000..9c51fa1 --- /dev/null +++ b/modules/nix/common.nix @@ -0,0 +1,58 @@ +{ lib +, pkgs +, localPackages +, config +, ... +}: + +with lib; let + cfg = config.simmer.common; +in +{ + + options.simmer.common = { + neovim.enable = mkOption { + description = "Whether to install neovim and set as default editor"; + type = types.bool; + default = true; + }; + + nil.enable = mkOption { + description = "Whether to install nil"; + type = types.bool; + default = false; + }; + + shell = mkOption { + description = "Default shell to use (fish)"; + type = types.enum [ "fish" ]; + default = "fish"; + }; + }; + + + config = { + + environment.systemPackages = with pkgs; [ + curl + wget + git + killall + vim + eza + ripgrep + fzf + ncdu + btop + ] + ++ optional cfg.nil.enable nil; + + programs.neovim = mkIf cfg.neovim.enable { + enable = true; + defaultEditor = true; + }; + + programs.fish.enable = mkIf (cfg.shell == "fish") true; + }; + +} diff --git a/modules/nix/default.nix b/modules/nix/default.nix new file mode 100644 index 0000000..7fefff3 --- /dev/null +++ b/modules/nix/default.nix @@ -0,0 +1,17 @@ +{ lib +, pkgs +, config +, ... +}: + +{ + imports = [ + ./openssh.nix + ./backup.nix + ./audio.nix + ./gui.nix + ./common.nix + ./networking.nix + ./games.nix + ]; +} diff --git a/modules/nix/games.nix b/modules/nix/games.nix new file mode 100644 index 0000000..97e1073 --- /dev/null +++ b/modules/nix/games.nix @@ -0,0 +1,61 @@ +{ lib +, pkgs +, config +, localPackages +, ... +}: +with lib; let + cfg = config.simmer.games; +in +{ + options.simmer.games = { + enable = mkOption { + description = "Whether to enable games"; + type = types.bool; + default = false; + }; + + protonup.enable = mkOption { + description = "Whether to install protonup"; + type = types.bool; + default = true; + }; + + lutris.enable = mkOption { + description = "Whether to install lutris"; + type = types.bool; + default = false; + }; + + steam.enable = mkOption { + description = "Whether to install steam"; + type = types.bool; + default = true; + }; + + gamescope.enable = mkOption { + description = "Whether to install gamescope"; + type = types.bool; + default = cfg.steam.enable; + }; + + discord.enable = mkOption { + description = "Whether to install discord"; + type = types.bool; + default = true; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; with localPackages.x86_64-linux; + [] + ++ optional cfg.protonup.enable protonup-qt + ++ optional cfg.gamescope.enable gamescope-old + ++ optional cfg.discord.enable vesktop + ++ optionals cfg.lutris.enable [ lutris wine ]; + + programs.steam = mkIf cfg.steam.enable { + enable = true; + }; + }; +} diff --git a/modules/nix/gui.nix b/modules/nix/gui.nix new file mode 100644 index 0000000..808b9d4 --- /dev/null +++ b/modules/nix/gui.nix @@ -0,0 +1,85 @@ +{ lib +, pkgs +, config +, localPackages +, ... +}: + +with lib; let + cfg = config.simmer.gui; +in +{ + + options.simmer.gui = { + enable = mkOption { + description = "Enable gui"; + type = types.bool; + default = false; + }; + + wm = mkOption { + description = "Which window manager to install"; + type = types.enum [ "sway" ]; + default = "sway"; + }; + + terminal = mkOption { + description = "Which terminal to install (alacritty)"; + type = types.enum [ pkgs.alacritty ]; + default = pkgs.alacritty; + }; + + protonmail = mkOption { + description = "Whether to install protonmail bridge and mail application"; + type = types.bool; + default = false; + }; + + secrets = mkOption { + description = "Whether to enable secrets handling with gnomke-keyring"; + type = types.bool; + default = cfg.protonmail; + }; + + matrix = mkOption { + description = "Whether to install a matrix client"; + type = types.bool; + default = false; + }; + }; + + + config = mkIf cfg.enable { + + environment.systemPackages = with pkgs; with localPackages.x86_64-linux; [] + ++ optionals (cfg.wm == "sway") [ + wl-clipboard + grim + slurp + waybar + swaybg + kickoff + kickoff-dot-desktop + wayland-pipewire-idle-inhibit + firefox + mpv + ] + ++ [ cfg.terminal ] + ++ optional cfg.matrix cinny-desktop + ++ optional cfg.secrets libsecret + ++ optionals cfg.protonmail [ thunderbird protonmail-bridge ]; + + programs.sway.enable = mkIf (cfg.wm == "sway") true; + + programs.dconf.enable = mkIf cfg.secrets true; + services.gnome.gnome-keyring.enable = mkIf cfg.secrets true; + services.dbus.packages = mkIf cfg.secrets [ pkgs.gnome.seahorse ]; + + xdg.portal.wlr.enable = true; + programs.thunar.enable = true; + + fonts.packages = with pkgs; [ + font-awesome + ]; + }; +} diff --git a/modules/nix/networking.nix b/modules/nix/networking.nix new file mode 100644 index 0000000..f9103bc --- /dev/null +++ b/modules/nix/networking.nix @@ -0,0 +1,74 @@ +{ lib +, pkgs +, localPackages +, config +, ... +}: +with lib; let + cfg = config.simmer.networking; + openssh = config.simmer.openssh; +in +{ + + options.simmer.networking = { + firewall = { + enable = mkOption { + description = "Whether to enable firewall"; + type = types.bool; + default = true; + }; + + allowedTCPPorts = mkOption { + description = "Which tcp ports to allow through firewall"; + type = types.listOf types.int; + default = [] + ++ optional openssh.enable openssh.port; + }; + + allowedUDPPorts = mkOption { + description = "Which udp ports to allow through firewall"; + type = types.listOf types.int; + default = []; + }; + + }; + + wireguard = { + enable = mkOption { + description = "Whether to install wireguard"; + type = types.bool; + default = false; + }; + }; + + networkmanager = { + enable = mkOption { + description = "Whether to enable network manager"; + type = types.bool; + default = true; + }; + }; + + nameservers = mkOption { + description = "Which nameservers to use"; + type = types.listOf types.str; + default = [ "1.1.1.1" ]; + }; + }; + + config = { + environment.systemPackages = with pkgs; [ + ldns + ] + ++ optional cfg.wireguard.enable wireguard-tools; + + networking.networkmanager.enable = cfg.networkmanager.enable; + networking.nameservers = cfg.nameservers; + networking.firewall = { + enable = cfg.firewall.enable; + allowedTCPPorts = cfg.firewall.allowedTCPPorts; + allowedUDPPorts = cfg.firewall.allowedUDPPorts; + }; + }; + +} diff --git a/modules/nix/openssh.nix b/modules/nix/openssh.nix new file mode 100644 index 0000000..98b4824 --- /dev/null +++ b/modules/nix/openssh.nix @@ -0,0 +1,42 @@ +{ lib +, pkgs +, config +, ... +}: + +with lib; let + cfg = config.simmer.openssh; +in +{ + options.simmer.openssh = { + enable = mkOption { + description = "Whether to enable openssh server"; + type = types.bool; + default = false; + }; + + port = mkOption { + description = "What port the server should run on"; + type = types.int; + default = 22; + }; + + allow-password = mkOption { + description = "Whether the server should allow password authenitication" ; + type = types.bool; + default = false; + }; + }; + + config = mkIf cfg.enable { + services.openssh = { + enable = true; + ports = [ cfg.port ]; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + }; + }; + }; + +} diff --git a/modules/openssh.nix b/modules/openssh.nix deleted file mode 100644 index 85706c0..0000000 --- a/modules/openssh.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ lib -, pkgs -, openssh-port ? 22 -, ... -}: - -{ - services.openssh = { - enable = true; - ports = [ openssh-port ]; - settings = { - PermitRootLogin = "no"; - PasswordAuthentication = false; - }; - }; -} diff --git a/pkgs/gamescope-dbg/default.nix b/pkgs/gamescope-dbg/default.nix index 8e3db40..984947b 100644 --- a/pkgs/gamescope-dbg/default.nix +++ b/pkgs/gamescope-dbg/default.nix @@ -144,6 +144,8 @@ stdenv.mkDerivation (finalAttrs: { --add-needed ${libgcc.lib}/lib/libasan.so.8 \ --add-needed libvulkan.so.1 + LD_PRELOAD="${libgcc.lib}/lib/libasan.so.8" + # --debug-layers flag expects these in the path wrapProgram "$out/bin/gamescope" \ --prefix PATH : ${with xorg; lib.makeBinPath [xprop xwininfo]}