nixos-config/modules/nixos/roles/default.nix

{
  config,
  lib,
  pkgs,
  inputs,
  ...
}:
let
  inherit (lib)
    mkDefault
    mkIf
    mkMerge
    mkOption
    recursiveUpdate
    types
    ;

  defaultUser = config.ataraxia.defaults.users.defaultUser;
  fs = config.ataraxia.filesystems;
  fsCompression = fs.zfs.enable || fs.btrfs.enable;
  role = config.ataraxia.defaults.role;
in
{
  options.ataraxia.defaults = {
    role = mkOption {
      type = types.enum [
        "none"
        "base"
        "server"
        "desktop"
        "laptop"
      ];
      default = "none";
    };
  };

  imports = [ inputs.nix-index-database.nixosModules.nix-index ];

  config =
    let
      baseRole = {
        ataraxia.defaults.boot.enable = mkDefault true;
        ataraxia.defaults.hardware.enable = mkDefault true;
        ataraxia.defaults.locale.enable = mkDefault true;
        ataraxia.defaults.lix.enable = mkDefault true;
        ataraxia.defaults.nix.enable = mkDefault true;
        ataraxia.defaults.ssh.enable = mkDefault true;
        ataraxia.defaults.users.enable = mkDefault true;

        programs.nix-index.enable = mkDefault true;
        programs.nix-index-database.comma.enable = mkDefault true;

        persist.enable = mkDefault true;
        persist.cache.clean.enable = mkDefault true;

        # Do not compress journal logs if using native fs compression
        services.journald.extraConfig = mkIf fsCompression (mkDefault "Compress=false");
        services.speechd.enable = false;

        boot.initrd.systemd.enable = mkDefault true;
        services.userborn.enable = mkDefault true;
        system.rebuild.enableNg = mkDefault true;
        system.switch.enableNg = mkDefault true;
        system.etc.overlay.enable = mkDefault false;
        system.etc.overlay.mutable = mkDefault true;

        systemd.services.systemd-timesyncd.wantedBy = [
          "multi-user.target"
        ];
        systemd.timers.systemd-timesyncd = {
          timerConfig.OnCalendar = "hourly";
        };

        environment.systemPackages = with pkgs; [
          git
        ];

        zramSwap = {
          enable = true;
          algorithm = "zstd";
          priority = mkDefault 100;
          memoryPercent = mkDefault 50;
        };
      };
      serverRole = recursiveUpdate baseRole {
        ataraxia.profiles.hardened = mkDefault true;
        ataraxia.profiles.minimal = mkDefault true;
        ataraxia.virtualisation.podman = mkDefault true;
        ataraxia.virtualisation.libvirt = mkDefault true;
        virtualisation.quadlet.enable = mkDefault true;

        boot.supportedFilesystems = [ "nfs" ];

        time.timeZone = "Etc/UTC";
        zramSwap.memoryPercent = 100;
      };
      desktopRole = recursiveUpdate baseRole {
        ataraxia.defaults.hardware.graphics = mkDefault true;
        ataraxia.defaults.sound.enable = mkDefault true;
        ataraxia.wayland.enable = mkDefault true;
        ataraxia.wayland.hyprland.enable = mkDefault true;

        programs.virt-manager.enable = config.ataraxia.virtualisation.libvirt;

        boot.supportedFilesystems = [ "nfs" ];

        # Fix some icon cache problems
        programs.gdk-pixbuf.modulePackages = with pkgs; [ librsvg ];
        services.gvfs.enable = mkDefault true;
        services.getty.autologinUser = mkDefault defaultUser;

        location = {
          provider = "manual";
          latitude = 48;
          longitude = 44;
        };

        zramSwap.memoryPercent = 150;
      };
      laptopRole = recursiveUpdate desktopRole {
        programs.light = {
          enable = true;
          brightnessKeys.enable = true;
          # Allow dark screen
          brightnessKeys.minBrightness = 0;
          brightnessKeys.step = 10;
        };
      };
    in
    mkMerge [
      (mkIf (role == "base") baseRole)
      (mkIf (role == "server") serverRole)
      (mkIf (role == "desktop") desktopRole)
      (mkIf (role == "laptop") laptopRole)
    ];
}
feat: wip module for hosts roles 2025-03-02 14:36:53 +03:00			`{`
			`config,`
			`lib,`
feat: add gvfs service by default 2025-06-07 21:29:52 +03:00			`pkgs,`
feat: add nix-index-database program 2025-06-07 17:46:05 +03:00			`inputs,`
feat: wip module for hosts roles 2025-03-02 14:36:53 +03:00			`...`
			`}:`
			`let`
			`inherit (lib)`
feat: module for role system 2025-03-10 18:29:45 +03:00			`mkDefault`
feat: wip module for hosts roles 2025-03-02 14:36:53 +03:00			`mkIf`
			`mkMerge`
			`mkOption`
feat: module for role system 2025-03-10 18:29:45 +03:00			`recursiveUpdate`
feat: wip module for hosts roles 2025-03-02 14:36:53 +03:00			`types`
			`;`
feat: module for role system 2025-03-10 18:29:45 +03:00
feat: some minor options by default 2025-06-07 17:50:08 +03:00			`defaultUser = config.ataraxia.defaults.users.defaultUser;`
feat: do not compress journald logs if using native fs compression 2025-03-10 18:43:40 +03:00			`fs = config.ataraxia.filesystems;`
			`fsCompression = fs.zfs.enable \|\| fs.btrfs.enable;`
feat: wip module for hosts roles 2025-03-02 14:36:53 +03:00			`role = config.ataraxia.defaults.role;`
			`in`
			`{`
			`options.ataraxia.defaults = {`
			`role = mkOption {`
			`type = types.enum [`
			`"none"`
			`"base"`
			`"server"`
			`"desktop"`
fix: add laptop role, enable laptop widgets on waybar and backlight control 2025-07-08 15:40:31 +03:00			`"laptop"`
feat: wip module for hosts roles 2025-03-02 14:36:53 +03:00			`];`
			`default = "none";`
			`};`
			`};`

feat: add nix-index-database program 2025-06-07 17:46:05 +03:00			`imports = [ inputs.nix-index-database.nixosModules.nix-index ];`

feat: module for role system 2025-03-10 18:29:45 +03:00			`config =`
			`let`
			`baseRole = {`
feat: add boot nixos module 2025-06-07 17:43:36 +03:00			`ataraxia.defaults.boot.enable = mkDefault true;`
feat: add hardware nixos module 2025-06-07 17:33:23 +03:00			`ataraxia.defaults.hardware.enable = mkDefault true;`
feat: locale module 2025-03-10 18:35:29 +03:00			`ataraxia.defaults.locale.enable = mkDefault true;`
feat: module for role system 2025-03-10 18:29:45 +03:00			`ataraxia.defaults.lix.enable = mkDefault true;`
			`ataraxia.defaults.nix.enable = mkDefault true;`
feat: sane ssh defaults 2025-03-10 18:30:20 +03:00			`ataraxia.defaults.ssh.enable = mkDefault true;`
feat: user module with some security 2025-03-10 18:31:24 +03:00			`ataraxia.defaults.users.enable = mkDefault true;`
feat: module for role system 2025-03-10 18:29:45 +03:00
feat: add nix-index-database program 2025-06-07 17:46:05 +03:00			`programs.nix-index.enable = mkDefault true;`
			`programs.nix-index-database.comma.enable = mkDefault true;`

feat: module for role system 2025-03-10 18:29:45 +03:00			`persist.enable = mkDefault true;`
fix: fix some module configs 2025-06-07 17:35:07 +03:00			`persist.cache.clean.enable = mkDefault true;`
feat: module for role system 2025-03-10 18:29:45 +03:00
feat: do not compress journald logs if using native fs compression 2025-03-10 18:43:40 +03:00			`# Do not compress journal logs if using native fs compression`
			`services.journald.extraConfig = mkIf fsCompression (mkDefault "Compress=false");`
feat: some minor options by default 2025-06-07 17:50:08 +03:00			`services.speechd.enable = false;`
feat: do not compress journald logs if using native fs compression 2025-03-10 18:43:40 +03:00
feat: module for role system 2025-03-10 18:29:45 +03:00			`boot.initrd.systemd.enable = mkDefault true;`
			`services.userborn.enable = mkDefault true;`
			`system.rebuild.enableNg = mkDefault true;`
			`system.switch.enableNg = mkDefault true;`
fix: disable /etc erofs overlay 2025-07-04 18:17:48 +03:00			`system.etc.overlay.enable = mkDefault false;`
feat: module for role system 2025-03-10 18:29:45 +03:00			`system.etc.overlay.mutable = mkDefault true;`

feat: some minor options by default 2025-06-07 17:50:08 +03:00			`systemd.services.systemd-timesyncd.wantedBy = [`
			`"multi-user.target"`
			`];`
			`systemd.timers.systemd-timesyncd = {`
			`timerConfig.OnCalendar = "hourly";`
			`};`

			`environment.systemPackages = with pkgs; [`
			`git`
			`];`

feat: module for role system 2025-03-10 18:29:45 +03:00			`zramSwap = {`
			`enable = true;`
			`algorithm = "zstd";`
fix: fix some module configs 2025-06-07 17:35:07 +03:00			`priority = mkDefault 100;`
			`memoryPercent = mkDefault 50;`
feat: module for role system 2025-03-10 18:29:45 +03:00			`};`
			`};`
			`serverRole = recursiveUpdate baseRole {`
feat: hardened profile from nixpkgs with some additions 2025-03-10 18:34:03 +03:00			`ataraxia.profiles.hardened = mkDefault true;`
feat: minimal profile from nixpkgs 2025-03-10 18:32:18 +03:00			`ataraxia.profiles.minimal = mkDefault true;`
feat: add and enable virtualisation module (podman and libvirt) 2025-07-04 15:06:12 +03:00			`ataraxia.virtualisation.podman = mkDefault true;`
			`ataraxia.virtualisation.libvirt = mkDefault true;`
feat: enable quadlet by default in server role 2025-07-08 20:12:36 +03:00			`virtualisation.quadlet.enable = mkDefault true;`
feat: minimal profile from nixpkgs 2025-03-10 18:32:18 +03:00
fix: enable nfs support for server and desktop hosts 2025-07-04 15:07:56 +03:00			`boot.supportedFilesystems = [ "nfs" ];`

feat: module for role system 2025-03-10 18:29:45 +03:00			`time.timeZone = "Etc/UTC";`
feat: some minor options by default 2025-06-07 17:50:08 +03:00			`zramSwap.memoryPercent = 100;`
feat: module for role system 2025-03-10 18:29:45 +03:00			`};`
			`desktopRole = recursiveUpdate baseRole {`
feat: add hardware nixos module 2025-06-07 17:33:23 +03:00			`ataraxia.defaults.hardware.graphics = mkDefault true;`
feat: add sound nixos and home modules 2025-06-07 17:31:28 +03:00			`ataraxia.defaults.sound.enable = mkDefault true;`
feat: add wayland and hyprland modules to nixos and home-manager 2025-06-07 21:06:41 +03:00			`ataraxia.wayland.enable = mkDefault true;`
			`ataraxia.wayland.hyprland.enable = mkDefault true;`

feat: add and enable virtualisation module (podman and libvirt) 2025-07-04 15:06:12 +03:00			`programs.virt-manager.enable = config.ataraxia.virtualisation.libvirt;`

fix: enable nfs support for server and desktop hosts 2025-07-04 15:07:56 +03:00			`boot.supportedFilesystems = [ "nfs" ];`

fix: icon cache (add librsvg to gdk-pixbuf packages) 2025-07-04 15:10:49 +03:00			`# Fix some icon cache problems`
			`programs.gdk-pixbuf.modulePackages = with pkgs; [ librsvg ];`
feat: add gvfs service by default 2025-06-07 21:29:52 +03:00			`services.gvfs.enable = mkDefault true;`
feat: some minor options by default 2025-06-07 17:50:08 +03:00			`services.getty.autologinUser = mkDefault defaultUser;`

feat: module for role system 2025-03-10 18:29:45 +03:00			`location = {`
			`provider = "manual";`
			`latitude = 48;`
			`longitude = 44;`
			`};`
feat: some minor options by default 2025-06-07 17:50:08 +03:00
			`zramSwap.memoryPercent = 150;`
feat: module for role system 2025-03-10 18:29:45 +03:00			`};`
fix: add laptop role, enable laptop widgets on waybar and backlight control 2025-07-08 15:40:31 +03:00			`laptopRole = recursiveUpdate desktopRole {`
			`programs.light = {`
			`enable = true;`
			`brightnessKeys.enable = true;`
			`# Allow dark screen`
			`brightnessKeys.minBrightness = 0;`
			`brightnessKeys.step = 10;`
			`};`
			`};`
feat: module for role system 2025-03-10 18:29:45 +03:00			`in`
			`mkMerge [`
			`(mkIf (role == "base") baseRole)`
			`(mkIf (role == "server") serverRole)`
			`(mkIf (role == "desktop") desktopRole)`
fix: add laptop role, enable laptop widgets on waybar and backlight control 2025-07-08 15:40:31 +03:00			`(mkIf (role == "laptop") laptopRole)`
feat: module for role system 2025-03-10 18:29:45 +03:00			`];`
feat: wip module for hosts roles 2025-03-02 14:36:53 +03:00			`}`