Commit 93ffa89
Changed files (6)
modules
nixos
desktop
modules/base/default.nix
@@ -0,0 +1,3 @@
+{mylib, ...}: {
+ imports = mylib.scanModules ./.;
+}
modules/base.nix → modules/base/nix.nix
@@ -1,65 +1,8 @@
{
- pkgs,
- myvars,
config,
+ myvars,
...
}: {
- environment.variables.EDITOR = "hx";
- environment.systemPackages = with pkgs; [
- fastfetch
- helix
- nushell
- git
-
- # archives
- zip
- xz
- zstd
- unzipNLS
- p7zip
- gnutar
-
- # text processing
- gnugrep
- gnused
- gawk
- jq
-
- # networking tools
- wget
- curl
-
- # misc
- file
- tree
- which
- findutils
- ];
-
- services.aria2 = {
- enable = true;
- rpcSecretFile = config.sops.secrets.aria2-rpc-secret.path;
- settings = {
- enable-rpc = true;
- rpc-listen-port = 6800;
- };
- };
-
- users.users.${myvars.username} = {
- description = myvars.userfullname;
- };
-
- sops.templates.access-tokens = {
- content = ''
- access-tokens = github.com=${config.sops.placeholder.github-access-token}
- '';
- mode = "0444"; # file must be accessible (r) to all users, because only the build daemon runs as root and not nix evaluator itself.
- };
-
- nix.extraOptions = ''
- !include ${config.sops.templates.access-tokens.path}
- '';
-
nix.settings = {
experimental-features = ["nix-command" "flakes"];
trusted-users = [myvars.username];
@@ -76,4 +19,15 @@
];
builders-use-substitutes = true;
};
+
+ nix.extraOptions = ''
+ !include ${config.sops.templates.access-tokens.path}
+ '';
+
+ sops.templates.access-tokens = {
+ content = ''
+ access-tokens = github.com=${config.sops.placeholder.github-access-token}
+ '';
+ mode = "0444"; # file must be accessible (r) to all users, because only the build daemon runs as root and not nix evaluator itself.
+ };
}
modules/base/system-packages.nix
@@ -0,0 +1,35 @@
+{pkgs, ...}: {
+ environment.variables.EDITOR = "hx";
+ environment.systemPackages = with pkgs; [
+ fastfetch
+ helix
+ nushell
+ git
+
+ # archives
+ zip
+ xz
+ zstd
+ unzipNLS
+ p7zip
+ gnutar
+
+ # text processing
+ gnugrep
+ gnused
+ gawk
+ jq
+
+ # networking tools
+ wget
+ curl
+
+ # misc
+ file
+ tree
+ which
+ findutils
+ ];
+
+ services.aria2.enable = true;
+}
modules/base/users.nix
@@ -0,0 +1,6 @@
+{myvars, ...}: {
+ users.users.${myvars.username} = {
+ description = myvars.userfullname;
+ openssh.authorizedKeys.keys = myvars.sshAuthorizedKeys;
+ };
+}
modules/nixos/desktop/misc.nix
@@ -22,5 +22,12 @@
services = {
gvfs.enable = true; # Mount, trash, and other functionalities
tumbler.enable = true; # Thumbnail support for images
+ aria2 = {
+ rpcSecretFile = config.sops.secrets.aria2-rpc-secret.path;
+ settings = {
+ enable-rpc = true;
+ rpc-listen-port = 6800;
+ };
+ };
};
}
modules/nixos/desktop.nix
@@ -7,7 +7,7 @@
}: {
imports = [
./base
- ../base.nix
+ ../base
./desktop
];