WIP refactor

2025-03-16 23:25:18 -05:00 · 2025-03-16 23:25:18 -05:00 · 7e7f04574b
commit 7e7f04574b
parent 6381cb0ea1
13 changed files with 1150 additions and 166 deletions
--- a/common/boot/default.nix
+++ b/common/boot/default.nix
@ -0,0 +1,35 @@
+{ config, lib, ... }:
+let
+  ccfg = import ../config.nix;
+  cfg = config.${ccfg.custom_config_key}.boot;
+in
+{
+  imports = [
+    ./grub.nix
+    ./systemd.nix
+  ];
+  config = {
+    assertions = [
+      (
+        let
+          enabledBootloaders = lib.filter (x: x.enabled) [
+            {
+              name = "systemd";
+              enabled = cfg.systemd.enable;
+            }
+            {
+              name = "grub";
+              enabled = cfg.grub.enable;
+            }
+          ];
+        in
+        {
+          assertion = lib.length enabledBootloaders <= 1;
+          message =
+            "Only one bootloader can be enabled at a time. Enabled: "
+            + lib.concatStringsSep ", " (map (x: x.name) enabledBootloaders);
+        }
+      )
+    ];
+  };
+}
--- a/common/boot/grub.nix
+++ b/common/boot/grub.nix
@ -5,20 +5,27 @@
 }:
 let
  ccfg = import ../config.nix;
-  cfg_path = "${ccfg.custom_config_key}".boot.grub;
-  cfg = config.${cfg_path};
+  cfg_path = [
+    ccfg.custom_config_key
+    "boot"
+    "grub"
+  ];
+  cfg = lib.attrsets.getAttrFromPath cfg_path config;
 in
 {
-  options.${ccfg.custom_config_key}.boot.grub = {
-    enable = lib.mkEnableOption "Grub bootloader";
-    device = lib.mkOption {
-      type = lib.types.str;
-      default = "/dev/sda";
-      description = ''
-        The device to install GRUB on.
-      '';
+  options =
+    { }
+    // lib.attrsets.setAttrByPath cfg_path {
+      enable = lib.mkEnableOption "Grub bootloader";
+      device = lib.mkOption {
+        type = lib.types.str;
+        default = "/dev/sda";
+        description = ''
+          The device to install GRUB on.
+        '';
+      };
    };
-  };
+
  config = lib.mkIf cfg.enable {
    boot.loader.grub = {
      enable = true;
--- a/common/boot/systemd.nix
+++ b/common/boot/systemd.nix
@ -5,13 +5,19 @@
 }:
 let
  ccfg = import ../config.nix;
-  cfg_path = "${ccfg.custom_config_key}".boot.systemd;
-  cfg = config.${cfg_path};
+  cfg_path = [
+    ccfg.custom_config_key
+    "boot"
+    "systemd"
+  ];
+  cfg = lib.attrsets.getAttrFromPath cfg_path config;
 in
 {
-  options.${cfg_path} = {
-    enable = lib.mkEnableOption "Systemd bootloader";
-  };
+  options =
+    { }
+    // lib.attrsets.setAttrByPath cfg_path {
+      enable = lib.mkEnableOption "Systemd bootloader";
+    };
  config = lib.mkIf cfg.enable {
    boot.loader = {
      systemd-boot = {
--- a/common/config.nix
+++ b/common/config.nix
@ -1,3 +1,3 @@
 {
-  config_prefix = "ringofstorms_common";
+  custom_config_key = "ringofstorms_common";
 }
--- a/common/flake.nix
+++ b/common/flake.nix
@ -3,17 +3,12 @@
    home-manager.url = "github:rycee/home-manager/release-24.11";
    ragenix.url = "github:yaxitech/ragenix";

-    ros_neovim.url = "git+https://git.joshuabell.xyz/nvim";
-    ringofstorms-stormd.url = "git+ssh://git.joshuabell.xyz:3032/stormd";
-    # ros_neovim.url = "path:/home/josh/projects/stormd";
-
    hyprland.url = "github:hyprwm/Hyprland";
    cosmic.url = "github:lilyinstarlight/nixos-cosmic";
  };

  outputs =
    {
-      ros_neovim,
      ...
    }:
    {
@ -31,9 +26,9 @@
          in
          {
            imports = [
-              ./boot/grub.nix
-              ./boot/systemd.nix
-              ./users/users.nix
+              ./boot
+              ./users
+              ./general
            ];
            options.${cfg_path} = {
              systemName = lib.mkOption {
--- a/common/general/default.nix
+++ b/common/general/default.nix
@ -0,0 +1,182 @@
+{
+  config,
+  lib,
+  ...
+}:
+let
+  ccfg = import ../config.nix;
+  cfg_path = [
+    ccfg.custom_config_key
+    "general"
+  ];
+  cfg = lib.attrsets.getAttrFromPath cfg_path config;
+  top_cfg = config.${ccfg.custom_config_key};
+in
+{
+  options =
+    { }
+    // lib.attrsets.setAttrByPath cfg_path {
+      flakeOptions = lib.mkOption {
+        type = lib.types.bool;
+        default = true;
+        description = "Enable nix flake options";
+      };
+      unfree = lib.mkOption {
+        type = lib.types.bool;
+        default = true;
+        description = "Enable unfree packages";
+      };
+      readWindowsDrives = lib.mkOption {
+        type = lib.types.bool;
+        default = true;
+        description = "Read windows drives";
+      };
+      disableRemoteBuildsOnLio = lib.mkOption {
+        type = lib.types.bool;
+        default = false;
+        description = "Disable remote builds on lio";
+      };
+      timezone = lib.mkOption {
+        type = lib.types.str;
+        default = "America/Chicago";
+        description = "Timezone";
+      };
+      defaultLocal = lib.mkOption {
+        type = lib.types.str;
+        default = "en_US.UTF-8";
+        description = "Default locale";
+      };
+      fastShutdown = lib.mkOption {
+        type = lib.types.bool;
+        default = true;
+        description = "Fast shutdown";
+      };
+      enableSleep = lib.mkEnableOption (lib.mdDoc "Enable auto sleeping");
+    };
+  config = {
+    # name this computer
+    networking = {
+      hostName = top_cfg.systemName;
+    };
+
+    # Enable flakes
+    nix.settings.experimental-features = lib.mkIf cfg.flakeOptions [
+      "nix-command"
+      "flakes"
+    ];
+
+    # Allow unfree
+    nixpkgs.config.allowUnfree = cfg.unfree;
+    nixpkgs.config.allowUnfreePredicate = (pkg: cfg.unfree);
+    environment.variables = lib.mkIf cfg.unfree {
+      NIXPKGS_ALLOW_UNFREE = "1";
+    };
+
+    # allow mounting ntfs filesystems
+    boot.supportedFilesystems = lib.mkIf cfg.readWindowsDrives [ "ntfs" ];
+
+    # make shutdown faster for waiting
+    systemd.extraConfig = lib.mkIf cfg.fastShutdown ''
+      DefaultTimeoutStopSec=8s
+    '';
+
+    nix.settings = {
+      max-jobs = "auto";
+      # Fallback quickly if substituters are not available.
+      connect-timeout = 5;
+      download-attempts = 3;
+      # The default at 10 is rarely enough.
+      log-lines = 50;
+      # Avoid disk full issues
+      max-free = (3000 * 1024 * 1024);
+      min-free = (1000 * 1024 * 1024);
+      # Avoid copying unnecessary stuff over SSH
+      builders-use-substitutes = true;
+      auto-optimise-store = true;
+      trusted-users = [
+        "root"
+        "@wheel"
+      ];
+      substituters = [
+        "https://hyprland.cachix.org"
+        "https://cosmic.cachix.org/"
+      ];
+      trusted-public-keys = [
+        "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
+        "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
+      ];
+    };
+    nix.extraOptions = ''
+      keep-outputs = true
+      keep-derivations = true
+      ${lib.optionalString (
+        # TODO revisit this should it move?
+        config ? age && config.age ? secrets && config.age.secrets ? github_read_token
+      ) "!include ${config.age.secrets.github_read_token.path}"}
+    '';
+
+    # nix helper
+    programs.nh = {
+      enable = true;
+      clean.enable = true;
+      clean.extraArgs = "--keep 10";
+      # `flake` path is set in users/default.nix for the primary user if set
+    };
+
+    # Remote build off home lio computer
+    programs.ssh.extraConfig = lib.mkIf (!cfg.disableRemoteBuildsOnLio) ''
+      Host lio_
+        PubkeyAcceptedKeyTypes ssh-ed25519
+        ServerAliveInterval 60
+        IPQoS throughput
+        ${lib.optionalString (
+          config ? age && config.age ? secrets && config.age.secrets ? nix2lio
+        ) "IdentityFile ${config.age.secrets.nix2lio.path}"}
+    '';
+    nix = {
+      distributedBuilds = lib.mkIf (!cfg.disableRemoteBuildsOnLio) true;
+      buildMachines = lib.mkIf (!cfg.disableRemoteBuildsOnLio) [
+        {
+          hostName = "lio";
+          system = "x86_64-linux";
+          protocol = "ssh-ng";
+          maxJobs = 32;
+          speedFactor = 2;
+          supportedFeatures = [
+            "nixos-test"
+            "benchmark"
+            "big-parallel"
+            "kvm"
+            "uid-range" # Often helpful
+          ];
+          mandatoryFeatures = [ ];
+        }
+      ];
+    };
+
+    # TODO can I make this Roaming automatically somehow?
+    time.timeZone = cfg.timezone;
+    # Select internationalization properties.
+    i18n.defaultLocale = cfg.defaultLocal;
+    i18n.extraLocaleSettings = {
+      LC_ADDRESS = cfg.defaultLocal;
+      LC_IDENTIFICATION = cfg.defaultLocal;
+      LC_MEASUREMENT = cfg.defaultLocal;
+      LC_MONETARY = cfg.defaultLocal;
+      LC_NAME = cfg.defaultLocal;
+      LC_NUMERIC = cfg.defaultLocal;
+      LC_PAPER = cfg.defaultLocal;
+      LC_TELEPHONE = cfg.defaultLocal;
+      LC_TIME = cfg.defaultLocal;
+    };
+
+    # Turn off sleep
+    systemd.sleep.extraConfig = lib.mkIf (!cfg.enableSleep) ''
+      [Sleep]
+      AllowSuspend=no
+      AllowHibernation=no
+      AllowSuspendThenHibernate=no
+      AllowHybridSleep=no
+    '';
+  };
+}
--- a/common/users/default.nix
+++ b/common/users/default.nix
@ -0,0 +1,58 @@
+{
+  config,
+  lib,
+  ...
+}:
+let
+  ccfg = import ../config.nix;
+  cfg_path = [
+    ccfg.custom_config_key
+    "users"
+  ];
+  cfg = lib.attrsets.getAttrFromPath cfg_path config;
+  top_cfg = config.${ccfg.custom_config_key};
+in
+{
+  options =
+    { }
+    // lib.attrsets.setAttrByPath cfg_path {
+      admins = lib.mkOption {
+        type = lib.types.listOf lib.types.str;
+        default = [ ];
+        example = [ "josh" ];
+        description = ''
+          List of users to be added to the system.
+        '';
+      };
+      primary = lib.mkOption {
+        type = lib.types.str;
+        default = lib.optionalString (cfg.admins != [ ] && cfg.admins != null) (
+          builtins.elemAt cfg.admins 0
+        );
+        description = "The primary user of the system.";
+      };
+      users = lib.mkOption {
+        type = lib.types.attrsOf lib.types.attrs;
+        default = { };
+        description = "Normal users to configure (not for system users). Should match nix options of users.userser.<name>.*";
+      };
+    };
+  config = {
+    users.users = lib.mapAttrs (
+      name: userConfig:
+      userConfig
+      // {
+        inherit name;
+        isNormalUser = true;
+# TODO
+        # initialPassword = lib.mkIf (
+        #   userConfig.initialPassword != null
+        # ) userConfig.initialPassword "password1";
+        extraGroups =
+          lib.optionals (builtins.elem name cfg.admins) [ "wheel" ] ++ (userConfig.extraGroups or [ ]);
+      }
+    ) cfg.users;
+
+    programs.nh.flake = lib.mkIf (lib.hasAttr "primary" cfg) "/home/${cfg.primary}/.config/nixos-config/hosts/${top_cfg.systemName}";
+  };
+}
--- a/common/users/user.nix
+++ b/common/users/user.nix
@ -1,9 +0,0 @@
-{
-  username,
-}:
-{ config, ... }:
-{ 
-  users.user.${username} = {
-
-  };
-}
--- a/common/users/users.nix
+++ b/common/users/users.nix
@ -1,53 +0,0 @@
-{
-  config,
-  lib,
-  ...
-}:
-let
-  ccfg = import ../config.nix;
-  cfg_path = "${ccfg.custom_config_key}".users;
-  cfg = config.${cfg_path};
-  top_cfg = config."${ccfg.custom_config_key}";
-in
-{
-  option.${cfg_path} = {
-    adminUsers = lib.mkOption {
-      type = lib.types.listOf lib.types.str;
-      default = [ ];
-      example = [ "josh" ];
-      description = ''
-        List of users to be added to the system.
-      '';
-    };
-    primaryUser = lib.mkOption {
-      type = lib.types.str;
-      default = lib.optionalString (cfg.adminUsers != [ ] && cfg.adminUsers != null) (
-        builtins.elemAt cfg.adminUsers 0
-      );
-      description = "The primary user of the system.";
-    };
-    users = lib.mkOption {
-      type = lib.types.attrsOf lib.types.attrs;
-      default = { };
-      description = "Normal* users to configure (not for system users). Should match nix options of users.userser.<name>.*";
-    };
-  };
-  config =
-    {
-      users.users = lib.mapAttrs (
-        name: config:
-        {
-          inherit name;
-          isNormalUser = true;
-        }
-        // config
-      ) cfg.users;
-
-      programs.nh.flake = "/home/${cfg.primaryUser}/.config/nixos-config/hosts/${top_cfg.systemName}";
-    }
-    // lib.map (name: {
-      users.users.${name} = {
-        extraGroups = [ "wheel" ];
-      };
-    }) cfg.adminUsers;
-}
--- a/components/nix/lua.nix
+++ b/components/nix/lua.nix
@ -1,5 +0,0 @@
-{ pkgs, ... }:
-{
-  environment.systemPackages = with pkgs; [ lua ];
-}
-
--- a/components/nix/qdirstat.nix
+++ b/components/nix/qdirstat.nix
@ -1,4 +0,0 @@
-{ pkgs, ... }:
-{
-  environment.systemPackages = [ pkgs.qdirstat ];
-}
--- a/hosts/lio/flake.lock
+++ b/hosts/lio/flake.lock
--- a/hosts/lio/flake.nix
+++ b/hosts/lio/flake.nix
@ -3,11 +3,15 @@
    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
    # nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";

+    # Use relative to get current version for testing
+    common.url = "path:../../common";
+    # Pin to specific version
+    # common.url = "git+https://git.joshuabell.xyz/dotfiles?rev=88f2d95e6a871f084dccfc4f45ad9d2b31720998";
+
    ros_neovim.url = "git+https://git.joshuabell.xyz/nvim";
    mod_common.url = "git+https://git.joshuabell.xyz/dotfiles?ref=mod_common";
    mod_home-manager.url = "git+https://git.joshuabell.xyz/dotfiles?ref=mod_home_manager";
    mod_secrets.url = "git+https://git.joshuabell.xyz/dotfiles?ref=mod_secrets";
-    mod_boot_systemd.url = "git+https://git.joshuabell.xyz/dotfiles?ref=mod_boot_systemd";
    mod_de_gnome.url = "git+https://git.joshuabell.xyz/dotfiles?ref=mod_de_gnome";
    mod_ros_stormd.url = "git+https://git.joshuabell.xyz/dotfiles?ref=mod_stormd";
    mod_nebula.url = "git+https://git.joshuabell.xyz/dotfiles?ref=mod_nebula";
@ -44,14 +48,50 @@
                { config, pkgs, ... }:
                {
                  imports = [
-                    ../../components/nix/lua.nix
                    ../../components/nix/rust-dev.nix
                    ../../components/nix/qflipper.nix
-                    ../../components/nix/qdirstat.nix
                    ../../components/nix/steam.nix
                    ../../components/nix/tailscale.nix
                  ];

+                  ringofstorms_common = {
+                    systemName = configuration_name;
+                    boot.systemd.enable = true;
+                    general = {
+                      # NOTE bunch of defaults in here I dont need to change
+                    };
+                    users = {
+                      # Users are all normal users and default password is password1
+                      admins = [ "josh" ]; # First admin is also the primary user owning nix config
+                      users = {
+                        josh = {
+                          openssh.authorizedKeys.keys = [
+                            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio"
+                          ];
+                          extraGroups = [
+                            "networkmanager"
+                            "video"
+                            "input"
+                          ];
+                          shell = pkgs.zsh;
+                          packages = with pkgs; [
+                            signal-desktop
+                            spotify
+                            blender
+                            google-chrome
+                            discordo
+                            discord
+                            firefox-esr
+                            openscad
+                            vlc
+                            bitwarden
+                            vaultwarden
+                          ];
+                        };
+                      };
+                    };
+                  };
+
                  environment.systemPackages = with pkgs; [
                    lua
                    qdirstat
@ -75,33 +115,6 @@
                      docker = true;
                      zsh = true;
                      users = {
-                        josh = {
-                          openssh.authorizedKeys.keys = [
-                            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJN2nsLmAlF6zj5dEBkNSJaqcCya+aB6I0imY8Q5Ew0S nix2lio"
-                          ];
-                          initialPassword = "password1";
-                          isNormalUser = true;
-                          extraGroups = [
-                            "wheel"
-                            "networkmanager"
-                            "video"
-                            "input"
-                          ];
-                          shell = pkgs.zsh;
-                          packages = with pkgs; [
-                            signal-desktop
-                            spotify
-                            blender
-                            google-chrome
-                            discordo
-                            discord
-                            firefox-esr
-                            openscad
-                            vlc
-                            bitwarden
-                            vaultwarden
-                          ];
-                        };
                      };
                    };
                    home_manager = {