made some progress

2025-07-23 16:12:13 +02:00 · 2025-07-23 16:12:13 +02:00 · 21f6f37911
commit 21f6f37911
parent c8f6c4d818
35 changed files with 1176 additions and 44 deletions
--- a/modules/nixos/boot/default.nix
+++ b/modules/nixos/boot/default.nix
@ -0,0 +1,81 @@
+{ lib, namespace, config, ... }:
+let
+  inherit (lib) mkIf mkMerge mkDefault mkEnableOption;
+  inherit (lib.types) enum;
+
+  cfg = config.${namespace}.boot;
+in
+{
+  config.${namespace}.boot = {
+    type = mkOption {
+      type = enum [ "bios" "uefi" ];
+      default = "uefi";
+    };
+
+    quiet = mkOption {
+      type = bool;
+      default = false;
+    };
+
+    animated = mkOption {
+      type = bool;
+      default = false;
+    };
+  };
+
+  config = mkMerge [
+    ({
+      boot.loader.grub.enable = mkDefault true;
+    })
+
+    (mkIf cfg.type == "bios" {
+      boot.loader.grub.efiSupport = false;
+    })
+
+    (mkIf cfg.type == "uefi" {
+      boot.loader = {
+        efi.canTouchEfiVariables = true;
+        grub = {
+          efiSupport = true;
+          efiInstallAsRemovable = mkDefault false;
+          device = "nodev"; # INFO: https://discourse.nixos.org/t/question-about-grub-and-nodev
+        };
+      };
+    })
+
+    (mkIf cfg.quiet {
+      boot = {
+        consoleLogLevel = 0;
+
+        initrd = {
+          systemd.enable = true;
+          verbose = false;
+        };
+
+        kernelParams = [ 
+          "quiet"
+          "loglevel=3"
+          "systemd.show_status=auto"
+          "udev.log_level=3"
+          "rd.udev.log_level=3"
+          "vt.global_cursor_default=0"
+        ];
+
+        loader.timeout = mkDefault 0;
+      };
+    })
+
+    (mkIf cfg.animated {
+      boot.plymouth = {
+        enable = true;
+        
+        theme = mkDefault "pixels";
+        themePackages = with pkgs; [
+          (adi1090x-plymouth-themes.override {
+            selected_themes = [ "pixels" ];
+          })
+        ];
+      };
+    })
+  ];
+}
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -0,0 +1,42 @@
+{ config, lib, pkgs, ... }:
+let
+  inherit (lib) mkOption mkMerge attrNames filterAttrs;
+  inherit (lib.types) nullOr enum;
+
+  cfg = config.${namespace};
+in
+{
+  options.${namespace} = {
+    preset = mkOption {
+      type = nullOr enum [ "server" "desktop" ];
+      default = null;
+      example = "desktop";
+      description = "Which defaults profile to start with";
+    };
+  };
+
+  config = mkMerge [
+    (mkIf cfg.preset == "desktop" {
+      "${namespace}" = mkDefault {
+        hardware.has = {
+          audio = true;
+        };
+
+        boot = {
+          quiet = true;
+          animated = true;
+        };
+        
+        desktop.use = "kde";
+      };
+    })
+
+    (mkIf cfg.preset == "desktop" {
+      "${namespace}" = mkDefault {
+        services = {
+          ssh.enable = true;
+        };
+      };
+    })
+  ];
+}
--- a/modules/nixos/desktop/default.nix
+++ b/modules/nixos/desktop/default.nix
@ -0,0 +1,37 @@
+{ lib, config, namespace, ... }:let
+  inherit (lib) mkOption mkMerge attrNames filterAttrs;
+  inherit (lib.types) nullOr enum bool;
+
+  cfg = config.${namespace}.desktop;
+in
+{
+  options.${namespace}.desktop = {
+    use = mkOption {
+      type = nullOr enum (attrNames (filterAttrs (n: type == "directory") (readDir ./.)));
+      default = null;
+      example = "plasma";
+      description = "Which desktop to enable";
+    };
+
+    autoLogin = mkOption {
+      type = bool;
+      default = false;
+      example = true;
+      description = "Enable plasma's auto login feature.";
+    };
+  };
+
+  config = mkMerge [
+    (mkIf cfg.desktop != null {
+      "${namespace}".desktop.${cfg.use}.enable = true;
+
+      services.displayManager = {
+        enable = true;
+        
+        autoLogin = mkIf cfg.autoLogin {
+          enable = true;
+        };
+      };
+    })
+  ];
+}
--- a/modules/nixos/desktop/gamescope/default.nix
+++ b/modules/nixos/desktop/gamescope/default.nix
@ -0,0 +1,27 @@
+{ lib, config, namespace, inputs, ... }:let
+  inherit (lib) mkEnableOption;
+
+  cfg = config.${namespace}.desktop.gamescope;
+in
+{
+  imports = [ inputs.jovian.nixosModules.default ];
+
+  options.${namespace}.desktop.gamescope = {
+    enable = mkEnableOption "Enable Steamdeck ui";
+  };
+
+  config = mkIf cfg.enable {
+    "${namespace}".desktop.kde.enable = true;
+
+    jovian = {
+      steam = {
+        enable = true;
+        autoStart = true;
+        user = "chris";
+        updater.splash = "steamos";
+        desktopSession = "plasma";
+      };
+      steamos.useSteamOSConfig = true;
+    };
+  };
+}
--- a/modules/nixos/desktop/gnome/default.nix
+++ b/modules/nixos/desktop/gnome/default.nix
@ -0,0 +1,14 @@
+{ lib, config, namespace, ... }:let
+  inherit (lib) mkEnableOption mkOption;
+  inherit (lib.types) bool;
+
+  cfg = config.${namespace}.desktop.gnome;
+in
+{
+  options.${namespace}.desktop.gnome = {
+    enable = mkEnableOption "Enable Gnome";
+  };
+
+  config = mkIf cfg.enable {
+  };
+}
--- a/modules/nixos/desktop/plasma/default.nix
+++ b/modules/nixos/desktop/plasma/default.nix
@ -0,0 +1,30 @@
+{ lib, config, namespace, ... }:let
+  inherit (lib) mkEnableOption mkOption;
+  inherit (lib.types) bool;
+
+  cfg = config.${namespace}.desktop.plasma;
+in
+{
+  options.${namespace}.desktop.plasma = {
+    enable = mkEnableOption "Enable KDE Plasma";
+  };
+
+  config = mkIf cfg.enable {
+    environment.plasma6.excludePackages = with pkgs.kdePackages; [ konsole kate ghostwriter oxygen ];
+    environment.sessionVariables.NIXOS_OZONE_WL = "1";
+
+    services = {
+      xserver.enable = false;
+
+      desktopManager.plasma6.enable = true;
+
+      displayManager = {
+        defaultSession = "plasma";
+        sddm = {
+          enable = true;
+          wayland.enable = true;
+        };
+      };
+    };
+  };
+}
--- a/modules/nixos/hardware/audio/default.nix
+++ b/modules/nixos/hardware/audio/default.nix
@ -0,0 +1,30 @@
+{ pkgs, lib, namespace, config, ... }:
+let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.${namespace}.hardware.has.audio;
+in
+{
+  config.${namespace}.hardware.has.audio = mkEnableOption "Enable bluetooth";
+
+  config = mkIf cfg {
+    environment.systemPackages = with pkgs; [
+      sof-firmware
+    ];
+
+    # https://wiki.nixos.org/wiki/PipeWire
+    security.rtkit.enable = true;
+
+    services.pulseaudio.enable = false;
+    services.pipewire = {
+      enable = true;
+      wireplumber.enable = true;
+      pulse.enable = true;
+
+      alsa = {
+        enable = true;
+        support32Bit = true;
+      };
+    };
+  };
+}
--- a/modules/nixos/hardware/bluetooth/default.nix
+++ b/modules/nixos/hardware/bluetooth/default.nix
@ -0,0 +1,25 @@
+{ lib, namespace, config, ... }:
+let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.${namespace}.hardware.has.bluetooth;
+in
+{
+  config.${namespace}.hardware.has.bluetooth = mkEnableOption "Enable bluetooth";
+
+  config = mkIf cfg {
+    hardware.bluetooth = {
+      enable = true;
+      powerOnBoot = true;
+    };
+
+    services.pipewire.wireplumber.extraConfig.bluetoothEnhancements = {
+      "monitor.bluez.properties" = {
+        "bluez5.enable-sbc-xq" = true;
+        "bluez5.enable-msbc" = true;
+        "bluez5.enable-hw-volume" = true;
+        "bluez5.roles" = [ "hsp_hs" "hsp_ag" "hfp_hf" "hfp_ag" ];
+      };
+    };
+  };
+}
--- a/modules/nixos/hardware/gpu/amd.nix
+++ b/modules/nixos/hardware/gpu/amd.nix
@ -0,0 +1,29 @@
+{ pkgs, lib, namespace, config, ... }:
+let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.${namespace}.hardware.has.gpu.amd;
+in
+{
+  config.${namespace}.hardware.has.gpu.amd = mkEnableOption "Enable AMD gpu configuration";
+
+  config = mkIf cfg {
+    services.xserver.videoDrivers = [ "amd" ];
+
+    hardware = {
+      graphics = {
+        enable = true;
+        enable32Bit = true;
+      };
+
+      amdgpu = {
+        amdvlk = {
+          enable = true;
+          support32Bit.enable = true;
+        };
+
+        initrd.enable = true;
+      };
+    };
+  };
+}
--- a/modules/nixos/hardware/gpu/nvidia.nix
+++ b/modules/nixos/hardware/gpu/nvidia.nix
@ -0,0 +1,31 @@
+{ pkgs, lib, namespace, config, ... }:
+let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.${namespace}.hardware.has.gpu.nvidia;
+in
+{
+  config.${namespace}.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration";
+
+  config = mkIf cfg {
+    services.xserver.videoDrivers = [ "nvidia" ];
+
+    hardware = {
+      graphics = {
+        enable = true;
+        enable32Bit = true;
+      };
+
+      nvidia = {
+        modesetting.enable = true;
+        open = false;
+        nvidiaSettings = true;
+
+        powerManagement = {
+          enable = true;
+          finegrained = false;
+        };
+      };
+    };
+  };
+}
--- a/modules/nixos/nix/default.nix
+++ b/modules/nixos/nix/default.nix
@ -0,0 +1,42 @@
+{ pkgs, lib, namespace, config, ... }:
+let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.${namespace}.nix;
+in
+{
+  config.${namespace}.nix = {
+    enable = mkEnableOption "Enable nix command";
+  };
+
+  config = mkIf cfg.enable {
+    programs.git.enable = true;
+
+    nix = {
+      package = pkgs.nixVersions.latest;
+
+      settings = {
+        experimental-features = [ "nix-command" "flakes" ];
+        allowed-users = [ "@wheel" ];
+        trusted-users = [ "@wheel" ];
+
+        auto-optimise-store = true;
+        connect-timeout = 5;
+        http-connections = 50;
+        log-lines = 50; # more log lines in case of error
+        min-free = 1 * (1024 * 1024 * 1024); # GiB # start garbage collector
+        max-free = 50 * (1024 * 1024 * 1024); # GiB # until
+        warn-dirty = false;
+      };
+
+      gc = {
+        automatic = true;
+        dates = "monthly";
+        options = "--delete-older-than 45d";
+      };
+
+      # disable nix-channel, we use flakes instead.
+      channel.enable = false;
+    };
+  };
+}
--- a/modules/nixos/services/media/default.nix
+++ b/modules/nixos/services/media/default.nix
@ -0,0 +1,153 @@
+{ lib, namespace, config, ... }:
+let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.${namespace}.services.media;
+in
+{
+  config.${namespace}.services.media = {
+    enable = mkEnableOption "Enable media services";
+  };
+
+  config = mkIf cfg.enable {
+    #=========================================================================
+    # Dependencies
+    #=========================================================================
+    environment.systemPackages = with pkgs; [
+      podman-tui
+      jellyfin
+      jellyfin-web
+      jellyfin-ffmpeg
+      jellyseerr
+      mediainfo
+      id3v2
+      yt-dlp
+    ];
+    
+    # need to permit these outdated packages until servarr finally upgrades at some point...
+    permittedInsecurePackages = [
+      "dotnet-sdk-6.0.428"
+      "aspnetcore-runtime-6.0.36"
+    ];
+
+    #=========================================================================
+    # Prepare system
+    #=========================================================================
+    users = {
+      users.${user} = {
+        isSystemUser = true;
+        group = group;
+      };
+      groups.${group} = {};
+    };
+
+    systemd.tmpfiles.rules = [
+      "d '${directory}/series' 0700 ${user} ${group} - -"
+      "d '${directory}/movies' 0700 ${user} ${group} - -"
+      "d '${directory}/music' 0700 ${user} ${group} - -"
+      "d '${directory}/qbittorrent' 0700 ${user} ${group} - -"
+      "d '${directory}/sabnzbd' 0700 ${user} ${group} - -"
+      "d '${directory}/reiverr/config' 0700 ${user} ${group} - -"
+      "d '${directory}/downloads/incomplete' 0700 ${user} ${group} - -"
+      "d '${directory}/downloads/done' 0700 ${user} ${group} - -"
+    ];
+
+    #=========================================================================
+    # Services
+    #=========================================================================
+    services = let
+      serviceConf = {
+        enable = true;
+        openFirewall = true;
+        user = user;
+        group = group;
+      };
+    in {
+      jellyfin = serviceConf;
+      radarr = serviceConf;
+      sonarr = serviceConf;
+      bazarr = serviceConf;
+      lidarr = serviceConf;
+
+      lanraragi = {
+        enable = true;
+        port = 6969;
+      };
+
+      jellyseerr = {
+        enable = true;
+        openFirewall = true;
+      };
+
+      prowlarr = {
+        enable = true;
+        openFirewall = true;
+      };
+
+      qbittorrent = {
+        enable = true;
+        openFirewall = true;
+        dataDir = "${directory}/qbittorrent";
+        port = 5000;
+
+        user = user;
+        group = group;
+      };
+
+      sabnzbd = {
+        enable = true;
+        openFirewall = true;
+        configFile = "${directory}/sabnzbd/config.ini";
+
+        user = user;
+        group = group;
+      };
+    };
+
+    systemd.services.jellyfin.serviceConfig.killSignal = lib.mkForce "SIGKILL";
+
+    modules.virtualisation.podman.enable = true;
+
+    virtualisation = {
+      oci-containers = {
+        backend = "podman";
+
+        containers = {
+          flaresolverr = {
+            image = "flaresolverr/flaresolverr";
+            autoStart = true;
+            ports = [ "127.0.0.1:8191:8191" ];
+          };
+
+          reiverr = {
+            image = "ghcr.io/aleksilassila/reiverr:v2.2.0";
+            autoStart = true;
+            ports = [ "127.0.0.1:9494:9494" ];
+            volumes = [ "${directory}/reiverr/config:/config" ];
+          };
+        };
+      };
+    };
+
+    #=========================================================================
+    # Hosting
+    #=========================================================================
+    services = {
+      caddy = {
+        enable = true;
+        virtualHosts = {
+          "media.kruining.eu".extraConfig = ''
+            import auth
+
+            reverse_proxy http://127.0.0.1:9494
+          '';
+          "jellyfin.kruining.eu".extraConfig = ''
+            reverse_proxy http://127.0.0.1:8096
+          '';
+        };
+      };
+    };
+
+    networking.firewall.allowedTCPPorts = [ 80 443 6969 ];
+  };
+}