chore: continued refactor

2024-03-25 09:23:35 +11:00 · 2024-03-25 09:23:35 +11:00 · f7895a7b5a
commit f7895a7b5a
parent 17247bbb0d
6 changed files with 189 additions and 50 deletions
--- a/flake.nix
+++ b/flake.nix
@ -76,11 +76,11 @@
                ./nixos/modules/nixos
                ./nixos/hosts/${hostname}
              ]
-            , extraModules ? [ ]
+            , profileModules ? [ ]
            }:
            nixpkgs.lib.nixosSystem {
              inherit system;
-              modules = baseModules ++ hardwareModules ++ extraModules;
+              modules = baseModules ++ hardwareModules ++ profileModules;
              specialArgs = { inherit self inputs nixpkgs; };
            };
        in
@ -93,6 +93,10 @@
              ./nixos/profiles/hw-thinkpad-e14-amd.nix
              inputs.nixos-hardware.nixosModules.lenovo-thinkpad-e14-amd
            ];
+            profileModules = [
+              ./nixos/profiles/role-worstation.nix
+
+            ];
          };

          "citadel" = mkNixosConfig {
--- a/nixos/modules/nixos/system/nix.nix
+++ b/nixos/modules/nixos/system/nix.nix
@ -0,0 +1,81 @@
+{ lib
+, config
+, self
+, ...
+}:
+with lib;
+let
+  cfg = config.mySystem.nix;
+in
+{
+  options.mySystem.nix = {
+    autoOptimiseStore = mkOption
+      {
+        type = lib.types.bool;
+        description = "If we want to auto optimise store";
+        default = true;
+
+      };
+    gc = {
+      enabled = mkEnableOption "automatic garbage collection" // {
+        default = true;
+      };
+      persistent = mkOption
+        {
+          type = lib.types.bool;
+          description = "Persistent timer for gc, runs at startup if timer missed";
+          default = true;
+
+        };
+    };
+
+  };
+
+  nix = {
+    settings = {
+      # Enable flakes
+      experimental-features = [
+        "nix-command"
+        "flakes"
+      ];
+
+      # Substitutions
+      trusted-substituters = [
+        "https://nix-community.cachix.org"
+        "https://numtide.cachix.org"
+      ];
+
+      trusted-public-keys = [
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+        "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
+      ];
+
+      # Fallback quickly if substituters are not available.
+      connect-timeout = 5;
+      # Avoid copying unnecessary stuff over SSH
+      builders-use-substitutes = true;
+
+
+      trusted-users = [ "root" "@wheel" ];
+
+      warn-dirty = false;
+
+      # The default at 10 is rarely enough.
+      log-lines = lib.mkDefault 25;
+
+    };
+
+    optimise.automatic = cfg.autoOptimiseStore;
+
+    # automatically garbage collect nix store
+    gc = mkIf cfg.gc.enabled {
+      # garbage collection
+      automatic = cfg.gc.enabled;
+      options = "--delete-older-than 30d";
+      persistent = cfg.gc.persistent;
+    };
+
+  };
+
+
+}
--- a/nixos/profiles/global.nix
+++ b/nixos/profiles/global.nix
@ -2,10 +2,18 @@

 with lib;
 {
+  # NOTE
+  # Some 'global' areas have defaults set in their respective modules.
+  # These will be applied when the modules are loaded
+  # Not the global role.
+  # Not sure at this point a good way to manage globals in one place
+  # without mono-repo config.
+
  # Generated by nixos-config-generate
  imports =
    [
      (modulesPath + "/installer/scan/not-detected.nix")
+      ./global/nix.nix
    ];

  mySystem = {
@ -20,52 +28,6 @@ with lib;
  };

  # TODO refactor this shit out wow
-  nix = {
-    settings = {
-      trusted-substituters = [
-        "https://nix-community.cachix.org"
-        "https://numtide.cachix.org"
-      ];
-
-      trusted-public-keys = [
-        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
-        "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
-      ];
-
-      trusted-users = [ "root" "@wheel" ];
-
-      # hardlink duplicates of builds
-      auto-optimise-store = lib.mkDefault true;
-
-
-
-      # Fallback quickly if substituters are not available.
-      connect-timeout = 5;
-
-      # Enable flakes
-      experimental-features = [
-        "nix-command"
-        "flakes"
-      ];
-
-      warn-dirty = false;
-
-      # The default at 10 is rarely enough.
-      log-lines = lib.mkDefault 25;
-
-      # Avoid copying unnecessary stuff over SSH
-      builders-use-substitutes = true;
-    };
-
-    # automatically garbage collect nix store
-    gc = {
-      # garbage collection
-      automatic = true;
-      options = "--delete-older-than 30d";
-      persistent = true;
-    };
-
-  };

  # SOPS settings
  # https://github.com/Mic92/sops-nix
--- a/nixos/profiles/global/nix.nix
+++ b/nixos/profiles/global/nix.nix
@ -0,0 +1,84 @@
+{ lib, ... }:
+{
+  nix = {
+    nix = {
+      settings = {
+        # Enable flakes
+        experimental-features = [
+          "nix-command"
+          "flakes"
+        ];
+
+        # Substitutions
+        trusted-substituters = [
+          "https://nix-community.cachix.org"
+          "https://numtide.cachix.org"
+        ];
+
+        trusted-public-keys = [
+          "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+          "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
+        ];
+
+        # Fallback quickly if substituters are not available.
+        connect-timeout = 5;
+        # Avoid copying unnecessary stuff over SSH
+        builders-use-substitutes = true;
+
+
+        trusted-users = [ "root" "@wheel" ];
+
+        warn-dirty = false;
+
+        # The default at 10 is rarely enough.
+        log-lines = lib.mkDefault 25;
+
+      };
+
+    };
+
+    settings = {
+      # Enable flakes
+      experimental-features = [
+        "nix-command"
+        "flakes"
+      ];
+
+      # Substitutions
+      trusted-substituters = [
+        "https://nix-community.cachix.org"
+        "https://numtide.cachix.org"
+      ];
+
+      trusted-public-keys = [
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+        "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
+      ];
+
+      # Fallback quickly if substituters are not available.
+      connect-timeout = 5;
+      # Avoid copying unnecessary stuff over SSH
+      builders-use-substitutes = true;
+
+
+      trusted-users = [ "root" "@wheel" ];
+
+      warn-dirty = false;
+
+      # The default at 10 is rarely enough.
+      log-lines = lib.mkDefault 25;
+
+    };
+
+    optimise.automatic = cfg.autoOptimiseStore;
+
+    # automatically garbage collect nix store
+    gc = mkIf cfg.gc.enabled {
+      # garbage collection
+      automatic = cfg.gc.enabled;
+      options = "--delete-older-than 30d";
+      persistent = cfg.gc.persistent;
+    };
+
+  };
+}
--- a/nixos/profiles/hw-thinkpad-e14-amd.nix
+++ b/nixos/profiles/hw-thinkpad-e14-amd.nix
@ -11,10 +11,13 @@ with lib;
    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
+      # why not ensure we can memtest workstatons easily?
+      grub.memtest86.enable = true;
+
    };
  };

-  # set xserver videodrivers if used
+  # set xserver videodrivers for amp gpu
  services.xserver.videoDrivers = [ "amdgpu" ];

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
--- a/nixos/profiles/role-worstation.nix
+++ b/nixos/profiles/role-worstation.nix
@ -18,8 +18,13 @@ with lib;
    min-free = lib.mkDefault (128 * 1000 * 1000);
  };

+  # set xserver videodrivers if used
+  services.xserver.enable = true;

-
+  # Laptop so ill likely use wireles
+  # very likely to be set by GUI packages but lets
+  # be declarative.
+  networking.networkmanager.enable = true;


 }