feat(nixos): Install docker

feat(nixos): Server bundle
feat(nixos): OpenSSH
2025-02-18 12:36:28 -08:00 · 2025-02-17 20:41:06 -08:00 · 2025-02-17 20:40:41 -08:00 · 2025-02-17 20:24:53 -08:00 · 2025-02-17 20:24:41 -08:00 · 2025-02-17 20:24:29 -08:00
12 changed files with 128 additions and 19 deletions
--- a/modules/home/bundles/desktop/default.nix
+++ b/modules/home/bundles/desktop/default.nix
@ -26,6 +26,7 @@ in {
      };

      services = {
+        docker = enabled;
        # syncthing = enabled;
      };
    };
--- a/modules/home/programs/gui/phpstorm/default.nix
+++ b/modules/home/programs/gui/phpstorm/default.nix
@ -9,6 +9,9 @@ in {
  options.marleyos.programs.phpstorm.enable = lib.mkEnableOption "phpstorm";

  config = lib.mkIf cfg.enable {
+    # JetBrains products are unfree.
+    nixpkgs.config.allowUnfree = lib.mkForce true;
+
    home.packages = with pkgs; [
      jetbrains.phpstorm
    ];
--- a/modules/nixos/base/boot/default.nix
+++ b/modules/nixos/base/boot/default.nix
@ -1,3 +1,8 @@
-{pkgs, ...}: {
-  boot.kernelPackages = pkgs.linuxPackages_xanmod;
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}: {
+  boot.kernelPackages = lib.mkIf (!config.marleyos.isServer) pkgs.linuxPackages_xanmod;
 }
--- a/modules/nixos/base/drivers/default.nix
+++ b/modules/nixos/base/drivers/default.nix
@ -1,17 +1,24 @@
-{pkgs, ...}: {
-  security.rtkit.enable = true; # Used for pulseaudio.
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}: {
+  config = lib.mkIf (!config.marleyos.isServer) {
+    security.rtkit.enable = true; # Used for pulseaudio.

-  services = {
-    pulseaudio.enable = false;
+    services = {
+      pulseaudio.enable = false;

-    pipewire = {
-      enable = true;
-      alsa.enable = true;
-      pulse.enable = true;
+      pipewire = {
+        enable = true;
+        alsa.enable = true;
+        pulse.enable = true;
+      };
+
+      printing.enable = true;
    };

-    printing.enable = true;
+    environment.systemPackages = [pkgs.pwvucontrol];
  };
-
-  environment.systemPackages = [pkgs.pwvucontrol];
 }
--- a/modules/nixos/base/i18n/default.nix
+++ b/modules/nixos/base/i18n/default.nix
@ -1,5 +1,9 @@
-_: {
-  time.timeZone = "America/Los_Angeles";
+{config, ...}: {
+  time.timeZone =
+    if config.marleyos.isServer
+    then "UTC"
+    else "America/Los_Angeles";
+
  i18n = {
    defaultLocale = "en_US.UTF-8";

--- a/modules/nixos/base/networking/default.nix
+++ b/modules/nixos/base/networking/default.nix
@ -1,3 +1,9 @@
-_: {
+{
+  lib,
+  config,
+  ...
+}: {
  networking.networkmanager.enable = true;
+
+  networking.wireless.enable = lib.mkIf config.marleyos.isServer false;
 }
--- a/modules/nixos/base/nix/default.nix
+++ b/modules/nixos/base/nix/default.nix
@ -3,6 +3,8 @@
    package = pkgs.lix;

    settings = {
+      experimental-features = ["nix-command" "flakes"];
+
      trusted-users = [
        "root"
        "@wheel"
--- a/modules/nixos/base/users/default.nix
+++ b/modules/nixos/base/users/default.nix
@ -1,10 +1,17 @@
-_: let
+{
+  lib,
+  config,
+  ...
+}: let
  my = {
    name = "marley";
    username = "punkfairie";
    fullName = "Marley Rae";
    email = "marley@punkfairie.net";
  };
+
+  desktopPass = "$y$j9T$ztWf9WeUCENC2T12qS4mi1$51ihV/5cQ8mdJJrNe7MMguk4hPB61S5xHawsfi.1hL3";
+  serverPass = "$y$j9T$8hA7OWZsdQMHqYIy8LkYQ1$hFeP2ak3QA4FtoIYIwqPg10//ZOSZrAw1PzJj0PuGSA";
 in {
  marleyos.my = {
    inherit (my) name username fullName email;
@ -16,8 +23,14 @@ in {
    users."${my.name}" = {
      isNormalUser = true;
      description = my.fullName;
-      extraGroups = ["networkmanager" "wheel"];
-      hashedPassword = "$y$j9T$ztWf9WeUCENC2T12qS4mi1$51ihV/5cQ8mdJJrNe7MMguk4hPB61S5xHawsfi.1hL3";
+      extraGroups =
+        ["wheel"]
+        ++ (lib.optional config.networking.networkmanager.enable "networkmanager")
+        ++ (lib.optional config.virtualisation.docker.enable "docker");
+      hashedPassword =
+        if config.marleyos.isServer
+        then serverPass
+        else desktopPass;
    };
  };

--- a/modules/nixos/bundles/server/default.nix
+++ b/modules/nixos/bundles/server/default.nix
@ -0,0 +1,30 @@
+{
+  lib,
+  config,
+  ...
+}: let
+  cfg = config.marleyos.bundles.server;
+
+  inherit (lib.marleyos) enabled;
+in {
+  options.marleyos.bundles.server.enable = lib.mkEnableOption "server";
+
+  config = lib.mkIf cfg.enable {
+    marleyos = {
+      appearance = {
+        base = enabled;
+        console = enabled;
+      };
+
+      programs = {
+        cli = enabled;
+        tui = enabled;
+      };
+
+      services = {
+        docker = enabled;
+        openssh = enabled;
+      };
+    };
+  };
+}
--- a/modules/nixos/options/isServer/default.nix
+++ b/modules/nixos/options/isServer/default.nix
@ -0,0 +1,7 @@
+{lib, ...}: {
+  options.marleyos.isServer = lib.mkOption {
+    type = with lib.types; bool;
+    default = false;
+    description = "Whether this machine is a server.";
+  };
+}
--- a/modules/nixos/services/docker/default.nix
+++ b/modules/nixos/services/docker/default.nix
@ -0,0 +1,13 @@
+{
+  lib,
+  config,
+  ...
+}: let
+  cfg = config.marleyos.services.docker;
+in {
+  options.marleyos.services.docker.enable = lib.mkEnableOption "docker";
+
+  config = lib.mkIf cfg.enable {
+    virtualisation.docker.enable = true;
+  };
+}
--- a/modules/nixos/services/openssh/default.nix
+++ b/modules/nixos/services/openssh/default.nix
@ -0,0 +1,18 @@
+{
+  lib,
+  config,
+  ...
+}: let
+  cfg = config.marleyos.services.openssh;
+in {
+  options.marleyos.services.openssh.enable = lib.mkEnableOption "openssh";
+
+  config = lib.mkIf cfg.enable {
+    services.openssh = {
+      enable = true;
+      settings = {
+        PermitRootLogin = "no";
+      };
+    };
+  };
+}
Author	SHA1	Message	Date
punkfairie	4b9f804378	feat(nixos): Install docker	2025-02-18 12:36:28 -08:00
punkfairie	a53544ced3	feat(nixos): Server bundle	2025-02-17 20:41:06 -08:00
punkfairie	8b184727e2	feat(nixos): OpenSSH	2025-02-17 20:40:41 -08:00
punkfairie	38975ba714	feat(nixos): Setup users for servers	2025-02-17 20:24:53 -08:00
punkfairie	bf7204f5b8	feat(nixos): Set experimental nix features	2025-02-17 20:24:41 -08:00
punkfairie	66ffad5ff2	feat(nixos): Disable WIFI on servers	2025-02-17 20:24:29 -08:00
punkfairie	862a6063d0	fix(nixos): Set timezone to UTC on servers	2025-02-17 20:24:12 -08:00
punkfairie	5d45bfd4b0	fix(nixos): Don't install audio/printing drivers on servers	2025-02-17 20:23:57 -08:00
punkfairie	e9cd013911	fix(nixos): Don't change kernel on servers	2025-02-17 20:23:36 -08:00
punkfairie	1a507c75a0	fix(home): Force allow unfree pkgs for PhpStorm	2025-02-17 20:23:17 -08:00
punkfairie	1e4014a2c1	feat(nixos): Add marleyos.isServer option	2025-02-17 20:00:29 -08:00