configuration.nix/system/default.nix

{ stylix }:
{
  config,
  pkgs,
  lib,
  ...
}:
let
  cfg = config.jconfig;
  keysFromGithub = lib.attrsets.mapAttrs' (username: sha256: {
    name = "pubkeys/${username}";
    value = {
      mode = "0755";
      source = builtins.fetchurl {
        inherit sha256;
        url = "https://github.com/${username}.keys";
      };
    };
  }) cfg.importSSHKeysFromGithub;
in
{
  imports = [
    ./options.nix
    ./gui
    stylix.nixosModules.stylix
    { stylix = import ./stylix-config.nix { inherit config pkgs; }; }
  ];

  config = lib.mkIf cfg.enable (
    lib.mkMerge [
      {
        boot.plymouth = {
          inherit (cfg.styling) enable;
        };

        # Enable unlocking the gpg-agent at boot (configured through home.nix)
        security.pam.services.login.gnupg.enable = true;

        environment.systemPackages = [
          # CLI tools
          pkgs.fd
          pkgs.bat
          pkgs.skim
          pkgs.ripgrep
          pkgs.du-dust
          pkgs.curl
          pkgs.wget
          pkgs.eza
          pkgs.zip
          pkgs.unzip
        ];

        # Enable dev documentation
        documentation.dev = {
          inherit (cfg.dev) enable;
        };
        programs = {
          # Shell prompt
          starship = {
            enable = true;
            settings = {
              format = "$time$all";
              add_newline = false;
              cmd_duration.min_time = 500;
              cmd_duration.show_milliseconds = true;
              time = {
                format = "[$time](bold yellow) ";
                disabled = false;
              };
              status = {
                format = "[$signal_name$common_meaning$maybe_int](red)";
                symbol = "[✗](bold red)";
                disabled = false;
              };
              sudo.disabled = false;
            };
          };
          # Default shell
          zsh.enable = true;
        };

        environment.etc = keysFromGithub;
        services = {
          # Enable printer autodiscovery if printing is enabled
          avahi = {
            inherit (config.services.printing) enable;
            nssmdns4 = true;
            openFirewall = true;
          };
          openssh.authorizedKeysFiles = builtins.map (path: "/etc/${path}") (
            builtins.attrNames keysFromGithub
          );
        };
        users.defaultUserShell = pkgs.zsh;
        # Open ports for spotifyd
        networking.firewall = {
          allowedUDPPorts = [ 5353 ];
          allowedTCPPorts = [ 2020 ];
        };
        # Nix Settings
        nix = {
          gc = {
            automatic = true;
            dates = "weekly";
            options = "--delete-older-than 30d";
            # run between 0 and 45min after boot if run was missed
            randomizedDelaySec = "45min";
          };
          settings = {
            use-xdg-base-directories = true;
            auto-optimise-store = true;
            experimental-features = [
              "nix-command"
              "flakes"
            ];
          };
        };
      }
      # dev configuration
      (lib.mkIf cfg.dev.enable {
        users.extraUsers = lib.mkIf cfg.dev.jupyter.enable { jupyter.group = "jupyter"; };
        services.jupyter = {
          inherit (cfg.dev.jupyter) enable;
          group = "jupyter";
          user = "jupyter";
        };
      })
    ]
  );
}
[fix] fmt: change formatter to nixfmt-rfc-style Alejandra has ads and splits files into too many new lines. 2024-07-03 23:58:26 +02:00			`{ stylix }:`
			`{`
fix: Format according to nixfmt-rfc-style 2024-04-05 11:55:35 +02:00			`config,`
			`pkgs,`
			`lib,`
			`...`
[fix] fmt: change formatter to nixfmt-rfc-style Alejandra has ads and splits files into too many new lines. 2024-07-03 23:58:26 +02:00			`}:`
			`let`
feat: Initial commit 2024-01-14 17:33:16 +01:00			`cfg = config.jconfig;`
[fix] fmt: change formatter to nixfmt-rfc-style Alejandra has ads and splits files into too many new lines. 2024-07-03 23:58:26 +02:00			`keysFromGithub = lib.attrsets.mapAttrs' (username: sha256: {`
			`name = "pubkeys/${username}";`
			`value = {`
			`mode = "0755";`
			`source = builtins.fetchurl {`
			`inherit sha256;`
			`url = "https://github.com/${username}.keys";`
fixup! fix(openssh): Actually set pub keys from github 2024-01-31 18:06:40 +01:00			`};`
[fix] fmt: change formatter to nixfmt-rfc-style Alejandra has ads and splits files into too many new lines. 2024-07-03 23:58:26 +02:00			`};`
			`}) cfg.importSSHKeysFromGithub;`
			`in`
			`{`
fix: Many many infinite recursion errors 2024-01-15 12:42:01 +01:00			`imports = [`
			`./options.nix`
			`./gui`
			`stylix.nixosModules.stylix`
[fix] fmt: change formatter to nixfmt-rfc-style Alejandra has ads and splits files into too many new lines. 2024-07-03 23:58:26 +02:00			`{ stylix = import ./stylix-config.nix { inherit config pkgs; }; }`
fix: Many many infinite recursion errors 2024-01-15 12:42:01 +01:00			`];`
feat: Initial commit 2024-01-14 17:33:16 +01:00
fix(system): properly configure jupyter 2024-10-15 22:32:59 +02:00			`config = lib.mkIf cfg.enable (`
			`lib.mkMerge [`
			`{`
			`boot.plymouth = {`
			`inherit (cfg.styling) enable;`
			`};`
feat: Initial commit 2024-01-14 17:33:16 +01:00
fix(system): properly configure jupyter 2024-10-15 22:32:59 +02:00			`# Enable unlocking the gpg-agent at boot (configured through home.nix)`
			`security.pam.services.login.gnupg.enable = true;`
feat: Initial commit 2024-01-14 17:33:16 +01:00
fix(system): properly configure jupyter 2024-10-15 22:32:59 +02:00			`environment.systemPackages = [`
			`# CLI tools`
			`pkgs.fd`
			`pkgs.bat`
			`pkgs.skim`
			`pkgs.ripgrep`
			`pkgs.du-dust`
			`pkgs.curl`
			`pkgs.wget`
			`pkgs.eza`
			`pkgs.zip`
			`pkgs.unzip`
			`];`
feat: Initial commit 2024-01-14 17:33:16 +01:00
fix(system): properly configure jupyter 2024-10-15 22:32:59 +02:00			`# Enable dev documentation`
			`documentation.dev = {`
			`inherit (cfg.dev) enable;`
			`};`
			`programs = {`
			`# Shell prompt`
			`starship = {`
			`enable = true;`
			`settings = {`
			`format = "$time$all";`
			`add_newline = false;`
			`cmd_duration.min_time = 500;`
			`cmd_duration.show_milliseconds = true;`
			`time = {`
			`format = "[$time](bold yellow) ";`
			`disabled = false;`
			`};`
			`status = {`
			`format = "[$signal_name$common_meaning$maybe_int](red)";`
			`symbol = "[✗](bold red)";`
			`disabled = false;`
			`};`
			`sudo.disabled = false;`
			`};`
[fix] *.nix: statix checks 2024-05-17 18:50:01 +02:00			`};`
fix(system): properly configure jupyter 2024-10-15 22:32:59 +02:00			`# Default shell`
			`zsh.enable = true;`
[fix] *.nix: statix checks 2024-05-17 18:50:01 +02:00			`};`
feat(nixos): Add option to fetch ssh keys from github 2024-01-15 22:19:06 +01:00
fix(system): properly configure jupyter 2024-10-15 22:32:59 +02:00			`environment.etc = keysFromGithub;`
			`services = {`
			`# Enable printer autodiscovery if printing is enabled`
			`avahi = {`
			`inherit (config.services.printing) enable;`
			`nssmdns4 = true;`
			`openFirewall = true;`
			`};`
			`openssh.authorizedKeysFiles = builtins.map (path: "/etc/${path}") (`
			`builtins.attrNames keysFromGithub`
			`);`
			`};`
			`users.defaultUserShell = pkgs.zsh;`
			`# Open ports for spotifyd`
			`networking.firewall = {`
			`allowedUDPPorts = [ 5353 ];`
			`allowedTCPPorts = [ 2020 ];`
			`};`
			`# Nix Settings`
			`nix = {`
			`gc = {`
			`automatic = true;`
			`dates = "weekly";`
			`options = "--delete-older-than 30d";`
			`# run between 0 and 45min after boot if run was missed`
			`randomizedDelaySec = "45min";`
			`};`
			`settings = {`
			`use-xdg-base-directories = true;`
			`auto-optimise-store = true;`
			`experimental-features = [`
			`"nix-command"`
			`"flakes"`
			`];`
			`};`
			`};`
			`}`
			`# dev configuration`
			`(lib.mkIf cfg.dev.enable {`
			`users.extraUsers = lib.mkIf cfg.dev.jupyter.enable { jupyter.group = "jupyter"; };`
			`services.jupyter = {`
			`inherit (cfg.dev.jupyter) enable;`
			`group = "jupyter";`
			`user = "jupyter";`
			`};`
			`})`
			`]`
			`);`
feat: Initial commit 2024-01-14 17:33:16 +01:00			`}`