Merge linux base modules
This commit is contained in:
parent
27220d0c9b
commit
416247800a
|
@ -1,8 +1,54 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{ config, lib, pkgs, inputs, ... }@attrs:
|
||||
with lib; {
|
||||
|
||||
config = {
|
||||
config = mkMerge [
|
||||
(mkIf pkgs.stdenv.isLinux {
|
||||
zramSwap = mkIf config.nathan.services.zramSwap {
|
||||
enable = true;
|
||||
algorithm = "lz4";
|
||||
memoryPercent = 25;
|
||||
};
|
||||
nix = mkIf config.nathan.config.nix.autoGC {
|
||||
settings.auto-optimise-store = true;
|
||||
};
|
||||
})
|
||||
(mkIf config.nathan.config.harden
|
||||
(import "${inputs.nixpkgs}/nixos/modules/profiles/hardened.nix" attrs))
|
||||
(mkIf config.nathan.config.harden {
|
||||
boot.kernelPackages = pkgs.linuxPackages_5_18_hardened;
|
||||
security = {
|
||||
allowSimultaneousMultithreading = true;
|
||||
unprivilegedUsernsClone = true;
|
||||
};
|
||||
})
|
||||
(mkIf ((!config.nathan.config.harden) && config.nathan.config.isDesktop) {
|
||||
# Use the zen kernel with muqss turned on
|
||||
boot.kernelPackages =
|
||||
let unstable = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system};
|
||||
in unstable.linuxKernel.packages.linux_lqx;
|
||||
})
|
||||
(mkIf config.nathan.config.isDesktop {
|
||||
# Setup frequency scaling
|
||||
powerManagement = {
|
||||
enable = true;
|
||||
cpuFreqGovernor = "schedutil";
|
||||
};
|
||||
})
|
||||
(mkIf (config.nathan.config.nix.autoUpdate && pkgs.stdenv.isLinux) {
|
||||
# Auto update daily at 2 am
|
||||
system.autoUpgrade = {
|
||||
enable = true;
|
||||
allowReboot = true;
|
||||
# Update from the flake
|
||||
flake = "git+https://git.stranger.systems/nix/System";
|
||||
# Attempt to update daily at 2AM
|
||||
dates = lib.mkDefault "2:00";
|
||||
};
|
||||
})
|
||||
# Systemd user service cludge
|
||||
{
|
||||
systemd.user.extraConfig = ''
|
||||
DefaultEnvironment="PATH=/run/current-system/sw/bin:/etc/profiles/per-user/${config.nathan.config.user}/bin"
|
||||
'';
|
||||
nix = mkIf config.nathan.config.nix.autoGC {
|
||||
gc = {
|
||||
automatic = true;
|
||||
|
@ -10,5 +56,7 @@ with lib; {
|
|||
options = "--delete-older-than 7d";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -25,7 +25,6 @@ in {
|
|||
./services/matrix.nix
|
||||
./services/ipfs.nix
|
||||
./services/resolved.nix
|
||||
./linux/base.nix
|
||||
];
|
||||
|
||||
options = with lib;
|
||||
|
|
|
@ -1,54 +0,0 @@
|
|||
{ config, lib, pkgs, inputs, ... }@attrs:
|
||||
with lib; {
|
||||
config = mkMerge [
|
||||
(mkIf pkgs.stdenv.isLinux {
|
||||
zramSwap = mkIf config.nathan.services.zramSwap {
|
||||
enable = true;
|
||||
algorithm = "lz4";
|
||||
memoryPercent = 25;
|
||||
};
|
||||
nix = mkIf config.nathan.config.nix.autoGC {
|
||||
settings.auto-optimise-store = true;
|
||||
};
|
||||
})
|
||||
(mkIf config.nathan.config.harden
|
||||
(import "${inputs.nixpkgs}/nixos/modules/profiles/hardened.nix" attrs))
|
||||
(mkIf config.nathan.config.harden {
|
||||
boot.kernelPackages = pkgs.linuxPackages_5_18_hardened;
|
||||
security = {
|
||||
allowSimultaneousMultithreading = true;
|
||||
unprivilegedUsernsClone = true;
|
||||
};
|
||||
})
|
||||
(mkIf ((!config.nathan.config.harden) && config.nathan.config.isDesktop) {
|
||||
# Use the zen kernel with muqss turned on
|
||||
boot.kernelPackages =
|
||||
let unstable = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system};
|
||||
in unstable.linuxKernel.packages.linux_lqx;
|
||||
})
|
||||
(mkIf config.nathan.config.isDesktop {
|
||||
# Setup frequency scaling
|
||||
powerManagement = {
|
||||
enable = true;
|
||||
cpuFreqGovernor = "schedutil";
|
||||
};
|
||||
})
|
||||
(mkIf (config.nathan.config.nix.autoUpdate && pkgs.stdenv.isLinux) {
|
||||
# Auto update daily at 2 am
|
||||
system.autoUpgrade = {
|
||||
enable = true;
|
||||
allowReboot = true;
|
||||
# Update from the flake
|
||||
flake = "git+https://git.stranger.systems/nix/System";
|
||||
# Attempt to update daily at 2AM
|
||||
dates = lib.mkDefault "2:00";
|
||||
};
|
||||
})
|
||||
# Systemd user service cludge
|
||||
{
|
||||
systemd.user.extraConfig = ''
|
||||
DefaultEnvironment="PATH=/run/current-system/sw/bin:/etc/profiles/per-user/${config.nathan.config.user}/bin"
|
||||
'';
|
||||
}
|
||||
];
|
||||
}
|
Loading…
Reference in New Issue