ItsDrike/nixdots
1
0
Fork 0
mirror of https://github.com/ItsDrike/nixdots synced 2024-09-19 14:49:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Actually enforce the roles

Browse source
This commit is contained in:
ItsDrike 2024-04-13 21:15:25 +02:00
parent 01e3567653
commit dd00ed5f70
Signed by: ItsDrike
GPG key ID: FA2745890B7048C0
9 changed files with 238 additions and 193 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
hosts/herugrim/default.nix
View file

@ -59,6 +59,10 @@
hasTPM = true;
};
workstation = {
printing.enable = true;
};
home-manager = {
enable = true;
stateVersion = "23.11";

5
system/roles/default.nix
View file

@ -1,4 +1,9 @@
{
# We import all of the roles here, with the type checks being handled
# in the individual files each time. This is a bit ugly, but necessary
# as NixOS doesn't support optional imports, due to circual imports
# (there might be a change of the config value inside one of the
# imported files).
imports = [
./workstation
./laptop

108
system/roles/laptop/power/default.nix
View file

@ -1,66 +1,70 @@
{lib, config, pkgs, ...}: let
inherit (lib) mkDefault;
in{
hardware.acpilight.enable = true;
{ pkgs, lib, config, ...}: let
inherit (lib) mkIf mkDefault;
deviceType = config.myOptions.device.roles.type;
acceptedTypes = ["laptop"];
in {
config = mkIf (builtins.elem deviceType acceptedTypes) {
hardware.acpilight.enable = true;
environment.systemPackages = with pkgs; [
acpi
powertop
];
environment.systemPackages = with pkgs; [
acpi
powertop
];
services = {
# handle ACPI events
acpid.enable = true;
services = {
# handle ACPI events
acpid.enable = true;
# allows changing system behavior based upon user-selected power profiles
power-profiles-daemon.enable = true;
# allows changing system behavior based upon user-selected power profiles
power-profiles-daemon.enable = true;
# temperature target on battery
undervolt = {
tempBat = 65; # deg C
package = pkgs.undervolt;
};
# temperature target on battery
undervolt = {
tempBat = 65; # deg C
package = pkgs.undervolt;
};
# superior power management
auto-cpufreq = {
enable = true;
# superior power management
auto-cpufreq = {
enable = true;
# define the profiles
# (you can manually switch between profiles using `powerprofilesctl` cmd)
settings = let
MHz = x: x * 1000;
in {
battery = {
governor = "powersave";
scaling_min_freq = mkDefault (MHz 1200);
scaling_max_freq = mkDefault (MHz 1800);
turbo = "never";
# define the profiles
# (you can manually switch between profiles using `powerprofilesctl` cmd)
settings = let
MHz = x: x * 1000;
in {
battery = {
governor = "powersave";
scaling_min_freq = mkDefault (MHz 1200);
scaling_max_freq = mkDefault (MHz 1800);
turbo = "never";
};
charger = {
governor = "performance";
scaling_min_freq = mkDefault (MHz 1800);
scaling_max_freq = mkDefault (MHz 3800);
turbo = "auto";
};
};
};
charger = {
governor = "performance";
scaling_min_freq = mkDefault (MHz 1800);
scaling_max_freq = mkDefault (MHz 3800);
turbo = "auto";
};
# DBus service that provides power management support to applications
upower = {
enable = true;
percentageLow = 15;
percentageCritical = 5;
percentageAction = 3;
criticalPowerAction = "Hibernate";
};
};
# DBus service that provides power management support to applications
upower = {
enable = true;
percentageLow = 15;
percentageCritical = 5;
percentageAction = 3;
criticalPowerAction = "Hibernate";
boot = {
kernelModules = ["acpi_call"];
extraModulePackages = with config.boot.kernelPackages; [
acpi_call
cpupower
];
};
};
boot = {
kernelModules = ["acpi_call"];
extraModulePackages = with config.boot.kernelPackages; [
acpi_call
cpupower
];
};
}

40
system/roles/laptop/touchpad.nix
View file

@ -1,22 +1,28 @@
{
services.xserver.libinput = {
# enable libinput
enable = true;
{ lib, config, ...}: let
inherit (lib) mkIf;
deviceType = config.myOptions.device.roles.type;
acceptedTypes = ["laptop"];
in {
config = mkIf (builtins.elem deviceType acceptedTypes) {
services.xserver.libinput = {
# enable libinput
enable = true;
# disable mouse acceleration
mouse = {
accelProfile = "flat";
accelSpeed = "0";
middleEmulation = false;
};
# disable mouse acceleration
mouse = {
accelProfile = "flat";
accelSpeed = "0";
middleEmulation = false;
};
# touchpad settings
touchpad = {
naturalScrolling = false; # I'm weird like that
tapping = true;
clickMethod = "clickfinger";
horizontalScrolling = true;
disableWhileTyping = true;
# touchpad settings
touchpad = {
naturalScrolling = false; # I'm weird like that
tapping = true;
clickMethod = "clickfinger";
horizontalScrolling = true;
disableWhileTyping = true;
};
};
};
}

176
system/roles/workstation/fonts.nix
View file

@ -1,93 +1,99 @@
{pkgs, ...}: {
fonts = {
enableDefaultPackages = false;
{pkgs, lib, config, ...}: let
inherit (lib) mkIf;
deviceType = config.myOptions.device.roles.type;
acceptedTypes = ["laptop" "desktop"];
in {
config = mkIf (builtins.elem deviceType acceptedTypes) {
fonts = {
enableDefaultPackages = false;
fontconfig = {
defaultFonts = let
common = [
"Iosevka Nerd Font"
"Symbols Nerd Font"
"Noto Color Emoji"
];
in {
monospace = [
"Source Code Pro Medium"
"Source Han Mono"
]
++ common;
fontconfig = {
defaultFonts = let
common = [
"Iosevka Nerd Font"
"Symbols Nerd Font"
"Noto Color Emoji"
];
in {
monospace = [
"Source Code Pro Medium"
"Source Han Mono"
]
++ common;
sansSerif = [
"Lexend"
]
++ common;
sansSerif = [
"Lexend"
]
++ common;
serif = [
"Noto Serif"
]
++ common;
serif = [
"Noto Serif"
]
++ common;
emoji = [
"Noto Color Emoji"
]
++ common;
emoji = [
"Noto Color Emoji"
]
++ common;
};
};
fontDir = {
enable = true;
decompressFonts = true;
};
packages = with pkgs; [
# programming fonts
sarasa-gothic
source-code-pro
# desktop fonts
corefonts # MS fonts
b612 # high legibility
material-icons
material-design-icons
roboto
work-sans
comic-neue
source-sans
inter
lato
lexend
dejavu_fonts
noto-fonts
noto-fonts-cjk
# emojis
noto-fonts-color-emoji
twemoji-color-font
openmoji-color
openmoji-black
font-awesome
# defaults worth keeping
dejavu_fonts
freefont_ttf
gyre-fonts
liberation_ttf
unifont
# specific nerd fonts only
# (installing all nerd fonts is slow and takes gigabytes)
# see: <https://github.com/NixOS/nixpkgs/blob/master/pkgs/data/fonts/nerdfonts/shas.nix>
# for all available fonts
(nerdfonts.override {
fonts = [
"JetBrainsMono"
"Iosevka"
"NerdFontsSymbolsOnly"
"FiraCode"
"FiraMono"
"Hack"
"HeavyData"
];
})
];
};
fontDir = {
enable = true;
decompressFonts = true;
};
packages = with pkgs; [
# programming fonts
sarasa-gothic
source-code-pro
# desktop fonts
corefonts # MS fonts
b612 # high legibility
material-icons
material-design-icons
roboto
work-sans
comic-neue
source-sans
inter
lato
lexend
dejavu_fonts
noto-fonts
noto-fonts-cjk
# emojis
noto-fonts-color-emoji
twemoji-color-font
openmoji-color
openmoji-black
font-awesome
# defaults worth keeping
dejavu_fonts
freefont_ttf
gyre-fonts
liberation_ttf
unifont
# specific nerd fonts only
# (installing all nerd fonts is slow and takes gigabytes)
# see: <https://github.com/NixOS/nixpkgs/blob/master/pkgs/data/fonts/nerdfonts/shas.nix>
# for all available fonts
(nerdfonts.override {
fonts = [
"JetBrainsMono"
"Iosevka"
"NerdFontsSymbolsOnly"
"FiraCode"
"FiraMono"
"Hack"
"HeavyData"
];
})
];
};
}

26
system/roles/workstation/programs/misc.nix
View file

@ -1,15 +1,21 @@
{
programs = {
# allow non-root users to mount fuse filesystems with allow_other
fuse.userAllowOther = true;
{ lib, config, ...}: let
inherit (lib) mkIf;
deviceType = config.myOptions.device.roles.type;
acceptedTypes = ["laptop" "desktop"];
in {
config = mkIf (builtins.elem deviceType acceptedTypes) {
programs = {
# allow non-root users to mount fuse filesystems with allow_other
fuse.userAllowOther = true;
# show network usage
bandwhich.enable = true;
# show network usage
bandwhich.enable = true;
# network inspection utility
wireshark.enable = true;
# network inspection utility
wireshark.enable = true;
# gnome's keyring manager
seahorse.enable = true;
# gnome's keyring manager
seahorse.enable = true;
};
};
}

44
system/roles/workstation/services/earlyoom.nix
View file

@ -1,22 +1,28 @@
{pkgs, ...}: {
# https://dataswamp.org/~solene/2022-09-28-earlyoom.html
# avoid the linux kernel locking itself when we're putting too much strain on the memory
# this helps avoid having to shut down forcefully when we OOM
services.earlyoom = {
enable = true;
enableNotifications = true; # annoying, but we want to know what's killed
freeSwapThreshold = 2;
freeMemThreshold = 2;
extraArgs = [
"-g" # kill all processes within a process group
"--avoid 'Hyprland|soffice|soffice.bin|firefox|thunderbird)$'" # things we want to not kill
"--prefer '^(electron|.*.exe)$'" # I wish we could kill electron permanently
];
{pkgs, lib, config, ...}: let
inherit (lib) mkIf;
deviceType = config.myOptions.device.roles.type;
acceptedTypes = ["laptop" "desktop"];
in {
config = mkIf (builtins.elem deviceType acceptedTypes) {
# https://dataswamp.org/~solene/2022-09-28-earlyoom.html
# avoid the linux kernel locking itself when we're putting too much strain on the memory
# this helps avoid having to shut down forcefully when we OOM
services.earlyoom = {
enable = true;
enableNotifications = true; # annoying, but we want to know what's killed
freeSwapThreshold = 2;
freeMemThreshold = 2;
extraArgs = [
"-g" # kill all processes within a process group
"--avoid 'Hyprland|soffice|soffice.bin|firefox|thunderbird)$'" # things we want to not kill
"--prefer '^(electron|.*.exe)$'" # I wish we could kill electron permanently
];
# we should ideally write the logs into a designated log file; or even better, to the journal
# for now we can hope this echo sends the log to somewhere we can observe later
killHook = pkgs.writeShellScript "earlyoom-kill-hook" ''
echo "Process $EARLYOOM_NAME ($EARLYOOM_PID) was killed"
'';
# we should ideally write the logs into a designated log file; or even better, to the journal
# for now we can hope this echo sends the log to somewhere we can observe later
killHook = pkgs.writeShellScript "earlyoom-kill-hook" ''
echo "Process $EARLYOOM_NAME ($EARLYOOM_PID) was killed"
'';
};
};
}

21
system/roles/workstation/services/mount.nix
View file

@ -1,11 +1,16 @@
{ config, ... }:
{
services = {
# enable GVfs, a userspace virtual filesystem
# (allows viewing ftp,sftp,... directly from the file manager)
gvfs.enable = true;
{ lib, config, ...}: let
inherit (lib) mkIf;
deviceType = config.myOptions.device.roles.type;
acceptedTypes = ["laptop" "desktop"];
in {
config = mkIf (builtins.elem deviceType acceptedTypes) {
services = {
# enable GVfs, a userspace virtual filesystem
# (allows viewing ftp,sftp,... directly from the file manager)
gvfs.enable = true;
# Storage daemon required for udiskie auto-mount
udisks2.enable = !config.boot.isContainer;
# Storage daemon required for udiskie auto-mount
udisks2.enable = !config.boot.isContainer;
};
};
}

7
system/roles/workstation/services/printing.nix
View file

@ -1,9 +1,12 @@
{ config, lib, pkgs, ... }: let
{ pkgs, lib, config, ...}: let
inherit (lib) mkIf;
deviceType = config.myOptions.device.roles.type;
acceptedTypes = ["laptop" "desktop"];
cfg = config.myOptions.workstation.printing;
in {
config = mkIf cfg.enable {
config = mkIf (builtins.elem deviceType acceptedTypes && cfg.enable) {
# enable cups and add some drivers for common printers
services = {
printing = {