Commit Graph

45 Commits

Author SHA1 Message Date
Donovan Glover
79401e029b
system(nix): Forbid import from derivation
Helps prevent issues where we accidentally use an import from derivation
and cause flakes with multiple platforms to fail when running things
like `nix flake check`.
2024-06-20 22:33:59 -04:00
Donovan Glover
a9bebdc5f6
system: Only add phone groups when necessary 2024-06-20 13:18:39 -04:00
Donovan Glover
c48a01ae7f
system: Don't generate man cache on mobile
Significantly improves build times with aarch64 emulation.
2024-06-20 12:16:03 -04:00
Donovan Glover
8bb6a8a24e
system: Add groups from phone
Might reduce this later.
2024-06-19 02:04:47 -04:00
Donovan Glover
6ff271d4e2
system: Disable zram on phone for now
Testing whether or not SIGSEGVs are reduced as a result of disabling
zram.
2024-06-19 02:01:51 -04:00
Donovan Glover
16da2fd144
system: Add phone support 2024-06-19 02:00:34 -04:00
Donovan Glover
fb5c7849d0
system: Add wheel group to trusted users
Should prevent issues we ran into previously with things like
nixos-rebuild on remote hosts through ssh with non-root accounts.
2024-06-17 11:25:00 -04:00
Donovan Glover
000c9f2d90
system: Enable aarch64-linux emulation
This makes it possible to build the phone on the laptop, useful to
significantly reduce build times.
2024-06-16 07:43:56 -04:00
Donovan Glover
a629f92827
meta: Revert combining mobile-nixos flake
This was causing a lot of issues unfortunately presumably due to things
not working with the aarch64 PinePhone system. Random errors like
"expected string 'D'" were common and I'd rather use a separate flake to
make things easier to debug and keep evaluation times to a minimum.
2024-06-15 10:47:03 -04:00
Donovan Glover
05b14fa423
meta: Merge phone module with system / desktop 2024-06-14 01:21:46 -04:00
Donovan Glover
b16466a944
Revert "system(home): Disable nixpkgs release check"
No longer necessary since we're targeting 24.05.
2024-06-01 14:19:54 -04:00
Donovan Glover
e60c826ed5
system(home): Disable nixpkgs release check
Necessary since we take advantage of newer hypridle and hyprlock
modules while sticking with an older version of nixpkgs to avoid issues
with newer versions of hyprland and ironbar.

Breakage may have been influenced by a dependency but seems to occur
with various combinations of hyprland and ironbar.

- hyprland v0.39.1 + ironbar v0.14.1
- hyprland v0.39.1 + ironbar master
- hyprland master + ironbar master
2024-05-31 23:44:44 -04:00
Donovan Glover
b30ffbc858
system: Change allowZolaPort option to allowDevPort
Makes things a bit more generic.
2024-05-20 11:53:13 -04:00
Donovan Glover
9f10d795c7
system(nix): Downgrade from Nix 2.19 to 2.18
I got tired of seeing the unstable warnings all the time and would
rather use directories with simple names to avoid other problems.
2024-04-16 19:48:14 -04:00
Donovan Glover
cd39a136f9
system: Blacklist floppy kernel module
Fixes an issue where the QEMU VM attempted to load a floppy at /dev/fd0.
2024-04-10 22:58:09 -04:00
Donovan Glover
58df5018da
meta: Handle postgres at the system level
This makes sense since postgres is a service that runs on the system.
2024-04-09 09:25:51 -04:00
Donovan Glover
70e6bcc223
system(home): Inherit stateVersion 2024-04-08 04:15:46 -04:00
Donovan Glover
f02f2cfd03
chore(nix): Use singleton where possible 2024-04-08 04:11:19 -04:00
Donovan Glover
fa82103e6c
meta: Drop /share/backgrounds pathsToLink
Not needed since we can just reference the background directly instead.

Note that the linking actually occurs in the modules for the DEs that
add backgrounds since it isn't part of the defaults.
2024-04-07 11:54:35 -04:00
Donovan Glover
c1eed0c69d
eww: Make icons work standalone 2024-04-07 11:05:15 -04:00
Donovan Glover
1173e8483b
meta: Drop /share/fonts pathsToLink
Shouldn't be necessary with the usage of fonts.packages.
2024-04-07 10:13:08 -04:00
Donovan Glover
534476e97b
feat: Add option to disable root at the system level
Reduces complexity in the containers module.
2024-04-06 19:28:22 -04:00
Donovan Glover
0033dfceb0
chore: Disable command-not-found by default
Unfortunately command-not-found only works for channels and doesn't have
first-class support for flakes yet, and nix-index takes forever to build
the database on slower machines, so I'd rather just disable this by
default.
2024-04-06 12:13:02 -04:00
Donovan Glover
7649c658b7
meta: Merge packages module into existing modules 2024-04-06 11:49:03 -04:00
Donovan Glover
3fc9cb9c81
chore: Link paths at the system level
Fixes an issue where paths wouldn't be linked previously unless
manually specified.
2024-04-06 10:26:32 -04:00
Donovan Glover
30f4d4f650
meta: Merge networking with system
This makes it easier to ensure that the system has our network settings
such as random mac addresses. This makes sense since networking in
general is related to the system.
2024-04-06 09:26:22 -04:00
Donovan Glover
0e07ad48f5
virtualization: Mount /tmp as /mnt
This isn't *perfect*, but it does make it possible to share files
between the guest and the host without having to imperatively create a
directory that may or may not exist on other systems.
2024-04-06 08:21:32 -04:00
Donovan Glover
dd3d09bb67
system: Add option to specify hashedPassword
It may be useful to add hashedPasswordFile in the future, although from
my testing it was possible to rebuild a VM that used a cached derivation
with the old password.

Ideally your main form of authentication is through LUKS encryption or
SSH keys anyway, and this password should solely be used for sudo
purposes.
2024-04-06 08:18:32 -04:00
Donovan Glover
76a397031f
system: Set password to username by default
Ideally the user should supply their own hashedPassword.
2024-04-06 08:10:52 -04:00
Donovan Glover
8ba4792d03
virtualization: Fullscreen by default
Makes things easier to work with since hyprland doesn't automatically
match the resolution with the VM window by default.
2024-04-06 06:44:43 -04:00
Donovan Glover
1f1670ac54
virtualization: Disable zram
Causes errors on startup and generally isn't useful inside the VM.
2024-04-05 22:23:21 -04:00
Donovan Glover
2f30ce241b
meta: Merge virtualization with system
The check VMs still work as expected with this change.
2024-04-05 19:43:52 -04:00
Donovan Glover
22e31ff60b
chore: Format with nixpkgs-fmt
Note that we will continue to use nixpkgs-fmt for the time being here
since nixfmt-rfc-style breaks string syntax highlighting and comments
like `/* this */` get turned into `# this`.

The conversion from lisp-like formatting to something else in flake.nix
is a bit unfortunate, but I'd rather have a singular style for the
entire code base to make things easier.
2024-04-05 11:40:23 -04:00
Donovan Glover
01acf8197d
system: Add option to avoid cleaning /tmp on boot
This increases boot times quite a bit so I'd rather use tmpfs as /tmp
where possible. Note that this defaults to cleaning /tmp anyway since
I'd rather clean /tmp than not do so at all.

For future reference, the message that gets shown is the following:
"A start job is running for Create Volatile Files and Directories"
2024-04-05 11:18:52 -04:00
Donovan Glover
59f557a3e5
feat: Pass nix-config as self to avoid infinite recursion
This change makes it possible to use this nix-config in all the
different ways imaginable (containers, bare metal, tests, and as a
separate flake input) *without* running into infinite recursion
issues with self.

It does this by using a trick similar to JavaScript in which
`var self = this;`, thus enabling the usage of "this" (or self, in
Nix's case) where it wouldn't otherwise be possible.

Note that this *only* works if the input for this repository is named
nix-config. This makes it impractical to combine with multiple
configurations that employ the same strategy.
2024-04-05 10:20:06 -04:00
Donovan Glover
7f05a66fa5
feat: Make username customizable
Now it's possible to use whatever username you want for your system. The
default value of "user" is good if you're concerned about information
disclosure attacks through things like the username being visible in
logs or other output.
2024-04-04 16:36:28 -04:00
Donovan Glover
558e0b1623
meta: Merge home-manager and user module with system
Makes it easier to create a working and pre-configured system with
minimal configuration.
2024-04-04 16:02:35 -04:00
Donovan Glover
7ef220be22
meta: Make system module customizable 2024-04-04 09:41:32 -04:00
Donovan Glover
a18a120634
system: Clean /tmp on boot
Necessary since /tmp is no longer a tmpfs.
2024-04-03 21:28:53 -04:00
Donovan Glover
019603afc7
meta: Begin making system module customizable
These options are pretty important so it'd be cool to be able to change
them. Current strategy is to assume that configuration through the
module is preferred over overriding the NixOS option directly.
2024-04-03 09:44:57 -04:00
Donovan Glover
1f80607ca0
meta: Merge zram module with system
Self-explanatory since zram is system-related. Doesn't seem to affect
containers which is good.
2024-04-03 09:16:24 -04:00
Donovan Glover
13d98c2c9f
meta: Merge nix and systemd modules with system
These are simple enough configurations that have benefits across many
different systems.
2024-04-03 08:06:04 -04:00
Donovan Glover
85ead9e779
meta: Merge boot module with system
This seems like it could fit with the hardware module as well, however
time will tell if we're able to keep this in system when importing it
into containers and virtual machines.

Note that boot.loader.efi.canTouchEfiVariables gets set to true during
the nixos-install process, so it should be okay to keep here.
2024-04-03 07:43:43 -04:00
Donovan Glover
cc3991a38a
meta: Merge timezone and locale with system
Usually one would want to define all of these options at the same time,
so it doesn't make sense to require importing several different modules.

For values that aren't needed, users can either override the configuration
in their own module or use an option that has been written upstream for the
module.
2024-04-03 07:15:30 -04:00
Donovan Glover
1eb77fd467
modules: Add system 2023-06-22 11:54:12 -04:00