diff options
| author | Leonardo Santiago <[email protected]> | 2024-09-12 21:44:46 -0300 |
|---|---|---|
| committer | Leonardo Santiago <[email protected]> | 2024-09-12 23:20:51 -0300 |
| commit | 62100c9265a4de389d1ea8060cbddddacde161a7 (patch) | |
| tree | 811ca1c5803ccdb2670f0c239214bc0dc30f57c7 /modules | |
| parent | f9ddec7952709d7b5d5d79deadca07c573510d49 (diff) | |
split users/leonardo.nix into modules with options
in order to be able to deploy just a few of those to iori.nix
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/basic.nix | 63 | ||||
| -rw-r--r-- | modules/ddns.nix | 16 | ||||
| -rw-r--r-- | modules/default-user.nix | 212 | ||||
| -rw-r--r-- | modules/desktop-environment.nix | 25 | ||||
| -rw-r--r-- | modules/emacs/README.org | 4 | ||||
| -rw-r--r-- | modules/emacs/default.nix (renamed from modules/emacs/emacs.nix) | 10 | ||||
| -rw-r--r-- | modules/fonts.nix | 24 | ||||
| -rw-r--r-- | modules/games.nix | 27 | ||||
| -rw-r--r-- | modules/gnome.nix | 75 | ||||
| -rw-r--r-- | modules/gnome/default.nix | 47 | ||||
| -rw-r--r-- | modules/gnome/gnome-config.nix (renamed from modules/gnome-config.nix) | 8 |
11 files changed, 424 insertions, 87 deletions
diff --git a/modules/basic.nix b/modules/basic.nix new file mode 100644 index 0000000..e2c68c1 --- /dev/null +++ b/modules/basic.nix @@ -0,0 +1,63 @@ +{ config, lib, pkgs, ...}: with lib; { + options.santi-modules.basic.enable = mkOption { + type = types.bool; + default = true; + description = "Enables basic configuration on nix, nixpkgs and bash prompt."; + }; + config = mkIf config.santi-modules.basic.enable { + nix = { + package = pkgs.lib.mkForce pkgs.nixVersions.nix_2_23; + settings = { + trusted-users = [ "root" "leonardo" ]; + auto-optimise-store = true; + }; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + nixpkgs = { + config.allowUnfree = true; + config.allowUnfreePredicate = _: true; + }; + + programs.bash = { + vteIntegration = true; + enableLsColors = true; + completion.enable = true; + promptInit = + '' + PS1="\[\033[1;95m\][\h]\[\033[0m\] \[\033[0;32m\]\w\[\033[0m\] :: " + [ -n "$EAT_SHELL_INTEGRATION_DIR" ] && source "$EAT_SHELL_INTEGRATION_DIR/bash" + ''; + }; + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + time.timeZone = "America/Sao_Paulo"; + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "pt_BR.UTF-8"; + LC_IDENTIFICATION = "pt_BR.UTF-8"; + LC_MEASUREMENT = "pt_BR.UTF-8"; + LC_MONETARY = "pt_BR.UTF-8"; + LC_NAME = "pt_BR.UTF-8"; + LC_NUMERIC = "pt_BR.UTF-8"; + LC_PAPER = "pt_BR.UTF-8"; + LC_TELEPHONE = "pt_BR.UTF-8"; + LC_TIME = "pt_BR.UTF-8"; + }; + + services.xserver = { + enable = true; + xkb = { + variant = "abnt2"; + layout = "br"; + }; + }; + console.keyMap = "br-abnt2"; + }; +} diff --git a/modules/ddns.nix b/modules/ddns.nix new file mode 100644 index 0000000..53dcb0f --- /dev/null +++ b/modules/ddns.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ...}: with lib; { + options.santi-modules.services.ddns.enable = mkEnableOption "Enable ddns service"; + config = mkIf config.santi-modules.services.ddns.enable { + services.inadyn = { + enable = true; + user = "leonardo"; + group = "users"; + settings.provider."cloudflare.com" = { + hostname="santi.net.br"; + username="santi.net.br"; + proxied = false; + include = config.age.secrets.cloudflare.path; + }; + }; + }; +} diff --git a/modules/default-user.nix b/modules/default-user.nix new file mode 100644 index 0000000..189c354 --- /dev/null +++ b/modules/default-user.nix @@ -0,0 +1,212 @@ +{ config, lib, inputs, pkgs, ...}: with lib; let + cfg = config.santi-modules; +in { + imports = [ + inputs.agenix.nixosModules.default + inputs.home-manager.nixosModules.home-manager + ]; + options.santi-modules = { + default-user.enable = mkOption { + type = types.bool; + default = true; + description = "Enables default user configuration and ssh access"; + }; + mu.enable = mkEnableOption "Enables mu, mbsync and msmtp"; + firefox.enable = mkEnableOption "Enables firefox"; + }; + config = mkIf config.santi-modules.default-user.enable { + environment.systemPackages = [ + pkgs.rage + ] ++ (if cfg.mu.enable then [ pkgs.parallel ] else []); + users.mutableUsers = false; + users.users.leonardo = { + isNormalUser = true; + description = "leonardo"; + extraGroups = [ "networkmanager" "wheel" ]; + shell = pkgs.bashInteractive; + hashedPasswordFile = config.age.secrets.user-pass.path; + openssh.authorizedKeys.keys = [ (builtins.readFile ../secrets/user-ssh-key.pub)] ++ builtins.attrValues (import ../secrets/host-pub-keys.nix); + }; + age.secrets = let + with-perms = name: { + file = ../secrets/${name}.age; + owner = "leonardo"; + group = "users"; + }; + in { + user-pass = with-perms "user-pass"; + user-ssh-key = (with-perms "user-ssh-key") // { + path = "/home/leonardo/.ssh/id_ed25519"; + }; + } // (optionalAttrs cfg.mu.enable (let + mails = ["work-mail" "personal-mail" "university-mail"]; + mail-cfg = map (n: {name = n; value = with-perms n;}) mails; + in + listToAttrs mail-cfg)) + // (optionalAttrs cfg.services.ddns.enable ({ + cloudflare = with-perms "cloudflare"; + })); + programs.ssh.startAgent = true; + services.openssh = { + enable = true; + settings = { + KbdInteractiveAuthentication = false; + PasswordAuthentication = false; + }; + }; + home-manager = { + backupFileExtension = "backup"; + useGlobalPkgs = true; + useUserPackages = true; + users.leonardo = { + imports = [ (import ./gnome/gnome-config.nix config.santi-modules) ]; + home = { + stateVersion = "23.05"; + file.".ssh/id_ed25519.pub".source = ../secrets/user-ssh-key.pub; + file.".mozilla/firefox/leonardo/chrome/firefox-gnome-theme" = mkIf cfg.firefox.enable { source = inputs.firefox-gnome-theme; }; + packages = lib.optionals cfg.desktop-environment.enable (with pkgs; [ + discord + slack + whatsapp-for-linux + telegram-desktop + ]); + }; + programs = { + bash = { + enable = true; + enableCompletion = true; + initExtra = '' + shopt -s -q autocd + shopt -s no_empty_cmd_completion + ''; + }; + fzf = { + enable = true; + enableBashIntegration = true; + }; + git = { + enable = true; + lfs.enable = true; + diff-so-fancy.enable = true; + extraConfig = { + user = { + name = "Leonardo Santiago"; + email = "[email protected]"; + signingkey = "~/.ssh/id_ed25519"; + }; + color.ui = true; + gpg.format = "ssh"; + commit.gpgsign = true; + }; + }; + mu.enable = cfg.mu.enable; + msmtp.enable = cfg.mu.enable; + mbsync.enable = cfg.mu.enable; + firefox = { + enable = cfg.firefox.enable; + package = pkgs.firefox.override { # nixpkgs' firefox/wrapper.nix + nativeMessagingHosts = optional cfg.gnome.enable [ + pkgs.gnome-browser-connector + ]; + }; + profiles.leonardo = { + userChrome = '' + @import "firefox-gnome-theme/userChrome.css"; + ''; + userContent = '' + @import "firefox-gnome-theme/userContent.css"; + ''; + settings = { + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; # Enable customChrome.cs + "browser.uidensity" = 0; # Set UI density to normal + "svg.context-properties.content.enabled" = true; # Enable SVG context-propertes + # firefox-gnome-theme + "gnomeTheme.activeTabContrast" = true; + "gnomeTheme.hideWebrtcIndicator" = true; + "gnomeTheme.bookmarksToolbarUnderTabs" = true; + "gnomeTheme.hideSingleTab" = true; + }; + }; + policies = { + DisableTelemetry = true; + DisableFirefoxStudies = true; + EnableTrackingProtection = { + Value= true; + Locked = true; + Cryptomining = true; + Fingerprinting = true; + }; + DisablePocket = true; + DisableFirefoxAccounts = true; + DisableAccounts = true; + DisableFirefoxScreenshots = true; + OverrideFirstRunPage = ""; + OverridePostUpdatePage = ""; + DontCheckDefaultBrowser = true; + ExtensionSettings = { + "*".installation_mode = "blocked"; # blocks all addons except the ones specified below + # uBlock Origin: + "[email protected]" = { + install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; + installation_mode = "force_installed"; + }; + }; + }; + }; + }; + services.mbsync = mkIf cfg.mu.enable { + enable = true; + frequency = "*:0/5"; + }; + accounts.email.accounts = mkIf cfg.mu.enable { + personal = { + address = "[email protected]"; + userName = "[email protected]"; + imap.host = "imap.gmail.com"; + smtp.host = "smtp.gmail.com"; + primary = true; + realName = "Leonardo Ribeiro Santiago"; + mbsync = { + enable = true; + create = "both"; + expunge = "both"; + }; + msmtp.enable = true; + mu.enable = true; + passwordCommand = "cat ${config.age.secrets.personal-mail.path}"; + }; + university = { + address = "[email protected]"; + userName = "[email protected]"; + imap.host = "imap.gmail.com"; + smtp.host = "smtp.gmail.com"; + realName = "Leonardo Ribeiro Santiago"; + mbsync = { + enable = true; + create = "both"; + expunge = "both"; + }; + msmtp.enable = true; + mu.enable = true; + passwordCommand = "cat ${config.age.secrets.university-mail.path}"; + }; + work = { + address = "[email protected]"; + userName = "[email protected]"; + imap.host = "imap.gmail.com"; + smtp.host = "smtp.gmail.com"; + realName = "Leonardo Ribeiro Santiago"; + mbsync = { + enable = true; + create = "both"; + expunge = "both"; + }; + msmtp.enable = true; + mu.enable = true; + passwordCommand = "cat ${config.age.secrets.work-mail.path}"; + }; + }; + }; + }; + }; +} diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix new file mode 100644 index 0000000..c9408d9 --- /dev/null +++ b/modules/desktop-environment.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: with lib; { + options.santi-modules.desktop-environment.enable = mkEnableOption "Enable default desktop-environment"; + config = mkIf config.santi-modules.desktop-environment.enable { + santi-modules = { + font-config.enable = true; + emacs.enable = true; + gnome.enable = true; + games.enable = true; + mu.enable = true; + default-user.enable = true; + firefox.enable = true; + basic.enable = true; + }; + + services.printing.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + }; +} diff --git a/modules/emacs/README.org b/modules/emacs/README.org index 0b8ff54..81c0775 100644 --- a/modules/emacs/README.org +++ b/modules/emacs/README.org @@ -388,12 +388,12 @@ Actual mu4e definition (use-package mu4e :bind ("C-c m" . mu4e) :custom - (mu4e-notification-support t) (read-mail-command 'mu4e) (mu4e-index-cleanup nil) (mu4e-index-lazy-check t) (mu4e-use-fancy-chars (display-graphic-p)) (mu4e-confirm-quit nil) + (mu4e-eldoc-support t) (mu4e-change-filenames-when-moving t) (mu4e-update-interval (* 5 60)) (mu4e-get-mail-command "parallel mbsync ::: personal work university") @@ -417,7 +417,7 @@ Actual mu4e definition (cond ((personal-p msg) "/personal/[Gmail]/Todos\ os\ e-mails") ((university-p msg) "/university/[Gmail]/Todos\ os\ e-mails") - ((work-p msg) "/work/[Gmail]/'All mail'")))) + ((work-p msg) "/work/[Gmail]/All\ mail")))) (mu4e-trash-folder (lambda (msg) (cond ((personal-p msg) "/personal/[Gmail]/Lixeira") diff --git a/modules/emacs/emacs.nix b/modules/emacs/default.nix index bc73977..ceba97e 100644 --- a/modules/emacs/emacs.nix +++ b/modules/emacs/default.nix @@ -1,13 +1,11 @@ -{ pkgs, inputs, ...}: +{ pkgs, inputs, lib, config, ...}: let outside-emacs = with pkgs; [ (python3.withPackages (p: (with p; [ python-lsp-server python-lsp-ruff - pylsp-mypy ]))) nil - parallel ripgrep emacs-lsp-booster ]; @@ -42,9 +40,9 @@ let ])) ] ++ outside-emacs; }; -in -{ - config = { +in with lib; { + options.santi-modules.emacs.enable = mkEnableOption "Enable emacs configuration"; + config = mkIf config.santi-modules.emacs.enable { nixpkgs.overlays = [ inputs.emacs-overlay.overlays.default ]; environment.systemPackages = [ emacs diff --git a/modules/fonts.nix b/modules/fonts.nix new file mode 100644 index 0000000..286f670 --- /dev/null +++ b/modules/fonts.nix @@ -0,0 +1,24 @@ +{ config, lib, pkgs, ...} : with lib; { + options.santi-modules.font-config.enable = mkOption { + type = types.bool; + default = true; + description = "Installs default fonts."; + }; + config = mkIf config.santi-modules.font-config.enable { + fonts = { + fontconfig = { + enable = true; + defaultFonts = { + monospace = [ "Iosevka" "IPAGothic" ]; + serif = [ "DejaVu Serif" "IPAPMincho" ]; + }; + }; + packages = with pkgs; [ + (nerdfonts.override { fonts = [ "Iosevka" "FiraCode" ]; }) + ipafont + kochi-substitute + dejavu_fonts + ]; + }; + }; +} diff --git a/modules/games.nix b/modules/games.nix new file mode 100644 index 0000000..d47254d --- /dev/null +++ b/modules/games.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: let + cfg = config.santi-modules; +in with lib; { + options.santi-modules = { + games.enable = mkEnableOption "Enable all games"; + steam.enable = mkOption { + description = "Enable steam installation"; + default = cfg.games.enable; + type = types.bool; + }; + minecraft.enable = mkOption { + description = "Enable minecraft launcher"; + default = cfg.games.enable; + type = types.bool; + }; + }; + config = { + programs.steam = mkIf cfg.steam.enable { + enable = true; + remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play + dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server + }; + environment.systemPackages = mkIf cfg.minecraft.enable [ + pkgs.prismlauncher + ]; + }; +} diff --git a/modules/gnome.nix b/modules/gnome.nix deleted file mode 100644 index a80001f..0000000 --- a/modules/gnome.nix +++ /dev/null @@ -1,75 +0,0 @@ -{inputs, pkgs, ...}: -{ - config = { - # enable buffering for better perfomance - programs.dconf.enable = true; - # nixpkgs.overlays = [ - # (final: prev: { - # gnome = prev.gnome.overrideScope' (gnomeFinal: gnomePrev: { - # mutter = gnomePrev.mutter.overrideAttrs ( old: { - # src = pkgs.fetchgit { - # url = "https://gitlab.gnome.org/vanvugt/mutter.git"; - # # GNOME 45: triple-buffering-v4-45 - # rev = "0b896518b2028d9c4d6ea44806d093fd33793689"; - # sha256 = "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w="; - # }; - # } ); - # }); - # }) - # ]; - environment.systemPackages = with pkgs; [ - gnome-tweaks - tela-icon-theme - ] ++ (with gnomeExtensions; [ - appindicator - vitals - user-themes - graphite-gtk-theme - x11-gestures - gsconnect - ]); - - - # gsconnect specific - programs.firefox.nativeMessagingHosts.gsconnect.enable = true; - networking.firewall.allowedTCPPortRanges = [ - # KDE Connect - { from = 1714; to = 1764; } - ]; - networking.firewall.allowedUDPPortRanges = [ - # KDE Connect - { from = 1714; to = 1764; } - ]; - - environment.gnome.excludePackages = (with pkgs; [ - gnome-photos - gnome-tour - gedit - cheese - gnome-terminal - epiphany # web browser - geary # email reader - evince # document viewer - totem # video player - ]) ++ (with pkgs.gnome; [ - gnome-music - gnome-characters - tali # poker game - iagno # go game - hitori # sudoku game - atomix # puzzle game - ]); - services.xserver = { - displayManager.gdm = { - enable = true; - wayland = false; - }; - desktopManager.gnome.enable = true; - }; - services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; - services.gnome = { - gnome-browser-connector.enable = true; - gnome-keyring.enable = true; - }; - }; -} diff --git a/modules/gnome/default.nix b/modules/gnome/default.nix new file mode 100644 index 0000000..f0e7939 --- /dev/null +++ b/modules/gnome/default.nix @@ -0,0 +1,47 @@ +{ config, lib, pkgs, ...}: with lib; { + options.santi-modules.gnome.enable = mkEnableOption "Enable gnome"; + config = mkIf config.santi-modules.gnome.enable { + programs.dconf.enable = true; + environment.systemPackages = with pkgs; [ + gnome-tweaks + tela-icon-theme + ] ++ (with gnomeExtensions; [ + appindicator + vitals + user-themes + graphite-gtk-theme + x11-gestures + gsconnect + ]); + + environment.gnome.excludePackages = with pkgs; [ + gnome-photos + gnome-tour + gedit + cheese + gnome-terminal + epiphany # web browser + geary # email reader + evince # document viewer + totem # video player + gnome-music + gnome-characters + tali # poker game + iagno # go game + hitori # sudoku game + atomix # puzzle game + ]; + services.xserver = { + displayManager.gdm = { + enable = true; + wayland = false; + }; + desktopManager.gnome.enable = true; + }; + services.udev.packages = [ pkgs.gnome-settings-daemon ]; + services.gnome = { + gnome-browser-connector.enable = true; + gnome-keyring.enable = true; + }; + }; +} diff --git a/modules/gnome-config.nix b/modules/gnome/gnome-config.nix index 38a812d..099a692 100644 --- a/modules/gnome-config.nix +++ b/modules/gnome/gnome-config.nix @@ -1,9 +1,9 @@ -{ ... }: -{ +santi-modules: +{ lib, ... }: lib.optionalAttrs santi-modules.gnome.enable { dconf.settings = { "org/gnome/desktop/background" = { - picture-uri = "${../wallpaper.png}"; - picture-uri-dark = "${../wallpaper.png}"; + picture-uri = "${../../wallpaper.png}"; + picture-uri-dark = "${../../wallpaper.png}"; picture-options = "zoom"; }; "org/gnome/desktop/interface" = { |