From 2701890df4c45986b0d5416fecab908bed3aabfa Mon Sep 17 00:00:00 2001 From: Sean Buckley Date: Wed, 25 Aug 2021 00:27:20 -0400 Subject: [PATCH] split profiles into multiple files --- flake.nix | 2 + modules/desktop.nix | 99 ++++++++++++++++++++++++++++++++++++ modules/profiles.nix | 118 +------------------------------------------ modules/server.nix | 13 +++++ 4 files changed, 115 insertions(+), 117 deletions(-) create mode 100644 modules/desktop.nix create mode 100644 modules/server.nix diff --git a/flake.nix b/flake.nix index 309fc85..a240c1f 100644 --- a/flake.nix +++ b/flake.nix @@ -23,6 +23,7 @@ baseline = import ./modules/baseline.nix; cli = import ./modules/cli.nix; + desktop = import ./modules/desktop.nix; gnome = import ./modules/gnome.nix; gnome-monitor-settings-tweak = import ./modules/gnome-monitor-settings-tweak; mouse-dpi = import ./modules/mouse-dpi.nix; @@ -33,6 +34,7 @@ scansnap_s1300 = import ./modules/scansnap_s1300.nix; scroll-boost = import ./modules/scroll-boost; security-tools = import ./modules/security-tools.nix; + server = import ./modules/server.nix; status-on-console = import ./modules/status-on-console.nix; sway = import ./modules/sway.nix; }; diff --git a/modules/desktop.nix b/modules/desktop.nix new file mode 100644 index 0000000..d0035d8 --- /dev/null +++ b/modules/desktop.nix @@ -0,0 +1,99 @@ +{ config, pkgs, lib, ... }: +with lib; +let + pkcslib = "${pkgs.opensc}/lib/opensc-pkcs11.so"; +in +{ + config = mkIf (config.sconfig.profile == "desktop") { + services.pcscd.enable = true; + programs.ssh.startAgent = true; + programs.ssh.agentPKCS11Whitelist = pkcslib; + + nixpkgs.overlays = [ + (self: super: { + gnome = super.gnome // { + gnome-keyring = super.gnome.gnome-keyring.overrideAttrs (old: { + configureFlags = old.configureFlags ++ [ "--disable-ssh-agent" ]; + }); + }; + }) + ]; + + environment.systemPackages = with pkgs; [ + brave + discord + element-desktop + ffmpeg + gimp + glxinfo + gnome3.dconf-editor + opensc + pavucontrol + steam-run + tdesktop + terminator + youtube-dl + + (pkgs.writeShellScriptBin "mfa" "exec ssh-add -s${pkcslib}") + + (mpv-with-scripts.override { scripts = [ mpvScripts.mpris ]; }) + + (vscode-with-extensions.override { + vscode = vscodium; + vscodeExtensions = with pkgs.vscode-extensions; [ + bbenoist.Nix + ms-python.python + ms-vscode.cpptools + ms-azuretools.vscode-docker + ]; + }) + + (wrapFirefox firefox-unwrapped { + extraPolicies = { + CaptivePortal = false; + DisablePocket = true; + DisableFirefoxStudies = true; + OfferToSaveLogins = false; + DisableFormHistory = true; + SearchSuggestEnabled = false; + Preferences = { + "extensions.formautofill.available" = { Status = "locked"; Value = "off"; }; + "browser.contentblocking.category" = { Status = "locked"; Value = "strict"; }; + "network.IDN_show_punycode" = { Status = "locked"; Value = true; }; + "browser.zoom.siteSpecific" = { Status = "locked"; Value = false; }; + }; + }; + }) + + ]; + + environment.etc."vscode-user-settings.json".text = + "//usr/bin/env ln -sf $0 ~/.config/VSCodium/User/settings.json; exit 0" + + "\n" + builtins.toJSON { + "editor.renderFinalNewline" = false; + "editor.scrollBeyondLastLine" = false; + "extensions.autoCheckUpdates" = false; + "extensions.autoUpdate" = false; + "files.insertFinalNewline" = true; + "files.trimFinalNewlines" = true; + "git.confirmSync" = false; + "python.showStartPage" = false; + "security.workspace.trust.banner" = "never"; + "security.workspace.trust.startupPrompt" = "never"; + "security.workspace.trust.untrustedFiles" = "newWindow"; + "terminal.integrated.fontFamily" = "Liberation Mono"; + "update.mode" = "none"; + "update.showReleaseNotes" = false; + "window.menuBarVisibility" = "hidden"; + "workbench.startupEditor" = "none"; + }; + + programs.steam.enable = true; + + virtualisation.docker = { enable = true; enableOnBoot = false; }; + + boot.loader.timeout = + if config.boot.loader.systemd-boot.enable + then null else lib.mkOverride 9999 99; + }; +} diff --git a/modules/profiles.nix b/modules/profiles.nix index a2d49fd..dc2aae2 100644 --- a/modules/profiles.nix +++ b/modules/profiles.nix @@ -1,123 +1,7 @@ -{ config, pkgs, lib, ... }: +{ lib, ... }: with lib; -let - cfg = config.sconfig.profile; - - pkcslib = "${pkgs.opensc}/lib/opensc-pkcs11.so"; - -in { options.sconfig.profile = mkOption { type = types.enum [ "server" "desktop" ]; }; - - config = mkMerge [ - - - (mkIf (cfg == "server") { - services.openssh.enable = true; - services.openssh.startWhenNeeded = true; - documentation.nixos.enable = false; - nix.gc = { - automatic = true; - options = "--delete-older-than 30d"; - }; - }) - - - (mkIf (cfg == "desktop") { - services.pcscd.enable = true; - programs.ssh.startAgent = true; - programs.ssh.agentPKCS11Whitelist = pkcslib; - - nixpkgs.overlays = [ - (self: super: { - gnome = super.gnome // { - gnome-keyring = super.gnome.gnome-keyring.overrideAttrs (old: { - configureFlags = old.configureFlags ++ [ "--disable-ssh-agent" ]; - }); - }; - }) - ]; - - environment.systemPackages = with pkgs; [ - brave - discord - element-desktop - ffmpeg - gimp - glxinfo - gnome3.dconf-editor - opensc - pavucontrol - steam-run - tdesktop - terminator - youtube-dl - - (pkgs.writeShellScriptBin "mfa" "exec ssh-add -s${pkcslib}") - - (mpv-with-scripts.override { scripts = [ mpvScripts.mpris ]; }) - - (vscode-with-extensions.override { - vscode = vscodium; - vscodeExtensions = with pkgs.vscode-extensions; [ - bbenoist.Nix - ms-python.python - ms-vscode.cpptools - ms-azuretools.vscode-docker - ]; - }) - - (wrapFirefox firefox-unwrapped { - extraPolicies = { - CaptivePortal = false; - DisablePocket = true; - DisableFirefoxStudies = true; - OfferToSaveLogins = false; - DisableFormHistory = true; - SearchSuggestEnabled = false; - Preferences = { - "extensions.formautofill.available" = { Status = "locked"; Value = "off"; }; - "browser.contentblocking.category" = { Status = "locked"; Value = "strict"; }; - "network.IDN_show_punycode" = { Status = "locked"; Value = true; }; - "browser.zoom.siteSpecific" = { Status = "locked"; Value = false; }; - }; - }; - }) - - ]; - - environment.etc."vscode-user-settings.json".text = - "//usr/bin/env ln -sf $0 ~/.config/VSCodium/User/settings.json; exit 0" - + "\n" + builtins.toJSON { - "editor.renderFinalNewline" = false; - "editor.scrollBeyondLastLine" = false; - "extensions.autoCheckUpdates" = false; - "extensions.autoUpdate" = false; - "files.insertFinalNewline" = true; - "files.trimFinalNewlines" = true; - "git.confirmSync" = false; - "python.showStartPage" = false; - "security.workspace.trust.banner" = "never"; - "security.workspace.trust.startupPrompt" = "never"; - "security.workspace.trust.untrustedFiles" = "newWindow"; - "terminal.integrated.fontFamily" = "Liberation Mono"; - "update.mode" = "none"; - "update.showReleaseNotes" = false; - "window.menuBarVisibility" = "hidden"; - "workbench.startupEditor" = "none"; - }; - - programs.steam.enable = true; - - virtualisation.docker = { enable = true; enableOnBoot = false; }; - - boot.loader.timeout = - if config.boot.loader.systemd-boot.enable - then null else lib.mkOverride 9999 99; - }) - - - ]; } diff --git a/modules/server.nix b/modules/server.nix new file mode 100644 index 0000000..b53abd7 --- /dev/null +++ b/modules/server.nix @@ -0,0 +1,13 @@ +{ config, pkgs, lib, ... }: +with lib; +{ + config = mkIf (config.sconfig.profile == "server") { + services.openssh.enable = true; + services.openssh.startWhenNeeded = true; + documentation.nixos.enable = false; + nix.gc = { + automatic = true; + options = "--delete-older-than 30d"; + }; + }; +}