diff --git a/hosts/firefly/boot/default.nix b/hosts/firefly/boot/default.nix
index 7025b25..b915f67 100644
--- a/hosts/firefly/boot/default.nix
+++ b/hosts/firefly/boot/default.nix
@@ -28,7 +28,7 @@ in {
initrd = {
systemd = {
enable = true;
- services.root-reset = {
+ services.root-reset = {
description = "Reset BTRFS root and snapshot last boot";
wantedBy = [ "initrd.target" ];
after = [ "dev-nixos-root.device" ];
diff --git a/hosts/firefly/default.nix b/hosts/firefly/default.nix
index a948715..da22f38 100644
--- a/hosts/firefly/default.nix
+++ b/hosts/firefly/default.nix
@@ -4,29 +4,15 @@
./boot
./disko
./hardware
-
- # Apps and programs
../../modules/system
- ../../modules/system/accounts
- ../../modules/system/desktop
- ../../modules/system/programs
- ../../modules/system/services
- ../../modules/system/services/pc/sunshine
- ../../modules/system/services/pc/virtualization/qemu
-
- # Devices and hardware
- ../../modules/system/devices
- ../../modules/system/devices/boot/lanzaboote
- ../../modules/system/devices/video/nvidia
- ../../modules/system/devices/networking/firewall/pc
-
- # Misc
- ../../overlays
- ../../variables
];
- networking.hostName = "firefly";
+ system.lanzaboote.enable = true;
+ system.wireless.enable = false;
+ system.wireguard.client.enable = false;
+ system.video.nvidia.enable = true;
+ system.libvirtd.enable = true;
- # Force Electron to use Wayland
+ networking.hostName = "firefly";
environment.sessionVariables.NIXOS_OZONE_WL = "1";
}
diff --git a/modules/home/programs/misc/avtools/default.nix b/modules/home/programs/misc/avtools/default.nix
index 2dd1ba2..c7a0f07 100644
--- a/modules/home/programs/misc/avtools/default.nix
+++ b/modules/home/programs/misc/avtools/default.nix
@@ -1,9 +1,11 @@
{ pkgs, ... }:
{
+ imports = [
+ ./spotdl
+ ./yt-dlp
+ ];
+
home.packages = with pkgs; [
- yt-dlp
- spotdl
- playerctl
ffmpeg
alsa-utils
puddletag
diff --git a/modules/home/programs/misc/avtools/spotdl/default.nix b/modules/home/programs/misc/avtools/spotdl/default.nix
new file mode 100644
index 0000000..24b029f
--- /dev/null
+++ b/modules/home/programs/misc/avtools/spotdl/default.nix
@@ -0,0 +1,5 @@
+{ pkgs, ... }:
+{
+ home.packages = with pkgs; [ spotdl ];
+ programs.zsh.shellAliases.spotdl = "spotdl --m3u --format opus";
+}
diff --git a/modules/home/programs/misc/avtools/yt-dlp/default.nix b/modules/home/programs/misc/avtools/yt-dlp/default.nix
new file mode 100644
index 0000000..fc4892d
--- /dev/null
+++ b/modules/home/programs/misc/avtools/yt-dlp/default.nix
@@ -0,0 +1,20 @@
+{ ... }:
+{
+ programs = {
+ yt-dlp = {
+ enable = true;
+ settings = {
+ add-metadata = true;
+ embed-thumbnail = true;
+ convert-thumbnails = "jpg";
+ audio-format = "opus";
+ output = ''"%(artist)s - %(title)s.%(ext)s"'';
+ };
+ };
+ zsh.shellAliases = {
+ ytm3u = "yt-dlp -gS proto:m3u8";
+ opusdl = ''yt-dlp -f ba -x --audio-quality 0'';
+ spotdl = "spotdl --m3u --format opus";
+ };
+ };
+}
diff --git a/modules/home/programs/terminal/fastfetch/config.jsonc b/modules/home/programs/terminal/fastfetch/config.jsonc
new file mode 100644
index 0000000..64c951a
--- /dev/null
+++ b/modules/home/programs/terminal/fastfetch/config.jsonc
@@ -0,0 +1,97 @@
+{
+ "$schema": "https://github.com/fastfetch-cli/fastfetch/raw/dev/doc/json_schema.json",
+ "logo": {
+ "source": "xenia",
+ "color": {
+ "1": "1;97",
+ "2": "red",
+ "3": "yellow"
+ }
+ },
+ "display": {
+ "separator": " \u001b[33m ",
+ "color": "red"
+ },
+ "modules": [
+ {
+ "type": "custom",
+ "format": "\u001b[1m—————————————————————————————————————"
+ },
+ {
+ "type": "host",
+ "key": " "
+ },
+ {
+ "type": "cpu",
+ "key": " "
+ },
+ {
+ "type": "gpu",
+ "key": " "
+ },
+ {
+ "type": "disk",
+ "folders": "/",
+ "key": " "
+ },
+ {
+ "type": "memory",
+ "format": "{/1}{-}{/}{/2}{-}{/}{} / {}",
+ "key": " "
+ },
+ {
+ "type": "display",
+ "compactType": "original",
+ "key": " "
+ },
+
+ {
+ "type": "custom",
+ "format": "\u001b[1m—————————————————————————————————————"
+ },
+ {
+ "type": "os",
+ "format": "{3} {12}",
+ "key": " "
+ },
+ {
+ "type": "kernel",
+ "format": "{1} {2}",
+ "key": " "
+ },
+ {
+ "type": "wm",
+ "key": " "
+ },
+ {
+ "type": "shell",
+ "key": " "
+ },
+ {
+ "type": "terminal",
+ "key": " "
+ },
+ {
+ "type": "packages",
+ "key": " "
+ },
+ {
+ "type": "uptime",
+ "key": " "
+ },
+ {
+ "type": "command",
+ "text": "date -d @$(stat -c %W /) '+%a %b %d %r %Z %Y'",
+ "key": " "
+ },
+
+ {
+ "type": "custom",
+ "format": "\u001b[1m—————————————————————————————————————"
+ },
+ {
+ "type": "custom",
+ "format": "\u001b[90m \u001b[31m \u001b[32m \u001b[33m \u001b[34m \u001b[35m \u001b[36m \u001b[37m"
+ }
+ ]
+}
diff --git a/modules/home/programs/terminal/fastfetch/default.nix b/modules/home/programs/terminal/fastfetch/default.nix
index d5d5560..9435f14 100644
--- a/modules/home/programs/terminal/fastfetch/default.nix
+++ b/modules/home/programs/terminal/fastfetch/default.nix
@@ -1,154 +1,6 @@
-{ pkgs, ... }:
+{ ... }:
{
- home = {
- file = let
- fastConf = ''
- {
- "$schema": "https://github.com/fastfetch-cli/fastfetch/raw/dev/doc/json_schema.json",
- "logo": {
- "source": "xenia",
- "color": {
- "1": "1;97",
- "2": "red",
- "3": "yellow"
- }
- },
- "display": {
- "separator": " \u001b[33m ",
- "color": "red"
- },
- "modules": [
- {
- "type": "custom",
- "format": "\u001b[1m—————————————————————————————————————"
- },
- {
- "type": "host",
- "key": " "
- },
- {
- "type": "cpu",
- "key": " "
- },
- {
- "type": "gpu",
- "key": " "
- },
- {
- "type": "disk",
- "folders": "/",
- "key": " "
- },
- {
- "type": "memory",
- "format": "{/1}{-}{/}{/2}{-}{/}{} / {}",
- "key": " "
- },
- {
- "type": "display",
- "compactType": "original",
- "key": " "
- },
-
- {
- "type": "custom",
- "format": "\u001b[1m—————————————————————————————————————"
- },
- {
- "type": "os",
- "format": "{3} {12}",
- "key": " "
- },
- {
- "type": "kernel",
- "format": "{1} {2}",
- "key": " "
- },
- {
- "type": "wm",
- "key": " "
- },
- {
- "type": "shell",
- "key": " "
- },
- {
- "type": "terminal",
- "key": " "
- },
- {
- "type": "packages",
- "key": " "
- },
- {
- "type": "uptime",
- "key": " "
- },
- {
- "type": "command",
- "text": "date -d @$(stat -c %W /) '+%a %b %d %r %Z %Y'",
- "key": " "
- },
-
- {
- "type": "custom",
- "format": "\u001b[1m—————————————————————————————————————"
- },
- {
- "type": "custom",
- "format": "\u001b[90m \u001b[31m \u001b[32m \u001b[33m \u001b[34m \u001b[35m \u001b[36m \u001b[37m"
- }
- ]
- }
- '';
- in {
- # Fastfetch config
- ".config/fastfetch/config.jsonc".text = fastConf;
- };
- packages = let
- # Small Neofetch config
- pFetch = let
- smallConf = pkgs.writeText "smallconf.jsonc" ''
- {
- "$schema": "https://github.com/fastfetch-cli/fastfetch/raw/dev/doc/json_schema.json",
- "logo": {
- "type": "small"
- },
- "modules": [
- {
- "type": "os",
- "format": "{3} {12}",
- "key": " "
- },
- {
- "type": "host",
- "key": " "
- },
- {
- "type": "kernel",
- "format": "{1} {2}",
- "key": " "
- },
- {
- "type": "uptime",
- "key": " "
- },
- {
- "type": "packages",
- "key": " "
- },
- {
- "type": "memory",
- "format": "{/1}{-}{/}{/2}{-}{/}{} / {}",
- "key": " "
- }
- ]
- }
- '';
- in pkgs.writeScriptBin "pfetch"
- ''fastfetch --config ${smallConf}'';
- in with pkgs; [
- fastfetch pFetch
- ];
- };
+ imports = [ ./small ];
+ home.file.".config/fastfetch/config.jsonc".source = ./config.jsonc;
+ programs.fastfetch.enable = true;
}
diff --git a/modules/home/programs/terminal/fastfetch/small/default.nix b/modules/home/programs/terminal/fastfetch/small/default.nix
new file mode 100644
index 0000000..9589f19
--- /dev/null
+++ b/modules/home/programs/terminal/fastfetch/small/default.nix
@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+{
+ home = {
+ file.".config/fastfetch/small.jsonc".source = ./small.jsonc;
+ packages = let
+ pFetch = pkgs.writeScriptBin "pfetch" "fastfetch --config ~/.config/fastfetch/small.jsonc";
+ in with pkgs; [ pFetch ];
+ };
+}
diff --git a/modules/home/programs/terminal/fastfetch/small/small.jsonc b/modules/home/programs/terminal/fastfetch/small/small.jsonc
new file mode 100644
index 0000000..37d5040
--- /dev/null
+++ b/modules/home/programs/terminal/fastfetch/small/small.jsonc
@@ -0,0 +1,34 @@
+{
+ "logo": {
+ "type": "small"
+ },
+ "modules": [
+ {
+ "type": "os",
+ "format": "{3} {12}",
+ "key": " "
+ },
+ {
+ "type": "host",
+ "key": " "
+ },
+ {
+ "type": "kernel",
+ "format": "{1} {2}",
+ "key": " "
+ },
+ {
+ "type": "uptime",
+ "key": " "
+ },
+ {
+ "type": "packages",
+ "key": " "
+ },
+ {
+ "type": "memory",
+ "format": "{/1}{-}{/}{/2}{-}{/}{} / {}",
+ "key": " "
+ }
+ ]
+}
diff --git a/modules/home/programs/terminal/ranger/default.nix b/modules/home/programs/terminal/ranger/default.nix
index ab41bbe..dc88d22 100644
--- a/modules/home/programs/terminal/ranger/default.nix
+++ b/modules/home/programs/terminal/ranger/default.nix
@@ -6,7 +6,6 @@
preview_images = true;
preview_images_method = "sixel";
dirname_in_tabs = true;
- cd_tab_fuzzy = true;
autosave_bookmarks = false;
show_hidden = true;
wrap_scroll = true;
@@ -102,28 +101,24 @@
# Ranger's bookmarks and necessary tools
home = {
- file = let
- rangerBookmarks = ''
+ file = {
+ ".local/share/ranger/bookmarks".text = ''
# Local files
h:/home/jimbo/
k:/home/jimbo/Downloads
v:/home/jimbo/Videos
c:/home/jimbo/.config
- L:/home/jimbo/.local
- D:/mnt
+ l:/home/jimbo/.local
+ d:/mnt
n:/etc/nixos
# Remote files
- j:/home/jimbo/JimboNFS
+ J:/home/jimbo/JimboNFS
K:/home/jimbo/JimboNFS/Downloads
- p:/home/jimbo/JimboNFS/Photos
- P:/home/jimbo/JimboNFS/Projects
+ P:/home/jimbo/JimboNFS/Photos
V:/home/jimbo/JimboNFS/Videos/Random
- m:/home/jimbo/JimboNFS/Music/Synced
- s:/home/jimbo/JimboNFS/School
+ M:/home/jimbo/JimboNFS/Music/Synced
'';
- in {
- ".local/share/ranger/bookmarks".text = rangerBookmarks;
};
packages = with pkgs; [
imagemagick
diff --git a/modules/home/programs/terminal/tmux/default.nix b/modules/home/programs/terminal/tmux/default.nix
index 471f6e2..338fa76 100644
--- a/modules/home/programs/terminal/tmux/default.nix
+++ b/modules/home/programs/terminal/tmux/default.nix
@@ -2,19 +2,21 @@
{
programs.tmux = {
enable = true;
+ keyMode = "vi";
+ mouse = true;
+ terminal = "st-256color";
+ historyLimit = 4096;
+ baseIndex = 1;
extraConfig = ''
- set -g mouse on
- set -g base-index 1
- set -g default-terminal "st-256color"
- set -g history-limit 4096
- set -g set-titles on
- set -g set-titles-string "#T"
set -g status on
set -g status-left ""
set -g status-position bottom
set -g status-right "#[bg=brightblack]#[fg=dark_purple] #T "
set -g status-style "bg=black"
- setw -g pane-base-index 1
+
+ set -g set-titles on
+ set -g set-titles-string "#T"
+
setw -g window-status-format "#[bg=brightmagenta]#[fg=black] #I #[bg=brightblack]#[fg=white] #W "
setw -g window-status-current-format "#[bg=brightmagenta]#[fg=black] #I #[bg=white]#[fg=black] #W "
'';
diff --git a/modules/home/programs/terminal/zsh/default.nix b/modules/home/programs/terminal/zsh/default.nix
index cb7adf5..9736a41 100644
--- a/modules/home/programs/terminal/zsh/default.nix
+++ b/modules/home/programs/terminal/zsh/default.nix
@@ -30,17 +30,8 @@
ncat = "/usr/bin/env cat";
copycat = "wl-copy <";
sunshinehost = "WAYLAND_DISPLAY=wayland-1 DISPLAY=:1 sunshine -0";
- seneca = "ssh jhampton1@matrix.senecapolytechnic.ca";
-
- # Curl tools
myip = "curl ifconfig.co";
-
- # Download from sources
- ytdl = ''yt-dlp --embed-thumbnail --embed-metadata --output "%(title)s.%(ext)s"'';
- ytm3u = "yt-dlp -gS proto:m3u8";
- opusdl = "ytdl --recode-video opus";
- ytopus = "opusdl --format 251";
- spotdl = "spotdl --m3u --format opus";
+ seneca = "ssh jhampton1@matrix.senecapolytechnic.ca";
};
initExtra = ''
source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
diff --git a/modules/home/settings/fonts/default.nix b/modules/home/settings/fonts/default.nix
index 81f05e0..9768422 100644
--- a/modules/home/settings/fonts/default.nix
+++ b/modules/home/settings/fonts/default.nix
@@ -6,7 +6,9 @@
noto-fonts
sarasa-gothic
ubuntu_font_family
- (nerdfonts.override { fonts = [ "UbuntuMono" ]; })
+ (nerdfonts.override {
+ fonts = [ "UbuntuMono" ];
+ })
];
fonts.fontconfig = {
diff --git a/modules/home/settings/gtk/default.nix b/modules/home/settings/gtk/default.nix
index e7f9888..4bff99e 100644
--- a/modules/home/settings/gtk/default.nix
+++ b/modules/home/settings/gtk/default.nix
@@ -20,8 +20,10 @@
};
};
iconTheme = {
- package = pkgs.papirus-icon-theme.override { color = "${config.look.colors.folder}"; };
name = "Papirus-Dark";
+ package = pkgs.papirus-icon-theme.override {
+ color = "${config.look.colors.folder}";
+ };
};
cursorTheme = {
package = pkgs.simp1e-cursors;
diff --git a/modules/home/sway/autostart/default.nix b/modules/home/sway/autostart/default.nix
index 79cf26b..976e807 100644
--- a/modules/home/sway/autostart/default.nix
+++ b/modules/home/sway/autostart/default.nix
@@ -2,7 +2,7 @@
{
wayland.windowManager.sway = {
config = {
- bars = [{command = "waybar";}];
+ bars = [ {command = "waybar";} ];
startup = [
# Scratchpads
@@ -16,7 +16,6 @@
{command = "wl-copy";}
{command = "mako";}
{command = "sunshine";}
- {command = "${pkgs.rot8}/bin/rot8";}
# Polkit agent
{command = "${pkgs.mate.mate-polkit}/libexec/polkit-mate-authentication-agent-1";}
diff --git a/modules/system/default.nix b/modules/system/default.nix
index a5ad9a7..831a9c3 100644
--- a/modules/system/default.nix
+++ b/modules/system/default.nix
@@ -1,40 +1,18 @@
-{ config, pkgs, ... }:
+{ ... }:
{
- nix = {
- settings = {
- experimental-features = [
- "nix-command"
- "flakes"
- ];
- auto-optimise-store = true;
- };
- gc = {
- automatic = true;
- dates = "weekly";
- options = "--delete-older-than 1w";
- };
- };
-
- nixpkgs.config.allowUnfree = true;
+ imports = [
+ ./accounts
+ ./devices
+ ./options
+ ./programs
+ ./services
+ ./settings
+ ../../overlays
+ ../../variables
+ ];
time.timeZone = "America/Toronto";
-
- programs = {
- zsh.enable = true;
- nano.enable = false;
- };
-
- documentation = {
- nixos.enable = false;
- info.enable = false;
- };
-
- console = {
- font = "${pkgs.terminus_font}/share/consolefonts/ter-u22n.psf.gz";
- packages = with pkgs; [ terminus_font ];
- };
-
+ programs.nano.enable = false;
hardware.enableRedistributableFirmware = true;
-
system.stateVersion = "24.05";
}
diff --git a/modules/system/desktop/default.nix b/modules/system/desktop/default.nix
deleted file mode 100644
index e413a8c..0000000
--- a/modules/system/desktop/default.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ ... }:
-{
- imports = [
- ./qt
- ./wayland
- ./sway
- ];
-}
diff --git a/modules/system/desktop/wayland/default.nix b/modules/system/desktop/wayland/default.nix
deleted file mode 100644
index bedb8cf..0000000
--- a/modules/system/desktop/wayland/default.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ pkgs, ... }:
-{
- programs = {
- dconf.enable = true;
- light.enable = true;
- };
-
- services = {
- dbus.enable = true;
- tlp.enable = true;
- };
-}
diff --git a/modules/system/devices/audio/default.nix b/modules/system/devices/audio/default.nix
index 2a81b20..fed96bd 100644
--- a/modules/system/devices/audio/default.nix
+++ b/modules/system/devices/audio/default.nix
@@ -1,7 +1,7 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
{
services.pipewire = {
- enable = true;
+ enable = config.system.desktop.enable;
wireplumber = {
enable = true;
configPackages = [
diff --git a/modules/system/devices/bluetooth/default.nix b/modules/system/devices/bluetooth/default.nix
index 0f81c56..7d8550e 100644
--- a/modules/system/devices/bluetooth/default.nix
+++ b/modules/system/devices/bluetooth/default.nix
@@ -1,17 +1,15 @@
-{ ... }:
+{ lib, config, ... }:
{
- hardware.bluetooth = {
- enable = true;
- settings = {
- General.Experimental = "true";
- Policy.AutoEnable = "true";
+ config = lib.mkIf config.system.desktop.enable {
+ hardware.bluetooth = {
+ enable = true;
+ settings = {
+ General.Experimental = "true";
+ Policy.AutoEnable = "true";
+ };
};
+
+ systemd.tmpfiles.rules = [ "f /var/lib/systemd/linger/jimbo" ];
+ environment.persistence."/persist".directories = [ "/var/lib/bluetooth" ];
};
-
- # Lingering helps keep headphones connected
- systemd.tmpfiles.rules = [
- "f /var/lib/systemd/linger/jimbo"
- ];
-
- environment.persistence."/persist".directories = [ "/var/lib/bluetooth" ];
}
diff --git a/modules/system/devices/boot/default.nix b/modules/system/devices/boot/default.nix
new file mode 100644
index 0000000..45b5587
--- /dev/null
+++ b/modules/system/devices/boot/default.nix
@@ -0,0 +1,8 @@
+{ ... }:
+{
+ imports = [
+ ./extlinux
+ ./lanzaboote
+ ./systemd
+ ];
+}
diff --git a/modules/system/devices/boot/extlinux/default.nix b/modules/system/devices/boot/extlinux/default.nix
index f32c3f8..a6bb3c7 100644
--- a/modules/system/devices/boot/extlinux/default.nix
+++ b/modules/system/devices/boot/extlinux/default.nix
@@ -1,7 +1,18 @@
-{ ... }:
+{ lib, config, ... }:
{
- boot.loader = {
- generic-extlinux-compatible.enable = true;
- grub.enable = false;
+ options.system.extlinux = {
+ enable = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Enable Lanzaboote and force disable Systemd-boot";
+ };
+ };
+
+ config = lib.mkIf config.system.extlinux.enable {
+ boot.loader = {
+ generic-extlinux-compatible.enable = true;
+ systemd-boot.enable = lib.mkForce false;
+ grub.enable = lib.mkForce false;
+ };
};
}
diff --git a/modules/system/devices/boot/lanzaboote/default.nix b/modules/system/devices/boot/lanzaboote/default.nix
index dbe8e40..491e78a 100644
--- a/modules/system/devices/boot/lanzaboote/default.nix
+++ b/modules/system/devices/boot/lanzaboote/default.nix
@@ -1,15 +1,25 @@
-{ lanzaboote, pkgs, ... }:
+{ lanzaboote, lib, config, pkgs, ... }:
{
- imports = [
- lanzaboote.nixosModules.lanzaboote
- ];
+ imports = [ lanzaboote.nixosModules.lanzaboote ];
- boot.lanzaboote = {
- enable = true;
- pkiBundle = "/etc/secureboot";
+ options.system.lanzaboote = {
+ enable = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Enable Lanzaboote and force disable Systemd-boot";
+ };
};
- environment.systemPackages = with pkgs; [
- sbctl
- ];
+ config = lib.mkIf config.system.lanzaboote.enable {
+ boot = {
+ loader.systemd-boot.enable = lib.mkForce false;
+
+ lanzaboote = {
+ enable = true;
+ pkiBundle = "/etc/secureboot";
+ };
+ };
+
+ environment.systemPackages = with pkgs; [ sbctl ];
+ };
}
diff --git a/modules/system/devices/default.nix b/modules/system/devices/default.nix
index 41d1b70..0ccbcf4 100644
--- a/modules/system/devices/default.nix
+++ b/modules/system/devices/default.nix
@@ -3,8 +3,8 @@
imports = [
./audio
./bluetooth
- ./filesystems
- ./impermanence
+ ./boot
+ ./disks
./networking
./printing
./udev
diff --git a/modules/system/devices/disks/default.nix b/modules/system/devices/disks/default.nix
new file mode 100644
index 0000000..3576248
--- /dev/null
+++ b/modules/system/devices/disks/default.nix
@@ -0,0 +1,8 @@
+{ ... }:
+{
+ imports = [
+ ./filesystems
+ ./impermanence
+ ./snapper
+ ];
+}
diff --git a/modules/system/devices/filesystems/default.nix b/modules/system/devices/disks/filesystems/default.nix
similarity index 66%
rename from modules/system/devices/filesystems/default.nix
rename to modules/system/devices/disks/filesystems/default.nix
index 522fb9f..08606b3 100644
--- a/modules/system/devices/filesystems/default.nix
+++ b/modules/system/devices/disks/filesystems/default.nix
@@ -1,7 +1,6 @@
-{ lib, ... }:
+{ ... }:
{
boot.supportedFilesystems = {
ntfs = true;
- zfs = lib.mkForce false;
};
}
diff --git a/modules/system/devices/impermanence/default.nix b/modules/system/devices/disks/impermanence/default.nix
similarity index 100%
rename from modules/system/devices/impermanence/default.nix
rename to modules/system/devices/disks/impermanence/default.nix
diff --git a/modules/system/devices/impermanence/jimbo/default.nix b/modules/system/devices/disks/impermanence/jimbo/default.nix
similarity index 99%
rename from modules/system/devices/impermanence/jimbo/default.nix
rename to modules/system/devices/disks/impermanence/jimbo/default.nix
index ad244aa..f007f39 100644
--- a/modules/system/devices/impermanence/jimbo/default.nix
+++ b/modules/system/devices/disks/impermanence/jimbo/default.nix
@@ -6,9 +6,10 @@
directories = [
"Downloads"
"Documents"
- "Games"
"Pictures"
"Videos"
+ "Games"
+
".snapshots"
".mozilla"
".thunderbird"
diff --git a/modules/system/devices/impermanence/root/default.nix b/modules/system/devices/disks/impermanence/root/default.nix
similarity index 100%
rename from modules/system/devices/impermanence/root/default.nix
rename to modules/system/devices/disks/impermanence/root/default.nix
diff --git a/modules/system/services/pc/snapper/default.nix b/modules/system/devices/disks/snapper/default.nix
similarity index 100%
rename from modules/system/services/pc/snapper/default.nix
rename to modules/system/devices/disks/snapper/default.nix
diff --git a/modules/system/services/pc/snapper/jimbo/default.nix b/modules/system/devices/disks/snapper/jimbo/default.nix
similarity index 100%
rename from modules/system/services/pc/snapper/jimbo/default.nix
rename to modules/system/devices/disks/snapper/jimbo/default.nix
diff --git a/modules/system/services/pc/snapper/root/default.nix b/modules/system/devices/disks/snapper/root/default.nix
similarity index 100%
rename from modules/system/services/pc/snapper/root/default.nix
rename to modules/system/devices/disks/snapper/root/default.nix
diff --git a/modules/system/devices/networking/default.nix b/modules/system/devices/networking/default.nix
index 952c3dc..8ac8acd 100644
--- a/modules/system/devices/networking/default.nix
+++ b/modules/system/devices/networking/default.nix
@@ -1,5 +1,11 @@
{ ... }:
{
+ imports = [
+ ./firewall
+ ./wireguard
+ ./wireless
+ ];
+
networking = {
wireless.enable = false;
dhcpcd.enable = true;
diff --git a/modules/system/devices/networking/firewall/default.nix b/modules/system/devices/networking/firewall/default.nix
new file mode 100644
index 0000000..272f098
--- /dev/null
+++ b/modules/system/devices/networking/firewall/default.nix
@@ -0,0 +1,63 @@
+{ lib, config, ... }:
+{
+ options.system.firewall = {
+ server = {
+ enable = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Enable server firewall settings";
+ };
+ };
+ };
+
+ config = {
+ networking = {
+ firewall = {
+ allowPing = false;
+ extraInputRules = lib.mkIf (!config.system.firewall.server.enable) ''
+ ip saddr { ${config.ips.server}, ${config.ips.wgSpan}.1 } accept comment "Accept Server"
+ '' // lib.mkIf config.system.firewall.server.enable ''
+ ip saddr { ${config.ips.localSpan}.0/24, ${config.ips.wgSpan}.0/24 } tcp dport 2049 accept comment "Accept NFS"
+ ip saddr { ${config.ips.pc}, ${config.secrets.lunaIP}, ${config.secrets.cornIP} } tcp dport { 1935, 1945 } accept comment "Accept RTMP"
+ '';
+ };
+
+ # Nftables configuration only if server is enabled
+ nftables = lib.mkIf config.system.firewall.server.enable {
+ tables = {
+ forwarding = {
+ family = "ip";
+ content = ''
+ chain PREROUTING {
+ type nat hook prerouting priority dstnat; policy accept;
+ tcp dport 2211 dnat to ${config.ips.pc}:22 comment "SSH to PC"
+ tcp dport 2222 dnat to ${config.ips.wgSpan}.19:22 comment "SSH to Oracle VM"
+
+ udp dport { 27005, 27015, 7777 } dnat to ${config.ips.pc} comment "PC Hosted Games"
+
+ tcp dport { 58010, 57989, 57984 } dnat to ${config.ips.pc} comment "PC Sunshine TCP"
+ udp dport { 57998, 57999, 58000 } dnat to ${config.ips.pc} comment "PC Sunshine UDP"
+
+ tcp dport { 38010, 37989, 37984 } dnat to ${config.ips.vm} comment "VM Sunshine TCP"
+ udp dport { 37998, 37999, 38000 } dnat to ${config.ips.vm} comment "VM Sunshine UDP"
+
+ udp dport { 7790, 7791, 7792 } dnat to ${config.ips.hx} comment "Deus Ex"
+
+ ip saddr ${config.secrets.cornIP} tcp dport { 9943, 9944 } dnat to ${config.ips.vm} comment "VM ALVR TCP"
+ ip saddr ${config.secrets.cornIP} udp dport { 9943, 9944 } dnat to ${config.ips.vm} comment "VM ALVR UDP"
+ }
+
+ chain POSTROUTING {
+ type nat hook postrouting priority 100; policy accept;
+ oifname "${config.ips.netInt}" masquerade
+ }
+ '';
+ };
+ };
+ };
+ };
+
+ # Enable IP forwarding for the server configuration
+ boot.kernel.sysctl."net.ipv4.ip_forward" = lib.mkIf config.system.firewall.server.enable 1;
+ };
+}
diff --git a/modules/system/devices/networking/firewall/pc/default.nix b/modules/system/devices/networking/firewall/pc/default.nix
deleted file mode 100644
index 156c2d6..0000000
--- a/modules/system/devices/networking/firewall/pc/default.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ config, ... }:
-{
- networking.firewall = {
- allowPing = false;
- extraInputRules = ''
- ip saddr { ${config.ips.server}, ${config.ips.wgSpan}.1 } accept comment "Accept Server"
- '';
- };
-}
diff --git a/modules/system/devices/networking/firewall/server/default.nix b/modules/system/devices/networking/firewall/server/default.nix
deleted file mode 100644
index 8c0a376..0000000
--- a/modules/system/devices/networking/firewall/server/default.nix
+++ /dev/null
@@ -1,50 +0,0 @@
-{ config, ... }:
-{
- # Allow forwarding
- boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
-
- # Configure firewall
- networking = {
- firewall = {
- allowPing = false;
- extraInputRules = ''
- ip saddr { ${config.ips.localSpan}.0/24, ${config.ips.wgSpan}.0/24 } tcp dport 2049 accept comment "Accept NFS"
- ip saddr { ${config.ips.pc}, ${config.secrets.lunaIP}, ${config.secrets.cornIP} } tcp dport { 1935, 1945 } accept comment "Accept RTMP"
- '';
- };
-
- # Enable nftables and forwarding
- nftables = {
- tables = {
- forwarding = {
- family = "ip";
- content = ''
- chain PREROUTING {
- type nat hook prerouting priority dstnat; policy accept;
- tcp dport 2211 dnat to ${config.ips.pc}:22 comment "SSH to PC"
- tcp dport 2222 dnat to ${config.ips.wgSpan}.19:22 comment "SSH to Oracle VM"
-
- udp dport { 27005, 27015, 7777 } dnat to ${config.ips.pc} comment "PC Hosted Games"
-
- tcp dport { 58010, 57989, 57984 } dnat to ${config.ips.pc} comment "PC Sunshine TCP"
- udp dport { 57998, 57999, 58000 } dnat to ${config.ips.pc} comment "PC Sunshine UDP"
-
- tcp dport { 38010, 37989, 37984 } dnat to ${config.ips.vm} comment "VM Sunshine TCP"
- udp dport { 37998, 37999, 38000 } dnat to ${config.ips.vm} comment "VM Sunshine UDP"
-
- udp dport { 7790, 7791, 7792 } dnat to ${config.ips.hx} comment "Deus Ex"
-
- ip saddr ${config.secrets.cornIP} tcp dport { 9943, 9944 } dnat to ${config.ips.vm} comment "VM ALVR TCP"
- ip saddr ${config.secrets.cornIP} udp dport { 9943, 9944 } dnat to ${config.ips.vm} comment "VM ALVR UDP"
- }
-
- chain POSTROUTING {
- type nat hook postrouting priority 100; policy accept;
- oifname "${config.ips.netInt}" masquerade
- }
- '';
- };
- };
- };
- };
-}
diff --git a/modules/system/devices/networking/wireguard/default.nix b/modules/system/devices/networking/wireguard/default.nix
new file mode 100644
index 0000000..95d4be2
--- /dev/null
+++ b/modules/system/devices/networking/wireguard/default.nix
@@ -0,0 +1,63 @@
+{ lib, config, ... }:
+{
+ options.system.wireguard = {
+ client = {
+ enable = lib.mkOption {
+ type = lib.types.bool;
+ default = true;
+ description = "Enable WireGuard client";
+ };
+ };
+ server = {
+ enable = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Enable WireGuard server";
+ };
+ };
+ };
+
+ config = {
+ networking = {
+ firewall.allowedUDPPorts = [ 51820 ];
+
+ nat = {
+ enable = config.system.wireguard.server.enable;
+ externalInterface = "${config.ips.netInt}";
+ internalInterfaces = [ "${config.ips.wgInt}" ];
+ };
+
+ wireguard.interfaces = {
+ "wgc" = lib.mkIf config.system.wireguard.client.enable {
+ # Define IP of client in per device config
+ listenPort = 51820;
+ privateKey = config.secrets.wgClientPriv;
+ peers = [
+ { # NixOS Server
+ publicKey = "qnOT/lXOJMaQgDUdXpyfGZB2IEyUouRje2m/bCe9ux8=";
+ allowedIPs = [ "${config.ips.wgSpan}.0/24" ];
+ endpoint = "sv.${config.domains.jim1}:51820";
+ persistentKeepalive = 25;
+ }
+ ];
+ };
+
+ "wgs" = lib.mkIf config.system.wireguard.server.enable {
+ ips = [ "${config.ips.wgSpan}.1/24" ];
+ listenPort = 51820;
+ privateKey = config.secrets.wgServerPriv;
+ peers = [
+ { # NixOS
+ publicKey = "OKUH/h6YSURI4vgeTZKQD15QsqaygdbTn1mAWzQp9S0=";
+ allowedIPs = [ "${config.ips.wgSpan}.16/28" ];
+ }
+ { # Pixel 9
+ publicKey = "dPCtjm67adMZCnyL1O2L+uUOk0RbjA9T/tht1r+qcE4=";
+ allowedIPs = [ "${config.ips.wgSpan}.2/32" ];
+ }
+ ];
+ };
+ };
+ };
+ };
+}
diff --git a/modules/system/devices/networking/wireguard/pc/default.nix b/modules/system/devices/networking/wireguard/pc/default.nix
deleted file mode 100644
index 8c9d8e6..0000000
--- a/modules/system/devices/networking/wireguard/pc/default.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ config, ... }:
-{
- networking = {
- firewall.allowedUDPPorts = [ 51820 ];
-
- wireguard.interfaces = {
- "${config.ips.wgInt}" = {
- # Define IP of client in per device config
- listenPort = 51820;
- privateKey = config.secrets.wgClientPriv;
- peers = [
- { # NixOS Server
- publicKey = "qnOT/lXOJMaQgDUdXpyfGZB2IEyUouRje2m/bCe9ux8=";
- allowedIPs = [ "${config.ips.wgSpan}.0/24" ];
- endpoint = "sv.${config.domains.jim1}:51820";
- persistentKeepalive = 25;
- }
- ];
- };
- };
- };
-}
diff --git a/modules/system/devices/networking/wireguard/server/default.nix b/modules/system/devices/networking/wireguard/server/default.nix
deleted file mode 100644
index d551ff2..0000000
--- a/modules/system/devices/networking/wireguard/server/default.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{ config, ... }:
-{
- networking = {
- nat = {
- enable = true;
- externalInterface = "${config.ips.netInt}";
- internalInterfaces = [ "${config.ips.wgInt}" ];
- };
-
- firewall.allowedUDPPorts = [ 51820 ];
-
- wireguard.interfaces = {
- "${config.ips.wgInt}" = {
- ips = [ "${config.ips.wgSpan}.1/24" ];
- listenPort = 51820;
- privateKey = config.secrets.wgServerPriv;
- peers = [
- { # NixOS
- publicKey = "OKUH/h6YSURI4vgeTZKQD15QsqaygdbTn1mAWzQp9S0=";
- allowedIPs = [ "${config.ips.wgSpan}.16/28" ];
- }
- { # Pixel 9
- publicKey = "dPCtjm67adMZCnyL1O2L+uUOk0RbjA9T/tht1r+qcE4=";
- allowedIPs = [ "${config.ips.wgSpan}.2/32" ];
- }
- ];
- };
- };
- };
-}
diff --git a/modules/system/devices/networking/wireless/default.nix b/modules/system/devices/networking/wireless/default.nix
index b398e46..c5f2cd9 100644
--- a/modules/system/devices/networking/wireless/default.nix
+++ b/modules/system/devices/networking/wireless/default.nix
@@ -1,12 +1,22 @@
-{ pkgs, ... }:
+{ config, lib, pkgs, ... }:
{
- networking = {
- wireless.iwd.enable = true;
- enableB43Firmware = true;
+ options.system.wireless = {
+ enable = lib.mkOption {
+ type = lib.types.bool;
+ default = true;
+ description = "Enable Wifi with iwd";
+ };
};
- environment = {
- persistence."/persist".directories = [ "/var/lib/iwd/" ];
- systemPackages = with pkgs; [ unstable.impala ];
+ config = lib.mkIf config.system.wireless.enable {
+ networking = {
+ wireless.iwd.enable = true;
+ enableB43Firmware = true;
+ };
+
+ environment = {
+ systemPackages = with pkgs; [ unstable.impala ];
+ persistence."/persist".directories = [ "/var/lib/iwd/" ];
+ };
};
}
diff --git a/modules/system/devices/printing/default.nix b/modules/system/devices/printing/default.nix
index 5621942..eb7191a 100644
--- a/modules/system/devices/printing/default.nix
+++ b/modules/system/devices/printing/default.nix
@@ -1,19 +1,19 @@
-{ pkgs, ... }:
+{ config, lib, pkgs, ... }:
{
- services = {
- printing = {
- enable = true;
- drivers = with pkgs; [ hplip ];
- webInterface = false;
+ config = lib.mkIf config.system.desktop.enable {
+ services = {
+ printing = {
+ enable = true;
+ drivers = with pkgs; [ hplip ];
+ webInterface = false;
+ };
+ avahi = {
+ enable = true;
+ nssmdns4 = true;
+ openFirewall = true;
+ };
};
- avahi = {
- enable = true;
- nssmdns4 = true;
- openFirewall = true;
- };
- };
- environment.systemPackages = with pkgs; [
- system-config-printer
- ];
+ environment.systemPackages = with pkgs; [ system-config-printer ];
+ };
}
diff --git a/modules/system/devices/udev/oculus/default.nix b/modules/system/devices/udev/oculus/default.nix
index 1302300..9789b9e 100644
--- a/modules/system/devices/udev/oculus/default.nix
+++ b/modules/system/devices/udev/oculus/default.nix
@@ -1,12 +1,12 @@
{ pkgs, ... }:
{
- services.udev = let
- oculusRules = pkgs.writeTextFile {
- name = "10-oculus.rules";
- text = ''KERNEL=="hidraw*", ATTRS{idVendor}=="0e6f", ATTRS{idProduct}=="0184", MODE="0660", TAG+="uaccess"'';
- destination = "/etc/udev/rules.d/10-oculus.rules";
- };
- in {
- packages = [ oculusRules ];
+ services.udev = {
+ packages = [
+ (pkgs.writeTextFile {
+ name = "10-oculus.rules";
+ text = ''KERNEL=="hidraw*", ATTRS{idVendor}=="0e6f", ATTRS{idProduct}=="0184", MODE="0660", TAG+="uaccess"'';
+ destination = "/etc/udev/rules.d/10-oculus.rules";
+ })
+ ];
};
}
diff --git a/modules/system/devices/udev/pdp/default.nix b/modules/system/devices/udev/pdp/default.nix
index bba5fd8..15d4e6a 100644
--- a/modules/system/devices/udev/pdp/default.nix
+++ b/modules/system/devices/udev/pdp/default.nix
@@ -1,12 +1,12 @@
{ pkgs, ... }:
{
- services.udev = let
- pdpRules = pkgs.writeTextFile {
- name = "10-pdp.rules";
- text = ''SUBSYSTEM=="usb", ATTR{idVendor}=="2833", MODE="0666"'';
- destination = "/etc/udev/rules.d/10-pdp.rules";
- };
- in {
- packages = [ pdpRules ];
+ services.udev = {
+ packages = [
+ (pkgs.writeTextFile {
+ name = "10-pdp.rules";
+ text = ''SUBSYSTEM=="usb", ATTR{idVendor}=="2833", MODE="0666"'';
+ destination = "/etc/udev/rules.d/10-pdp.rules";
+ })
+ ];
};
}
diff --git a/modules/system/devices/video/default.nix b/modules/system/devices/video/default.nix
index 34ef10a..1b71688 100644
--- a/modules/system/devices/video/default.nix
+++ b/modules/system/devices/video/default.nix
@@ -1,7 +1,9 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
{
+ imports = [ ./nvidia ];
+
hardware.opengl = {
- enable = true;
+ enable = config.system.desktop.enable;
driSupport32Bit = true;
extraPackages = with pkgs; [
vulkan-loader
diff --git a/modules/system/devices/video/nouveau/default.nix b/modules/system/devices/video/nouveau/default.nix
deleted file mode 100644
index 41aeb2c..0000000
--- a/modules/system/devices/video/nouveau/default.nix
+++ /dev/null
@@ -1,4 +0,0 @@
-{ config, lib, ... }:
-{
- services.xserver.videoDrivers = [ "nouveau" ];
-}
diff --git a/modules/system/devices/video/nvidia/default.nix b/modules/system/devices/video/nvidia/default.nix
index b50af2d..45fec2a 100644
--- a/modules/system/devices/video/nvidia/default.nix
+++ b/modules/system/devices/video/nvidia/default.nix
@@ -1,10 +1,35 @@
-{ pkgs, config, lib, ... }:
+{ lib, pkgs, config, ... }:
{
- services.xserver.videoDrivers = [ "nvidia" ];
- hardware.nvidia = {
- modesetting.enable = true;
- nvidiaSettings = false;
- package = config.boot.kernelPackages.nvidiaPackages.beta;
- open = false;
+ options.system.video = {
+ nvidia = {
+ enable = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Enable the proprietary Nvidia stack";
+ };
+ };
+ nouveau = {
+ enable = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Enable the open-source Nouveau driver";
+ };
+ };
+ };
+
+ config = {
+ # Conditionally set video drivers based on the options
+ services.xserver.videoDrivers =
+ if config.system.video.nvidia.enable then [ "nvidia" ]
+ else if config.system.video.nouveau.enable then [ "nouveau" ]
+ else [];
+
+ # Configure Nvidia settings if Nvidia is enabled
+ hardware.nvidia = lib.mkIf config.system.video.nvidia.enable {
+ modesetting.enable = true;
+ nvidiaSettings = false;
+ package = config.boot.kernelPackages.nvidiaPackages.beta;
+ open = false;
+ };
};
}
diff --git a/modules/system/options/default.nix b/modules/system/options/default.nix
new file mode 100644
index 0000000..05fe34e
--- /dev/null
+++ b/modules/system/options/default.nix
@@ -0,0 +1,18 @@
+{ lib, ... }:
+with lib; {
+ options = {
+ system = {
+ desktop.enable = mkOption {
+ type = types.bool;
+ default = true;
+ description = "Enable desktop apps and services?";
+ };
+
+ server.enable = mkOption {
+ type = types.bool;
+ default = false;
+ description = "Enable server services?";
+ };
+ };
+ };
+}
diff --git a/modules/system/programs/appimage/default.nix b/modules/system/programs/appimage/default.nix
index a890a25..332b986 100644
--- a/modules/system/programs/appimage/default.nix
+++ b/modules/system/programs/appimage/default.nix
@@ -1,7 +1,7 @@
-{ ... }:
+{ config, ... }:
{
programs.appimage = {
- enable = true;
- binfmt = true;
+ enable = config.system.desktop.enable;
+ binfmt = config.system.desktop.enable;
};
}
diff --git a/modules/system/programs/backlights/default.nix b/modules/system/programs/backlights/default.nix
new file mode 100644
index 0000000..938d7d9
--- /dev/null
+++ b/modules/system/programs/backlights/default.nix
@@ -0,0 +1,7 @@
+{ config, ... }:
+{
+ programs = {
+ light.enable = config.system.desktop.enable;
+ kbdlight.enable = config.system.desktop.enable;
+ };
+}
diff --git a/modules/system/programs/dconf/default.nix b/modules/system/programs/dconf/default.nix
new file mode 100644
index 0000000..d552c82
--- /dev/null
+++ b/modules/system/programs/dconf/default.nix
@@ -0,0 +1,4 @@
+{ config, ... }:
+{
+ programs.dconf.enable = config.system.desktop.enable;
+}
diff --git a/modules/system/programs/default.nix b/modules/system/programs/default.nix
index cbc336a..bf0de77 100644
--- a/modules/system/programs/default.nix
+++ b/modules/system/programs/default.nix
@@ -2,8 +2,13 @@
{
imports = [
./appimage
+ ./backlights
+ ./dconf
./gaming
./git
+ ./qt
./security
+ ./shells
+ ./sway
];
}
diff --git a/modules/system/programs/gaming/default.nix b/modules/system/programs/gaming/default.nix
index 87b879f..7a1470d 100644
--- a/modules/system/programs/gaming/default.nix
+++ b/modules/system/programs/gaming/default.nix
@@ -1,9 +1,9 @@
-{ ... }:
+{ config, ... }:
{
programs.gamemode = {
- enable = true;
+ enable = config.system.desktop.enable;
settings.general.renice = 10;
};
- hardware.steam-hardware.enable = true;
+ hardware.steam-hardware.enable = config.system.desktop.enable;
}
diff --git a/modules/system/programs/git/default.nix b/modules/system/programs/git/default.nix
index 42a3d3c..6772d03 100644
--- a/modules/system/programs/git/default.nix
+++ b/modules/system/programs/git/default.nix
@@ -1,8 +1,6 @@
{ ... }:
{
- imports = [
- ./gpg
- ];
+ imports = [ ./gpg ];
programs.git = {
enable = true;
diff --git a/modules/system/programs/git/gpg/default.nix b/modules/system/programs/git/gpg/default.nix
index 7fbd7dd..9001ff2 100644
--- a/modules/system/programs/git/gpg/default.nix
+++ b/modules/system/programs/git/gpg/default.nix
@@ -5,7 +5,5 @@
enableSSHSupport = true;
};
- environment.systemPackages = with pkgs; [
- git-crypt
- ];
+ environment.systemPackages = with pkgs; [ git-crypt ];
}
diff --git a/modules/system/desktop/qt/default.nix b/modules/system/programs/qt/default.nix
similarity index 52%
rename from modules/system/desktop/qt/default.nix
rename to modules/system/programs/qt/default.nix
index c52443f..f887517 100644
--- a/modules/system/desktop/qt/default.nix
+++ b/modules/system/programs/qt/default.nix
@@ -1,7 +1,7 @@
-{ ... }:
+{ config, ... }:
{
qt = {
- enable = true;
+ enable = config.system.desktop.enable;
style = "gtk2";
platformTheme = "gtk2";
};
diff --git a/modules/system/programs/shells/default.nix b/modules/system/programs/shells/default.nix
new file mode 100644
index 0000000..c6b1132
--- /dev/null
+++ b/modules/system/programs/shells/default.nix
@@ -0,0 +1,4 @@
+{ ... }:
+{
+ programs.zsh.enable = true;
+}
diff --git a/modules/system/desktop/sway/default.nix b/modules/system/programs/sway/default.nix
similarity index 61%
rename from modules/system/desktop/sway/default.nix
rename to modules/system/programs/sway/default.nix
index 119e43e..dbcfdbb 100644
--- a/modules/system/desktop/sway/default.nix
+++ b/modules/system/programs/sway/default.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
{
imports = [
./greetd
@@ -6,11 +6,11 @@
];
programs.sway = {
- enable = true;
+ enable = config.system.desktop.enable;
package = pkgs.unstable.sway;
extraPackages = with pkgs; [ swaylock ];
};
- # Allow swaylock to function
+ services.dbus.enable = config.system.desktop.enable;
security.pam.services.swaylock = {};
}
diff --git a/modules/system/desktop/sway/greetd/default.nix b/modules/system/programs/sway/greetd/default.nix
similarity index 91%
rename from modules/system/desktop/sway/greetd/default.nix
rename to modules/system/programs/sway/greetd/default.nix
index 7a43f00..1b6431e 100644
--- a/modules/system/desktop/sway/greetd/default.nix
+++ b/modules/system/programs/sway/greetd/default.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
{
# Configure greetd for login directly to Sway
services.greetd = let
@@ -17,7 +17,7 @@
sway --unsupported-gpu
'';
in {
- enable = true;
+ enable = config.system.desktop.enable;
restart = true;
settings = {
terminal = {
diff --git a/modules/system/desktop/sway/portals/default.nix b/modules/system/programs/sway/portals/default.nix
similarity index 68%
rename from modules/system/desktop/sway/portals/default.nix
rename to modules/system/programs/sway/portals/default.nix
index 64f9c2a..cc021d4 100644
--- a/modules/system/desktop/sway/portals/default.nix
+++ b/modules/system/programs/sway/portals/default.nix
@@ -1,16 +1,13 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
{
xdg.portal = {
wlr = {
- enable = true;
+ enable = config.system.desktop.enable;
settings.screencast = {
max_fps = 60;
chooser_type = "simple";
chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or -B 00000066 -b 00000099";
};
};
- extraPortals = with pkgs; [
- xdg-desktop-portal-gtk
- ];
};
}
diff --git a/modules/system/services/common/default.nix b/modules/system/services/common/default.nix
index 837aa1e..c58fe30 100644
--- a/modules/system/services/common/default.nix
+++ b/modules/system/services/common/default.nix
@@ -1,6 +1,7 @@
{ ... }:
{
imports = [
+ ./keyd
./ssh
];
}
diff --git a/modules/system/services/pc/keyd/default.nix b/modules/system/services/common/keyd/default.nix
similarity index 100%
rename from modules/system/services/pc/keyd/default.nix
rename to modules/system/services/common/keyd/default.nix
diff --git a/modules/system/services/common/ssh/default.nix b/modules/system/services/common/ssh/default.nix
index 03b5dc3..81ffd07 100644
--- a/modules/system/services/common/ssh/default.nix
+++ b/modules/system/services/common/ssh/default.nix
@@ -1,8 +1,6 @@
{ ... }:
{
- imports = [
- ./fail2ban
- ];
+ imports = [ ./fail2ban ];
services.openssh = {
enable = true;
diff --git a/modules/system/services/default.nix b/modules/system/services/default.nix
index 4c94199..81fa48b 100644
--- a/modules/system/services/default.nix
+++ b/modules/system/services/default.nix
@@ -3,5 +3,6 @@
imports = [
./common
./pc
+ #./server
];
}
diff --git a/modules/system/services/pc/default.nix b/modules/system/services/pc/default.nix
index bf26507..b87a57c 100644
--- a/modules/system/services/pc/default.nix
+++ b/modules/system/services/pc/default.nix
@@ -3,9 +3,9 @@
imports = [
./gnome-keyring
./gvfs
- ./keyd
+ ./libvirtd
./mpd
./polkit
- ./snapper
+ ./sunshine
];
}
diff --git a/modules/system/services/pc/gnome-keyring/default.nix b/modules/system/services/pc/gnome-keyring/default.nix
index 081985c..6e91c3f 100644
--- a/modules/system/services/pc/gnome-keyring/default.nix
+++ b/modules/system/services/pc/gnome-keyring/default.nix
@@ -1,4 +1,4 @@
-{ ... }:
+{ config, ... }:
{
- services.gnome.gnome-keyring.enable = true;
+ services.gnome.gnome-keyring.enable = config.system.desktop.enable;
}
diff --git a/modules/system/services/pc/gvfs/default.nix b/modules/system/services/pc/gvfs/default.nix
index 1681237..e9a4838 100644
--- a/modules/system/services/pc/gvfs/default.nix
+++ b/modules/system/services/pc/gvfs/default.nix
@@ -1,7 +1,7 @@
-{ ... }:
+{ config, ... }:
{
services = {
- gvfs.enable = true;
- udisks2.enable = true;
+ gvfs.enable = config.system.desktop.enable;
+ udisks2.enable = config.system.desktop.enable;
};
}
diff --git a/modules/system/services/pc/libvirtd/default.nix b/modules/system/services/pc/libvirtd/default.nix
new file mode 100644
index 0000000..a8b5ec4
--- /dev/null
+++ b/modules/system/services/pc/libvirtd/default.nix
@@ -0,0 +1,46 @@
+{ config, lib, pkgs, ... }:
+{
+ options.system.libvirtd = {
+ enable = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = "Enable libvirtd and such";
+ };
+ };
+
+ config = lib.mkIf config.system.libvirtd.enable {
+ virtualisation = {
+ libvirtd = {
+ enable = true;
+ onBoot = "ignore";
+ onShutdown = "shutdown";
+ qemu = {
+ ovmf = {
+ enable = true;
+ packages = [
+ pkgs.OVMFFull.fd
+ pkgs.pkgsCross.aarch64-multiplatform.OVMF.fd
+ ];
+ };
+ swtpm.enable = true;
+ };
+ };
+ };
+
+ environment.systemPackages = with pkgs; [
+ virt-manager
+ virtiofsd
+ dnsmasq
+ spice-vdagent
+ looking-glass-client
+ ];
+
+ # Needed to make NAT work
+ networking.firewall.trustedInterfaces = [
+ "virbr0"
+ "virbr1"
+ ];
+
+ systemd.tmpfiles.rules = [ "f /dev/shm/looking-glass 0660 jimbo libvirtd -" ];
+ };
+}
diff --git a/modules/system/services/pc/mpd/default.nix b/modules/system/services/pc/mpd/default.nix
index ad8b061..2f28d76 100644
--- a/modules/system/services/pc/mpd/default.nix
+++ b/modules/system/services/pc/mpd/default.nix
@@ -1,22 +1,24 @@
-{ config, ... }:
+{ config, lib, ... }:
{
- services.mpd = {
- enable = true;
- user = "jimbo";
- group = "users";
- musicDirectory = "/home/jimbo/JimboNFS/Music/Synced";
- playlistDirectory = "/home/jimbo/JimboNFS/Music/Synced/Playlists";
- extraConfig = ''
- audio_output {
- type "pipewire"
- name "Local Pipewire"
- }
- '';
- };
+ config = lib.mkIf config.system.desktop.enable {
+ services.mpd = {
+ enable = true;
+ user = "jimbo";
+ group = "users";
+ musicDirectory = "/home/jimbo/JimboNFS/Music/Synced";
+ playlistDirectory = "/home/jimbo/JimboNFS/Music/Synced/Playlists";
+ extraConfig = ''
+ audio_output {
+ type "pipewire"
+ name "Local Pipewire"
+ }
+ '';
+ };
- systemd.services.mpd.environment = {
- XDG_RUNTIME_DIR = "/run/user/${toString config.users.users.jimbo.uid}";
- };
+ systemd.services.mpd.environment = {
+ XDG_RUNTIME_DIR = "/run/user/${toString config.users.users.jimbo.uid}";
+ };
- environment.persistence."/persist".directories = [ "/var/lib/mpd" ];
+ environment.persistence."/persist".directories = [ "/var/lib/mpd" ];
+ };
}
diff --git a/modules/system/services/pc/sunshine/default.nix b/modules/system/services/pc/sunshine/default.nix
index b5d5f99..e91a2fb 100644
--- a/modules/system/services/pc/sunshine/default.nix
+++ b/modules/system/services/pc/sunshine/default.nix
@@ -1,7 +1,7 @@
-{ ... }:
+{ config, ... }:
{
services.sunshine = {
- enable = true;
+ enable = config.system.desktop.enable;
autoStart = false;
};
}
diff --git a/modules/system/services/pc/virtualization/qemu/default.nix b/modules/system/services/pc/virtualization/qemu/default.nix
deleted file mode 100644
index 4b5db05..0000000
--- a/modules/system/services/pc/virtualization/qemu/default.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{ config, pkgs, ... }:
-{
- virtualisation = {
- libvirtd = {
- enable = true;
- onBoot = "ignore";
- onShutdown = "shutdown";
- qemu = {
- ovmf = {
- enable = true;
- packages = [
- pkgs.OVMFFull.fd
- pkgs.pkgsCross.aarch64-multiplatform.OVMF.fd
- ];
- };
- swtpm.enable = true;
- };
- };
- spiceUSBRedirection.enable = true;
- };
-
- environment.systemPackages = with pkgs; [
- virt-manager
- virtiofsd
- dnsmasq
- spice-vdagent
- looking-glass-client
- ];
-
- # Needed to make NAT work
- networking.firewall.trustedInterfaces = [
- "virbr0"
- "virbr1"
- ];
-
- # Allow Looking-Glass permissions
- systemd.tmpfiles.rules = [
- "f /dev/shm/looking-glass 0660 jimbo libvirtd -"
- ];
-}
diff --git a/modules/system/services/pc/virtualization/waydroid/default.nix b/modules/system/services/pc/virtualization/waydroid/default.nix
deleted file mode 100644
index 521a802..0000000
--- a/modules/system/services/pc/virtualization/waydroid/default.nix
+++ /dev/null
@@ -1,4 +0,0 @@
-{ config, lib, ... }:
-{
- virtualisation.waydroid.enable = true;
-}
diff --git a/modules/system/services/server/default.nix b/modules/system/services/server/default.nix
index c5b5f71..8c79ef2 100644
--- a/modules/system/services/server/default.nix
+++ b/modules/system/services/server/default.nix
@@ -9,9 +9,9 @@
./minecraft
./misc
./mysql
+ ./nginx
./social
./transmission
./vaultwarden
- ./webhost
];
}
diff --git a/modules/system/services/server/fileserver/local/nfs/default.nix b/modules/system/services/server/fileserver/local/nfs/default.nix
index ce8f721..808c181 100644
--- a/modules/system/services/server/fileserver/local/nfs/default.nix
+++ b/modules/system/services/server/fileserver/local/nfs/default.nix
@@ -5,13 +5,11 @@
exports = ''
/export/JimboNFS/Downloads *(rw,sync,no_subtree_check)
/export/JimboNFS/Documents *(rw,sync,no_subtree_check)
+
/export/JimboNFS/Photos *(rw,sync,no_subtree_check)
- /export/JimboNFS/Videos/Random *(rw,sync,no_subtree_check)
- /export/JimboNFS/Videos/Media *(rw,sync,no_subtree_check)
- /export/JimboNFS/Music/Synced *(rw,sync,no_subtree_check)
- /export/JimboNFS/Music/Unsynced *(rw,sync,no_subtree_check)
- /export/JimboNFS/Projects *(rw,sync,no_subtree_check)
- /export/JimboNFS/School *(rw,sync,no_subtree_check)
+ /export/JimboNFS/Videos *(rw,sync,no_subtree_check)
+
+ /export/JimboNFS/Music *(rw,sync,no_subtree_check)
'';
};
}
diff --git a/modules/system/services/server/fileserver/public/nextcloud/default.nix b/modules/system/services/server/fileserver/public/nextcloud/default.nix
index c50d2f9..33d59ab 100644
--- a/modules/system/services/server/fileserver/public/nextcloud/default.nix
+++ b/modules/system/services/server/fileserver/public/nextcloud/default.nix
@@ -1,12 +1,10 @@
{ pkgs, config, ... }:
{
- imports = [
- ./nginx
- ];
+ imports = [ ./nginx ];
services.nextcloud = {
enable = true;
- package = pkgs.nextcloud29;
+ package = pkgs.nextcloud30;
hostName = "cloud.${config.domains.jim1}";
datadir = "/mnt/nextcloud";
https = true;
diff --git a/modules/system/services/server/fileserver/public/nextcloud/nginx/default.nix b/modules/system/services/server/fileserver/public/nextcloud/nginx/default.nix
index 4350dfd..52f7643 100644
--- a/modules/system/services/server/fileserver/public/nextcloud/nginx/default.nix
+++ b/modules/system/services/server/fileserver/public/nextcloud/nginx/default.nix
@@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ config, ... }:
{
services.nginx.virtualHosts."cloud.${config.domains.jim1}" = {
enableACME = true;
diff --git a/modules/system/services/server/fileserver/public/photoprism/default.nix b/modules/system/services/server/fileserver/public/photoprism/default.nix
index 7368339..0871f34 100644
--- a/modules/system/services/server/fileserver/public/photoprism/default.nix
+++ b/modules/system/services/server/fileserver/public/photoprism/default.nix
@@ -1,8 +1,6 @@
{ config, ... }:
{
- imports = [
- ./nginx
- ];
+ imports = [ ./nginx ];
services = {
photoprism = {
diff --git a/modules/system/services/server/forgejo/default.nix b/modules/system/services/server/forgejo/default.nix
index e03ca36..5044ab3 100644
--- a/modules/system/services/server/forgejo/default.nix
+++ b/modules/system/services/server/forgejo/default.nix
@@ -1,8 +1,6 @@
{ config, ... }:
{
- imports = [
- ./nginx
- ];
+ imports = [ ./nginx ];
services = {
forgejo = {
diff --git a/modules/system/services/server/icecast/default.nix b/modules/system/services/server/icecast/default.nix
index 61c64cc..8fd484f 100644
--- a/modules/system/services/server/icecast/default.nix
+++ b/modules/system/services/server/icecast/default.nix
@@ -30,6 +30,16 @@
application/ogg
vorbis
+
+
+ /jimscrap.opus
+ Jimbo's Scrap
+ Music canned from the main radio.
+ https://icecast.jimbosfiles.com/jimscrap.opus
+ Scrapped
+ application/ogg
+ vorbis
+
'';
};
}
diff --git a/modules/system/services/server/icecast/liquidsoap/default.nix b/modules/system/services/server/icecast/liquidsoap/default.nix
index ac333d0..63d5d00 100644
--- a/modules/system/services/server/icecast/liquidsoap/default.nix
+++ b/modules/system/services/server/icecast/liquidsoap/default.nix
@@ -1,30 +1,7 @@
-{ pkgs, config, ... }:
+{ ... }:
{
- services.liquidsoap.streams = {
- jimbops = pkgs.writeText "liquidjim" ''
- settings.log.stdout.set(true)
- settings.init.allow_root.set(true)
- settings.scheduler.fast_queues.set(2)
- settings.decoder.file_extensions.mp4.set(["m4a", "m4b", "m4p", "m4v", "m4r", "3gp", "mp4"])
-
- # Define the source with random playlist
- jimbops = mksafe(playlist(mode='randomize', reload=1, reload_mode="rounds", "/export/JimboNFS/Music/Synced"))
-
- # Ensure the stream never stops
- jimbops_fallback = fallback([jimbops, jimbops])
-
- # Output configuration to Icecast
- output.icecast(
- %ffmpeg(format="ogg", %audio(codec="libvorbis", samplerate=48000, b="256k", channels=2)),
- host="127.0.0.1",
- port=265,
- password="${config.secrets.castSourcePass}",
- public=true,
- icy_metadata=["artist", "title"],
- mount="jimbops.opus",
- encoding = "UTF-8",
- jimbops_fallback
- )
- '';
- };
+ imports = [
+ ./jimbops
+ ./jimscrap
+ ];
}
diff --git a/modules/system/services/server/icecast/liquidsoap/jimbops/default.nix b/modules/system/services/server/icecast/liquidsoap/jimbops/default.nix
new file mode 100644
index 0000000..ec5d850
--- /dev/null
+++ b/modules/system/services/server/icecast/liquidsoap/jimbops/default.nix
@@ -0,0 +1,29 @@
+{ pkgs, config, ... }:
+{
+ services.liquidsoap.streams = {
+ jimbops = pkgs.writeText "liquidjim" ''
+ settings.log.stdout.set(true)
+ settings.init.allow_root.set(true)
+ settings.scheduler.fast_queues.set(2)
+
+ # Define the source with random playlist
+ jimbops = mksafe(playlist(mode='randomize', reload=1, reload_mode="rounds", "/export/JimboNFS/Music/Synced"))
+
+ # Ensure the stream never stops
+ jimbops_fallback = fallback([jimbops, jimbops])
+
+ # Output configuration to Icecast
+ output.icecast(
+ %ffmpeg(format="ogg", %audio(codec="libvorbis", samplerate=48000, b="256k", channels=2)),
+ host="127.0.0.1",
+ port=265,
+ password="${config.secrets.castSourcePass}",
+ public=true,
+ icy_metadata=["artist", "title"],
+ mount="jimbops.opus",
+ encoding = "UTF-8",
+ jimbops_fallback
+ )
+ '';
+ };
+}
diff --git a/modules/system/services/server/icecast/liquidsoap/jimscrap/default.nix b/modules/system/services/server/icecast/liquidsoap/jimscrap/default.nix
new file mode 100644
index 0000000..16e32b9
--- /dev/null
+++ b/modules/system/services/server/icecast/liquidsoap/jimscrap/default.nix
@@ -0,0 +1,29 @@
+{ pkgs, config, ... }:
+{
+ services.liquidsoap.streams = {
+ jimscrap = pkgs.writeText "liquidjim" ''
+ settings.log.stdout.set(true)
+ settings.init.allow_root.set(true)
+ settings.scheduler.fast_queues.set(2)
+
+ # Define the source with random playlist
+ jimscrap = mksafe(playlist(mode='randomize', reload=1, reload_mode="rounds", "/export/JimboNFS/Music/Unsynced"))
+
+ # Ensure the stream never stops
+ jimscrap_fallback = fallback([jimscrap, jimscrap])
+
+ # Output configuration to Icecast
+ output.icecast(
+ %ffmpeg(format="ogg", %audio(codec="libvorbis", samplerate=48000, b="256k", channels=2)),
+ host="127.0.0.1",
+ port=265,
+ password="${config.secrets.castSourcePass}",
+ public=true,
+ icy_metadata=["artist", "title"],
+ mount="jimscrap.opus",
+ encoding = "UTF-8",
+ jimscrap_fallback
+ )
+ '';
+ };
+}
diff --git a/modules/system/services/server/webhost/nginx/default.nix b/modules/system/services/server/nginx/default.nix
similarity index 80%
rename from modules/system/services/server/webhost/nginx/default.nix
rename to modules/system/services/server/nginx/default.nix
index a84c14d..9df722e 100644
--- a/modules/system/services/server/webhost/nginx/default.nix
+++ b/modules/system/services/server/nginx/default.nix
@@ -1,5 +1,10 @@
{ pkgs, config, ... }:
{
+ imports = [
+ ./rtmp
+ ./virtualhosts
+ ];
+
services.nginx = {
enable = true;
recommendedTlsSettings = true;
@@ -9,6 +14,7 @@
};
networking.firewall.allowedTCPPorts = [
- 80 443
+ 80
+ 443
];
}
diff --git a/modules/system/services/server/webhost/rtmp/default.nix b/modules/system/services/server/nginx/rtmp/default.nix
similarity index 100%
rename from modules/system/services/server/webhost/rtmp/default.nix
rename to modules/system/services/server/nginx/rtmp/default.nix
diff --git a/modules/system/services/server/webhost/virtualhosts/default.nix b/modules/system/services/server/nginx/virtualhosts/default.nix
similarity index 100%
rename from modules/system/services/server/webhost/virtualhosts/default.nix
rename to modules/system/services/server/nginx/virtualhosts/default.nix
diff --git a/modules/system/services/server/webhost/virtualhosts/jimDomain1/default.nix b/modules/system/services/server/nginx/virtualhosts/jimDomain1/default.nix
similarity index 97%
rename from modules/system/services/server/webhost/virtualhosts/jimDomain1/default.nix
rename to modules/system/services/server/nginx/virtualhosts/jimDomain1/default.nix
index 034bc79..9b81395 100644
--- a/modules/system/services/server/webhost/virtualhosts/jimDomain1/default.nix
+++ b/modules/system/services/server/nginx/virtualhosts/jimDomain1/default.nix
@@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ config, ... }:
{
services.nginx.virtualHosts = {
"${config.domains.jim1}" = {
diff --git a/modules/system/services/server/social/lemmy/default.nix b/modules/system/services/server/social/lemmy/default.nix
index 1704165..9db605a 100644
--- a/modules/system/services/server/social/lemmy/default.nix
+++ b/modules/system/services/server/social/lemmy/default.nix
@@ -1,8 +1,6 @@
{ config, ... }:
{
- imports = [
- ./nginx
- ];
+ imports = [ ./nginx ];
services.lemmy = {
enable = true;
diff --git a/modules/system/services/server/social/matrix/element/default.nix b/modules/system/services/server/social/matrix/element/default.nix
index 3018816..38ffb13 100644
--- a/modules/system/services/server/social/matrix/element/default.nix
+++ b/modules/system/services/server/social/matrix/element/default.nix
@@ -1,8 +1,6 @@
-{ pkgs, config, ... }:
+{ config, ... }:
{
- imports = [
- ./nginx
- ];
+ imports = [ ./nginx ];
nixpkgs.config.element-web.conf = {
default_server_config = {
diff --git a/modules/system/services/server/social/matrix/synapse/coturn/default.nix b/modules/system/services/server/social/matrix/synapse/coturn/default.nix
index 159648f..c113785 100644
--- a/modules/system/services/server/social/matrix/synapse/coturn/default.nix
+++ b/modules/system/services/server/social/matrix/synapse/coturn/default.nix
@@ -1,8 +1,6 @@
{ config, ... }:
{
- imports = [
- ./nginx
- ];
+ imports = [ ./nginx ];
services = {
coturn = {
diff --git a/modules/system/services/server/social/matrix/synapse/slidingsync/default.nix b/modules/system/services/server/social/matrix/synapse/slidingsync/default.nix
index bad4f59..66edbae 100644
--- a/modules/system/services/server/social/matrix/synapse/slidingsync/default.nix
+++ b/modules/system/services/server/social/matrix/synapse/slidingsync/default.nix
@@ -6,8 +6,8 @@
SYNCV3_SERVER = "https://matrix.${config.domains.jim1}";
SYNCV3_BINDADDR = "0.0.0.0:8009";
};
- environmentFile = "${pkgs.writeText "matrixsecret" ''
+ environmentFile = pkgs.writeText "matrixsecret" ''
SYNCV3_SECRET=${config.secrets.matrixSecret}
- ''}";
+ '';
};
}
diff --git a/modules/system/services/server/social/owncast/default.nix b/modules/system/services/server/social/owncast/default.nix
index 495e833..105010f 100644
--- a/modules/system/services/server/social/owncast/default.nix
+++ b/modules/system/services/server/social/owncast/default.nix
@@ -1,8 +1,6 @@
{ ... }:
{
- imports = [
- ./nginx
- ];
+ imports = [ ./nginx ];
services.owncast = {
enable = true;
diff --git a/modules/system/services/server/transmission/default.nix b/modules/system/services/server/transmission/default.nix
index 9bc9405..27e1b53 100644
--- a/modules/system/services/server/transmission/default.nix
+++ b/modules/system/services/server/transmission/default.nix
@@ -1,8 +1,6 @@
{ pkgs, config, ... }:
{
- imports = [
- ./nginx
- ];
+ imports = [ ./nginx ];
services.transmission = {
enable = true;
diff --git a/modules/system/services/server/vaultwarden/default.nix b/modules/system/services/server/vaultwarden/default.nix
index af70c23..53e7d54 100644
--- a/modules/system/services/server/vaultwarden/default.nix
+++ b/modules/system/services/server/vaultwarden/default.nix
@@ -1,8 +1,6 @@
{ config, ... }:
{
- imports = [
- ./nginx
- ];
+ imports = [ ./nginx ];
services.vaultwarden = {
enable = true;
diff --git a/modules/system/services/server/webhost/default.nix b/modules/system/services/server/webhost/default.nix
deleted file mode 100644
index eaab380..0000000
--- a/modules/system/services/server/webhost/default.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ ... }:
-{
- imports = [
- ./nginx
- ./virtualhosts
- ];
-}
diff --git a/modules/system/settings/default.nix b/modules/system/settings/default.nix
new file mode 100644
index 0000000..de2fbae
--- /dev/null
+++ b/modules/system/settings/default.nix
@@ -0,0 +1,8 @@
+{ ... }:
+{
+ imports = [
+ ./documentation
+ ./fonts
+ ./nix
+ ];
+}
diff --git a/modules/system/settings/documentation/default.nix b/modules/system/settings/documentation/default.nix
new file mode 100644
index 0000000..209176c
--- /dev/null
+++ b/modules/system/settings/documentation/default.nix
@@ -0,0 +1,7 @@
+{ ... }:
+{
+ documentation = {
+ nixos.enable = false;
+ info.enable = false;
+ };
+}
diff --git a/modules/system/settings/fonts/default.nix b/modules/system/settings/fonts/default.nix
new file mode 100644
index 0000000..1761171
--- /dev/null
+++ b/modules/system/settings/fonts/default.nix
@@ -0,0 +1,7 @@
+{ pkgs, ... }:
+{
+ console = {
+ font = "${pkgs.terminus_font}/share/consolefonts/ter-u22n.psf.gz";
+ packages = with pkgs; [ terminus_font ];
+ };
+}
diff --git a/modules/system/settings/nix/default.nix b/modules/system/settings/nix/default.nix
new file mode 100644
index 0000000..a1fbf94
--- /dev/null
+++ b/modules/system/settings/nix/default.nix
@@ -0,0 +1,19 @@
+{ ... }:
+{
+ nix = {
+ settings = {
+ experimental-features = [
+ "nix-command"
+ "flakes"
+ ];
+ auto-optimise-store = true;
+ };
+ gc = {
+ automatic = true;
+ dates = "weekly";
+ options = "--delete-older-than 1w";
+ };
+ };
+
+ nixpkgs.config.allowUnfree = true;
+}