diff options
| author | Mel <mel@rnrd.eu> | 2025-09-24 18:50:23 +0200 |
|---|---|---|
| committer | Mel <mel@rnrd.eu> | 2025-09-24 18:50:23 +0200 |
| commit | a58d7cec519ef4a5d8148ee8ab7d97053a1ccdb0 (patch) | |
| tree | c6d12e02927cf101426605aef32f0666f34e9f3b /roles/desktop.nix | |
| parent | 117d6afa0054123e71b2eb06c9d91482a2988fdc (diff) | |
| download | minerals-a58d7cec519ef4a5d8148ee8ab7d97053a1ccdb0.tar.zst minerals-a58d7cec519ef4a5d8148ee8ab7d97053a1ccdb0.zip | |
Define roles for the two 'mineral' types
Signed-off-by: Mel <mel@rnrd.eu>
Diffstat (limited to 'roles/desktop.nix')
| -rw-r--r-- | roles/desktop.nix | 140 |
1 files changed, 12 insertions, 128 deletions
diff --git a/roles/desktop.nix b/roles/desktop.nix index 838df28..8760da2 100644 --- a/roles/desktop.nix +++ b/roles/desktop.nix @@ -1,86 +1,37 @@ { - me, pkgs, auxiliaryPkgs, - unstablePkgs, ... }: -let - inherit (builtins) filter elem; - - filterUnsupportedPackages = - packages: filter (p: elem me.system (p.meta.platforms or [ me.system ])) packages; -in { imports = [ - ./nix.nix - ./user.nix - ./locale.nix - ./vim.nix - ./tmux.nix - ./gnome.nix - ./fonts.nix - ./flatpak.nix - ./libreoffice.nix - ./electronics.nix - ./hardware-keys.nix - ./nix-ld.nix + ../modules/common.nix + + ../modules/gnome.nix + ../modules/fonts.nix + ../modules/flatpak.nix + ../modules/libreoffice.nix + ../modules/electronics.nix + ../modules/hardware-keys.nix ]; - services.envfs.enable = true; - - virtualisation = { - libvirtd.enable = true; - docker.enable = true; - }; - - # fish enables this by default, - # it makes every nixos rebuild very slow. - documentation.man.generateCaches = false; - documentation = { - info.enable = true; - doc.enable = true; - dev.enable = true; - nixos = { - enable = true; - includeAllModules = true; - }; - }; - - networking.hostName = me.name; - # use corsac dns server - networking.nameservers = - let - corsacTailnet = "100.64.100.100"; - in - [ corsacTailnet ]; - - services.resolved.enable = true; - services = { - acpid.enable = true; sysprof.enable = true; tailscale = { enable = true; useRoutingFeatures = "both"; extraUpFlags = [ "--ssh" ]; }; - - # sometimes needed for gnupg - pcscd.enable = true; }; programs = { - # steam requires the i386 package set, which obviously does not work on ARM. # TODO: pull out gaming related configuration (like steam) into a seperate module. - # steam = { - # enable = true; - # remotePlay.openFirewall = true; - # }; + steam = { + enable = true; + remotePlay.openFirewall = true; + }; virt-manager.enable = true; - fish.enable = true; - git.enable = true; ghidra = { enable = true; @@ -95,12 +46,6 @@ in }; adb.enable = true; - - gnupg.agent = { - enable = true; - enableSSHSupport = true; - pinentryPackage = pkgs.pinentry-gnome3; - }; }; # on desktop machines (a.k.a. minerals) we only use tailscale ssh @@ -108,66 +53,5 @@ in # have to grab the ones tailscale uses. age.identityPaths = [ "/var/lib/tailscale/ssh/ssh_host_ed25519_key" ]; - # TODO: the filter already does some good work, but we need some way to - # pick out x86-only packages, so it is not as opaque as it currently is. - # (who knows if muse-sounds-manager is actually installed, for example?) - environment.systemPackages = (with pkgs; filterUnsupportedPackages [ - file unzip jq dig htop wget screen dive - gnupg pinentry-gnome3 age agenix minisign openssl cryptsetup pamtester - bitwarden-desktop bitwarden-cli - inetutils pciutils usbutils lshw lsof inxi iw pmutils acpi acpid - minicom miniserve netcat-gnu socat tcpdump nmap iftop iperf mtr arp-scan ethtool - sysprof wireshark seer mitmproxy hardinfo2 btrfs-assistant remmina trayscale - vlc celluloid foliate calibre - yt-dlp ffmpeg_7-full imagemagick handbrake mpv helvum - gimp3 krita mypaint aseprite rnote fontforge-gtk - blender inkscape obs-studio darktable davinci-resolve - orca-slicer - renderdoc - audacity musescore muse-sounds-manager reaper - # bitwigs bubblewrap configuration requires some non-ARM package sets. - # bitwig-studio - ungoogled-chromium librewolf lagrange - senpai signal-desktop alpaca newsflash - qemu_full virtiofsd - - openvpn openvpn3 update-resolv-conf - transmission_4-gtk fragments - - xorg.xeyes wl-clipboard - - ripgrep hyperfine parallel just fzf bat delta eza fd tokei didyoumean - universal-ctags compiledb graphviz - python3 uv ruff - nodejs_22 deno yarn - rustc rustup cargo rustfmt - go gopls delve go-task gotags golangci-lint - meson cmake gnumake ninja gdb gcc clang clang-tools - hare haredoc - jdk maven gradle - nil nixfmt-rfc-style - nixpkgs-review nixpkgs-fmt nixpkgs-lint-community - postgresql - helix alacritty ghostty - androidStudioPackages.dev - - winetricks bottles - scrcpy apfs-fuse nfs-utils - ubootTools dtc cloud-utils - borgbackup pika-backup - - prismlauncher xonotic - - man-pages man-pages-posix - ]) ++ (with unstablePkgs; [ - claude-code gemini-cli - ]) ++ (with auxiliaryPkgs; [ - # TODO: need fixes for 25.05 - # retroarch wine - - # TODO: ngfx (obviously) does not work on ARM, put it somewhere else - # ngfx - ]); - environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn"; } |