diff --git a/flake.nix b/flake.nix index bf01d1d..cecb1d8 100644 --- a/flake.nix +++ b/flake.nix @@ -14,7 +14,6 @@ # Unstable nixpkgs baby! nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; - # Lix, a faster nix fork. lix-module = { url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz"; diff --git a/hosts/hermit/configuration.nix b/hosts/hermit/configuration.nix index c1f8a9a..505ff00 100644 --- a/hosts/hermit/configuration.nix +++ b/hosts/hermit/configuration.nix @@ -20,6 +20,10 @@ printing.enable = true; }; + meta = { + users = ["vali"]; + # mainUser = "vali"; + }; modules = { system = { hardware = { @@ -43,6 +47,7 @@ eza.enable = true; firefox.enable = true; spotify.enable = true; + starship.enable = true; zellij.enable = true; terminals = { foot.enable = true; diff --git a/modules/options/system/module.nix b/modules/options/system/module.nix index 20f55d3..108b275 100644 --- a/modules/options/system/module.nix +++ b/modules/options/system/module.nix @@ -71,7 +71,9 @@ in { sound = { enable = mkEnableOption "sound related programs and audio-dependent programs"; }; - + impermanence = { + enable = mkEnableOption "Enable Impermanence"; + }; video = { enable = mkEnableOption "video drivers and programs that require a graphical user interface"; nvidia = mkEnableOption "Nvidia graphics drivers"; diff --git a/modules/programs/editors/emacs/module.nix b/modules/programs/editors/emacs/module.nix index 1ac52bc..14d46b5 100644 --- a/modules/programs/editors/emacs/module.nix +++ b/modules/programs/editors/emacs/module.nix @@ -22,6 +22,7 @@ .emacsWithPackages (epkgs: with epkgs; [ vterm + treesit-grammars.with-all-grammars ]); in { config = mkIf cfg.enable { diff --git a/modules/system/os/impermanence/module.nix b/modules/system/os/impermanence/module.nix index e81f674..6dd2df6 100644 --- a/modules/system/os/impermanence/module.nix +++ b/modules/system/os/impermanence/module.nix @@ -4,7 +4,7 @@ lib, ... }: let - inherit (lib) mkForce; + inherit (lib) mkIf mkForce; inherit (builtins) map; cfg = config.modules.system.impermanence; @@ -12,68 +12,70 @@ in { imports = [ inputs.impermanence.nixosModules.impermanence ]; - users = { - mutableUsers = true; + config = mkIf cfg.enable { users = { - cr = { - hashedPasswordFile = "/persist/passwords/cr"; + mutableUsers = true; + users = { + cr = { + hashedPasswordFile = "/persist/passwords/cr"; + }; + root.hashedPasswordFile = "/persist/passwords/root"; }; - root.hashedPasswordFile = "/persist/passwords/root"; }; - }; - environment.persistence."/persist" = { - hideMounts = true; - directories = [ - "/etc/nixos" - "/etc/nix" - "/etc/NetworkManager/system-connections" - "/var/db/sudo" - "/var/log" - "/var/lib/bluetooth" - "/var/lib/nixos" - "/var/lib/pipewire" - "/var/lib/systemd/coredump" + environment.persistence."/persist" = { + hideMounts = true; + directories = [ + "/etc/nixos" + "/etc/nix" + "/etc/NetworkManager/system-connections" + "/var/db/sudo" + "/var/log" + "/var/lib/bluetooth" + "/var/lib/nixos" + "/var/lib/pipewire" + "/var/lib/systemd/coredump" + ]; + + files = [ + "/etc/machine-id" + ]; + users.cr = { + directories = + [ + "cloud" + "repos" + ] + ++ map ( + dir: ".config/${dir}" + ) ["nicotine" "Signal" "Nextcloud" "emacs" "doom"] + ++ map ( + dir: ".cache/${dir}" + ) ["tealdeer" "keepassxc" "nix" "starship" "nix-index" "mozilla" "zsh" "nvim"] + ++ map ( + dir: ".local/share/${dir}" + ) ["direnv" "Steam" "TelegramDesktop" "PrismLauncher" "nicotine" "zoxide" ".ssh" ".keepass"]; + }; + }; + + # for some reason *this* is what makes networkmanager not get screwed completely instead of the impermanence module + systemd.tmpfiles.rules = [ + "L /var/lib/NetworkManager/secret_key - - - - /persist/var/lib/NetworkManager/secret_key" + "L /var/lib/NetworkManager/seen-bssids - - - - /persist/var/lib/NetworkManager/seen-bssids" + "L /var/lib/NetworkManager/timestamps - - - - /persist/var/lib/NetworkManager/timestamps" ]; - files = [ - "/etc/machine-id" + services.openssh.hostKeys = mkForce [ + { + bits = 4096; + path = "/persist/etc/ssh/ssh_host_rsa_key"; + type = "rsa"; + } + { + bits = 4096; + path = "/persist/etc/ssh/ssh_host_ed25519_key"; + type = "ed25519"; + } ]; - users.cr = { - directories = - [ - "cloud" - "repos" - ] - ++ map ( - dir: ".config/${dir}" - ) ["nicotine" "Signal" "Nextcloud" "emacs" "doom"] - ++ map ( - dir: ".cache/${dir}" - ) ["tealdeer" "keepassxc" "nix" "starship" "nix-index" "mozilla" "zsh" "nvim"] - ++ map ( - dir: ".local/share/${dir}" - ) ["direnv" "Steam" "TelegramDesktop" "PrismLauncher" "nicotine" "zoxide" ".ssh" ".keepass"]; - }; }; - - # for some reason *this* is what makes networkmanager not get screwed completely instead of the impermanence module - systemd.tmpfiles.rules = [ - "L /var/lib/NetworkManager/secret_key - - - - /persist/var/lib/NetworkManager/secret_key" - "L /var/lib/NetworkManager/seen-bssids - - - - /persist/var/lib/NetworkManager/seen-bssids" - "L /var/lib/NetworkManager/timestamps - - - - /persist/var/lib/NetworkManager/timestamps" - ]; - - services.openssh.hostKeys = mkForce [ - { - bits = 4096; - path = "/persist/etc/ssh/ssh_host_rsa_key"; - type = "rsa"; - } - { - bits = 4096; - path = "/persist/etc/ssh/ssh_host_ed25519_key"; - type = "ed25519"; - } - ]; }