janezicmatej/matej.nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: extract some config into modules

Browse Source
This commit is contained in:
Matej Janezic
2026-02-21 03:16:16 +01:00
parent 507a138cde
commit cc96675ea3
5 changed files with 141 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
modules/nixos/desktop.nix Normal file
View File

@@ -0,0 +1,51 @@
{
lib,
config,
pkgs,
...
}:
{
options = {
desktop = {
enable = lib.mkEnableOption "base desktop environment";
};
};
config = lib.mkIf config.desktop.enable {
# Audio
services.pipewire = {
enable = true;
pulse.enable = true;
};
# Bluetooth
hardware.bluetooth.enable = true;
services.blueman.enable = true;
# Security
security.polkit.enable = true;
# D-Bus
services.dbus.enable = true;
# Player control
services.playerctld.enable = true;
# XDG Portals
xdg.portal = {
enable = true;
xdgOpenUsePortal = true;
extraPortals = [
pkgs.xdg-desktop-portal-wlr
pkgs.xdg-desktop-portal-gtk
];
};
# Fonts
fonts.packages = with pkgs; [
font-awesome
nerd-fonts.jetbrains-mono
maple-mono.NF
];
};
}

20
modules/nixos/gnupg.nix Normal file
View File

@@ -0,0 +1,20 @@
{
lib,
config,
...
}:
{
options = {
gnupg = {
enable = lib.mkEnableOption "GnuPG agent with SSH support";
};
};
config = lib.mkIf config.gnupg.enable {
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
enableExtraSocket = true;
};
};
}

30
modules/nixos/openssh.nix Normal file
View File

@@ -0,0 +1,30 @@
{
lib,
config,
...
}:
{
options = {
openssh = {
enable = lib.mkEnableOption "hardened SSH server";
port = lib.mkOption {
type = lib.types.port;
default = 22;
description = "SSH server port";
};
};
};
config = lib.mkIf config.openssh.enable {
services.openssh = {
enable = true;
ports = [ config.openssh.port ];
settings = {
PasswordAuthentication = false;
AllowUsers = null;
PermitRootLogin = "no";
StreamLocalBindUnlink = "yes";
};
};
};
}

21
modules/nixos/printing.nix Normal file
View File

@@ -0,0 +1,21 @@
{
lib,
config,
...
}:
{
options = {
printing = {
enable = lib.mkEnableOption "CUPS printing with Avahi discovery";
};
};
config = lib.mkIf config.printing.enable {
services.printing.enable = true;
services.avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
};
}

19
modules/nixos/zsh.nix Normal file
View File

@@ -0,0 +1,19 @@
{
lib,
config,
...
}:
{
options = {
zsh = {
enable = lib.mkEnableOption "zsh with ZDOTDIR in ~/.config/zsh";
};
};
config = lib.mkIf config.zsh.enable {
programs.zsh.enable = true;
environment.etc."zshenv".text = ''
export ZDOTDIR=$HOME/.config/zsh
'';
};
}