feat: big refactor

2024-09-07 15:10:22 +02:00 · 2024-09-07 15:10:22 +02:00 · ebedec9768
commit ebedec9768
parent 2c09c21833
159 changed files with 1927 additions and 2222 deletions
--- a/modules/core/applications.nix
+++ b/modules/core/applications.nix
@ -0,0 +1,65 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+{
+
+  environment.systemPackages =
+    lib.optionals config.bchmnn.collections.cli-utils.enable [
+      pkgs.pciutils # a collection of programs for inspecting and manipulating configuration of pci devices
+      pkgs.usbutils # tools for working with usb devices, such as lsusb
+      pkgs.lshw # provide detailed information on the hardware configuration of the machine
+      pkgs.git # distributed version control system
+      pkgs.gnumake # a tool to control the generation of non-source files from sources
+      pkgs.parallel # shell tool for executing jobs in parallel
+      pkgs.mercurial # a fast, lightweight scm system for very large distributed projects
+      pkgs.wget # tool for retrieving files using http, https, and ftp
+      pkgs.unstable.neovim-unwrapped # vim text editor fork focused on extensibility and agility
+      pkgs.neofetch # a fast, highly customizable system info script
+      pkgs.eza # a modern, maintained replacement for ls
+      pkgs.ripgrep # a utility that combines the usability of the silver searcher with the raw speed of grep
+      pkgs.ripgrep-all # ripgrep, but also search in pdfs, e-books, office documents, zip, tar.gz, and more
+      pkgs.expect # a tool for automating interactive applications
+      pkgs.jq # a lightweight and flexible command-line json processor
+      pkgs.unzip # an extraction utility for archives compressed in .zip format
+      pkgs.unrar # utility for rar archives
+      pkgs.libsecret # a library for storing and retrieving passwords and other secrets
+      pkgs.xidel # command line tool to download and extract data from html/xml pages as well as json apis
+      pkgs.nvd # nix/nixos package version diff tool
+      pkgs.inotify-tools # a c library and a set of command-line programs providing a simple interface to inotify
+      pkgs.mkcert # a simple tool for making locally-trusted development certificates
+      pkgs.hexedit
+    ]
+    ++ lib.optionals (config.bchmnn.collections.cli-utils.enable && config.bchmnn.nvidia.enable) [
+      pkgs.nvtopPackages.full
+    ]
+    ++ lib.optionals config.bchmnn.collections.development.enable [
+      pkgs.gcc13
+      pkgs.clang
+      pkgs.universal-ctags # a maintained ctags implementation
+      pkgs.rustc
+      pkgs.cargo # downloads your rust project's dependencies and builds your project
+      pkgs.go # go programming language
+      (pkgs.python312.withPackages (
+        p: with p; [
+          ptpython # an advanced python repl
+          ipython # ipython: productive interactive computing
+          pycryptodome # self-contained cryptographic library
+          gmpy2 # interface to gmp, mpfr, and mpc for python 3.7+
+        ]
+      ))
+      pkgs.lua
+      pkgs.nixpkgs-fmt
+      pkgs.openjdk17
+      pkgs.javaPackages.openjfx17
+      pkgs.gradle_7
+      pkgs.maven
+      pkgs.ant
+      pkgs.nodejs_20
+      pkgs.nodenv
+      pkgs.nodePackages.yarn
+      pkgs.nodePackages.pnpm
+    ];
+}
--- a/modules/core/audio.nix
+++ b/modules/core/audio.nix
@ -0,0 +1,57 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+{
+  options.bchmnn = {
+    audio = {
+      enable = lib.mkEnableOption "audio";
+      pipewire-wine-fix = {
+        enable = lib.mkEnableOption "pipewire-wine-fix";
+      };
+    };
+  };
+
+  config = {
+    services.pipewire =
+      lib.mkIf (config.bchmnn.audio.enable && (!builtins.elem "gnome" config.bchmnn.gui.flavour))
+        {
+          enable = true;
+          audio.enable = true;
+          pulse.enable = true;
+          alsa.enable = true;
+          alsa.support32Bit = true;
+          jack.enable = true;
+          wireplumber.enable = true;
+          extraConfig.pipewire = lib.mkIf config.bchmnn.audio.pipewire-wine-fix.enable {
+            "90-wine-config" = {
+              "context.properties" = {
+                # "default.clock.rate" = 48000;
+                "default.clock.allowed-rates" = [
+                  44100
+                  48000
+                ];
+                # "default.clock.quantum" = 2048;
+                # "default.clock.min-quantum" = 1024;
+              };
+            };
+          };
+          extraConfig.pipewire-pulse = lib.mkIf config.bchmnn.audio.pipewire-wine-fix.enable {
+            "90-wine-config" = {
+              "pulse.properties" = {
+                "pulse.min.req" = "1024/48000";
+                # "pulse.min.frag" = "1024/48000";
+                # "pulse.min.quantum" = "1024/48000";
+              };
+            };
+          };
+        };
+
+    environment.systemPackages = lib.optionals config.bchmnn.audio.enable [
+      pkgs.alsa-utils
+      pkgs.pulseaudio
+    ];
+  };
+}
--- a/modules/core/bluetooth.nix
+++ b/modules/core/bluetooth.nix
@ -0,0 +1,17 @@
+{ config, lib, ... }:
+{
+  options.bchmnn = {
+    bluetooth = {
+      enable = lib.mkEnableOption "bluetooth";
+    };
+  };
+
+  config = lib.mkIf config.bchmnn.bluetooth.enable {
+    hardware.bluetooth = {
+      enable = true;
+      powerOnBoot = true;
+    };
+
+    services.blueman.enable = true;
+  };
+}
--- a/modules/core/common.nix
+++ b/modules/core/common.nix
@ -0,0 +1,33 @@
+{
+  aliases = {
+    ls = "eza --group-directories-first --hyperlink --icons";
+    la = "eza --group-directories-first --hyperlink --icons -la";
+    lt = "eza --group-directories-first --hyperlink --icons -la --tree";
+    llt = "unbuffer eza --group-directories-first --hyperlink --icons -la --tree | less -r";
+
+    gg = "cd ~/code";
+    # gs = "git status";
+    gl = "git log --oneline";
+    glg = "git log --oneline --graph --decorate --all";
+    gaa = "git add --all";
+    gc = "git commit -m";
+    gp = "git push";
+
+    ta = "tmux attach";
+
+    nec = "nvim --cmd \"cd $(readlink -f /etc/nixos)\"";
+    ncc = "sudo nixos-rebuild switch --upgrade-all --flake \"$(readlink -f /etc/nixos)\"";
+    nup = "sudo nix-channel --update";
+    ngc = "sudo nix-collect-garbage -d";
+
+    dcup = "docker-compose up --detach --remove-orphans";
+    dka = "docker kill $(docker ps -q)";
+    drmc = "docker container rm $(docker container ls -aq)";
+    drmi = "docker image rm $(docker image ls -aq)";
+    drmv = "docker volume rm $(docker volume ls -q)";
+
+    lsip = "curl -s 'https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data' | jq";
+    xo = "xdg-open";
+    y = "yazi";
+  };
+}
--- a/modules/core/default.nix
+++ b/modules/core/default.nix
@ -0,0 +1,89 @@
+{ pkgs, ... }@inputs:
+{
+  imports = [
+    ./applications.nix
+    ./audio.nix
+    ./bluetooth.nix
+    ./keyd.nix
+    ./network.nix
+    ./nvidia.nix
+    ./power.nix
+    ./printing.nix
+    ./profiling.nix
+    ./security.nix
+    ./shell.nix
+    ./virtualisation.nix
+  ];
+
+  nix = {
+    settings = {
+      experimental-features = [
+        "nix-command"
+        "flakes"
+      ];
+      auto-optimise-store = true;
+    };
+  };
+
+  nixpkgs = {
+    overlays = [
+      (self: super: {
+        unstable = import inputs.nixpkgs-unstable { system = super.system; };
+        mfcl3750cdwlpr = (super.callPackage ../../overlays/mfcl3750cdw.nix { }).driver;
+        mfcl3750cdwcupswrapper = (super.callPackage ../../overlays/mfcl3750cdw.nix { }).cupswrapper;
+        pppdf = (super.python3Packages.callPackage ../../overlays/pppdf { });
+        iglesia-light = (super.callPackage ../../overlays/fonts/iglesia-light.nix { });
+      })
+    ];
+    config = {
+      allowUnfree = true;
+      allowUnfreePredicate = (_: true);
+    };
+  };
+
+  # provide libraries for non-nix binaries
+  # programs.nix-ld = {
+  #   enable = true;
+  #   libraries = [
+  #     # glibc
+  #     # libcxx
+  #     # libllvm
+  #     # ncurses
+  #   ];
+  # };
+
+  system.stateVersion = "23.05";
+
+  time.timeZone = "Europe/Berlin";
+
+  i18n = {
+    defaultLocale = "en_US.UTF-8";
+    supportedLocales = [
+      "en_US.UTF-8/UTF-8"
+      "de_DE.UTF-8/UTF-8"
+    ];
+  };
+
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "us";
+  };
+
+  programs.dconf.enable = true;
+  services.dbus = {
+    enable = true;
+    packages = with pkgs; [
+      gcr # gnome crypto services (daemon and tools)
+      dconf
+    ];
+  };
+
+  programs.ccache = {
+    enable = true;
+  };
+
+  services.openssh = {
+    enable = true;
+    openFirewall = true;
+  };
+}
--- a/modules/core/keyd.nix
+++ b/modules/core/keyd.nix
@ -0,0 +1,73 @@
+{ pkgs, ... }:
+let
+  nav = {
+    h = "left";
+    j = "down";
+    k = "up";
+    l = "right";
+    "0" = "home";
+    "4" = "end";
+    u = "pageup";
+    d = "pagedown";
+    q = "previoussong";
+    w = "playpause";
+    e = "nextsong";
+  };
+  alt = {
+    a = "ä";
+    o = "ö";
+    u = "ü";
+    s = "ß";
+    e = "€";
+  };
+  altShift = {
+    a = "Ä";
+    o = "Ö";
+    u = "Ü";
+  };
+in
+{
+  environment.systemPackages = with pkgs; [ keyd ];
+  # Enable keyd and remap keys
+  services.keyd = {
+    enable = true;
+    keyboards.default = {
+      ids = [
+        "*"
+        "-04fe:0020" # HHKB
+        "-046d:102a" # Logitech G700s
+        "-046d:c07c" # Logitech G700s Rechargeable Gaming Mouse
+      ];
+      settings = {
+        main = {
+          leftalt = "layer(meta)";
+          leftmeta = "layer(alt)";
+          altgr = "layer(control)";
+          rightalt = "layer(control)";
+          capslock = "layer(nav)";
+        };
+        alt = alt;
+        "alt+shift" = altShift;
+        meta = {
+          capslock = "overload(nav, capslock)";
+        };
+        nav = nav;
+      };
+    };
+    keyboards.hhkb = {
+      ids = [ "04fe:0020" ];
+      settings = {
+        main = {
+          rightmeta = "layer(control)";
+          leftcontrol = "layer(nav)";
+        };
+        alt = alt;
+        "alt+shift" = altShift;
+        meta = {
+          leftcontrol = "overload(nav, capslock)";
+        };
+        nav = nav;
+      };
+    };
+  };
+}
--- a/modules/core/network.nix
+++ b/modules/core/network.nix
@ -0,0 +1,19 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  networking.networkmanager.enable = true;
+  systemd.services = {
+    NetworkManager-wait-online.enable = false;
+  };
+  environment.systemPackages = lib.optionals (config.bchmnn.collections.vpn.enable) [
+    pkgs.openvpn3
+    pkgs.mullvad-vpn
+    pkgs.wireguard-tools # tools for the wireguard secure network tunnel
+  ];
+  services.mullvad-vpn.enable = config.bchmnn.collections.vpn.enable;
+  services.tailscale.enable = config.bchmnn.collections.vpn.enable;
+}
--- a/modules/core/nvidia.nix
+++ b/modules/core/nvidia.nix
@ -0,0 +1,17 @@
+{ config, lib, ... }:
+{
+  options.bchmnn = {
+    nvidia = {
+      enable = lib.mkEnableOption "nvidia";
+    };
+  };
+
+  config = lib.mkIf config.bchmnn.nvidia.enable {
+    services.xserver.videoDrivers = [ "nvidia" ];
+    hardware.nvidia = {
+      modesetting.enable = true;
+      powerManagement.enable = true;
+      nvidiaSettings = true;
+    };
+  };
+}
--- a/modules/core/power.nix
+++ b/modules/core/power.nix
@ -0,0 +1,55 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
+{
+
+  options.bchmnn = {
+
+    power = {
+      tlp = {
+        settings = lib.mkOption {
+          type =
+            with lib.types;
+            attrsOf (oneOf [
+              bool
+              int
+              float
+              str
+              (listOf str)
+            ]);
+          default = {
+            # performance | powersave
+            CPU_SCALING_GOVERNOR_ON_AC = "performance";
+            CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
+            # performance | balance_performance | default | balance_power | power
+            CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
+            CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
+            # performance | balanced | low-power
+            PLATFORM_PROFILE_ON_AC = "performance";
+            PLATFORM_PROFILE_ON_BAT = "low-power";
+            CPU_MIN_PERF_ON_AC = 0;
+            CPU_MAX_PERF_ON_AC = 100;
+            CPU_MIN_PERF_ON_BAT = 0;
+            CPU_MAX_PERF_ON_BAT = 100;
+          };
+        };
+      };
+    };
+  };
+
+  config = {
+    powerManagement = {
+      enable = true;
+    };
+
+    services.tlp = {
+      enable = !builtins.elem "gnome" config.bchmnn.gui.flavour;
+      settings = config.bchmnn.power.tlp.settings;
+    };
+
+    environment.systemPackages = with pkgs; [ powertop ];
+  };
+}
--- a/modules/core/printing.nix
+++ b/modules/core/printing.nix
@ -0,0 +1,38 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
+{
+  options.bchmnn = {
+    printing = {
+      enable = lib.mkEnableOption "printing";
+    };
+  };
+
+  config = lib.mkIf config.bchmnn.printing.enable {
+    services.printing = {
+      enable = true;
+      drivers = [ pkgs.mfcl3750cdwcupswrapper ];
+    };
+
+    services.avahi = {
+      enable = true;
+      nssmdns4 = true;
+      openFirewall = true;
+    };
+
+    hardware.printers = {
+      ensurePrinters = [
+        {
+          name = "Brother-MFC-L3750CDW-series";
+          location = "Home";
+          deviceUri = "dnssd://Brother%20MFC-L3750CDW%20series._ipp._tcp.local/?uuid=e3248000-80ce-11db-8000-b4220094c09b";
+          model = "brother_mfcl3750cdw_printer_en.ppd";
+        }
+      ];
+      ensureDefaultPrinter = "Brother-MFC-L3750CDW-series";
+    };
+  };
+}
--- a/modules/core/profiling.nix
+++ b/modules/core/profiling.nix
@ -0,0 +1,5 @@
+{ config, lib, ... }:
+lib.mkIf config.bchmnn.collections.profiling.enable {
+  boot.loader.systemd-boot.memtest86.enable = config.boot.loader.systemd-boot.enable;
+  boot.loader.grub.memtest86.enable = config.boot.loader.grub.enable;
+}
--- a/modules/core/security.nix
+++ b/modules/core/security.nix
@ -0,0 +1,13 @@
+{ config, lib, ... }:
+{
+  security.polkit.enable = true;
+  security.rtkit.enable = true;
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = lib.optionals (config.bchmnn.collections.development.enable) [
+      3000
+      6969
+      8080
+    ];
+  };
+}
--- a/modules/core/shell.nix
+++ b/modules/core/shell.nix
@ -0,0 +1,44 @@
+{ pkgs, ... }:
+let
+  common = import ./common.nix;
+in
+{
+  programs.zsh = {
+    enable = true;
+  };
+
+  users.users.gandalf = {
+    shell = pkgs.zsh;
+  };
+
+  environment = {
+    shellAliases = common.aliases;
+  };
+
+  programs = {
+    htop.enable = true;
+    iftop.enable = true;
+  };
+
+  documentation = {
+    enable = true;
+    doc.enable = true;
+    dev.enable = true;
+    man = {
+      enable = true;
+      generateCaches = true;
+      man-db.enable = true;
+    };
+
+  };
+
+  environment.systemPackages = with pkgs; [
+    man-pages
+    man-pages-posix
+    ncurses
+  ];
+
+  programs.nh = {
+    enable = true;
+  };
+}
--- a/modules/core/virtualisation.nix
+++ b/modules/core/virtualisation.nix
@ -0,0 +1,32 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+lib.mkIf config.bchmnn.collections.virtualisation.enable {
+  virtualisation = {
+    libvirtd.enable = true;
+    /*
+      podman = {
+        enable = true;
+        # create a `docker` alias for podman, to use it as a drop-in replacement
+        dockerCompat = true;
+        # required for containers under podman-compose to be able to talk to each other.
+        defaultNetwork.settings.dns_enabled = true;
+      };
+    */
+    docker = {
+      enable = true;
+    };
+    oci-containers = {
+      backend = "docker";
+      # backend = "podman";
+    };
+    containers = {
+      enable = true;
+    };
+  };
+  hardware.nvidia-container-toolkit.enable = config.bchmnn.nvidia.enable;
+  environment.systemPackages = with pkgs; [ virtiofsd ];
+}