From d73ff40e0ecf33688404aa2077c9084a357cf52a Mon Sep 17 00:00:00 2001 From: Simon Gardling Date: Wed, 22 Apr 2026 13:18:34 -0400 Subject: [PATCH] cleanup common configs + disable CONFIG_VT if kmscon is enabled --- AGENTS.md | 2 +- hosts/muffin/default.nix | 6 +--- modules/common-doas.nix | 15 --------- modules/common-nix.nix | 22 -------------- modules/common-shell-fish.nix | 16 ---------- modules/common.nix | 57 +++++++++++++++++++++++++++++++++++ modules/desktop-common.nix | 9 ++---- 7 files changed, 62 insertions(+), 65 deletions(-) delete mode 100644 modules/common-doas.nix delete mode 100644 modules/common-nix.nix delete mode 100644 modules/common-shell-fish.nix create mode 100644 modules/common.nix diff --git a/AGENTS.md b/AGENTS.md index d3533b4..a4b4942 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -21,7 +21,7 @@ flake.nix # 3 hosts, 2 channels deploy.sh # wrapper: current-host rebuild or `muffin` deploy-rs hosts// # host entrypoints (default.nix, home.nix, disk.nix, …) modules/ # flat namespace; see module naming below - common-*.nix # imported by ALL hosts (nix settings, doas, fish shim) + common.nix # imported by ALL hosts (nix settings, doas, fish shim) desktop-*.nix # imported by mreow/yarn only server-*.nix # imported by muffin only .nix # scoped by filename (age-secrets, zfs, no-rgb, …) diff --git a/hosts/muffin/default.nix b/hosts/muffin/default.nix index 652ef45..8e03f9c 100644 --- a/hosts/muffin/default.nix +++ b/hosts/muffin/default.nix @@ -12,9 +12,7 @@ { imports = [ # common across all hosts - ../../modules/common-doas.nix - ../../modules/common-shell-fish.nix - ../../modules/common-nix.nix + ../../modules/common.nix # muffin-only system modules ./hardware.nix @@ -95,8 +93,6 @@ services.deployGuard.enable = true; - services.kmscon.enable = true; - # Disable serial getty on ttyS0 to prevent dmesg warnings systemd.services."serial-getty@ttyS0".enable = false; diff --git a/modules/common-doas.nix b/modules/common-doas.nix deleted file mode 100644 index 2e0875a..0000000 --- a/modules/common-doas.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ username, ... }: -{ - # doas replaces sudo on every host - security = { - doas.enable = true; - sudo.enable = false; - doas.extraRules = [ - { - users = [ username ]; - keepEnv = true; - persist = true; - } - ]; - }; -} diff --git a/modules/common-nix.nix b/modules/common-nix.nix deleted file mode 100644 index 458a947..0000000 --- a/modules/common-nix.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ lib, ... }: -{ - # Common Nix daemon settings. Host-specific overrides (binary cache substituters, - # gc retention) live in the host's default.nix. - nix = { - optimise.automatic = true; - - gc = { - automatic = true; - dates = "weekly"; - # Default retention: override per-host via lib.mkForce if different. - options = lib.mkDefault "--delete-older-than 30d"; - }; - - settings = { - experimental-features = [ - "nix-command" - "flakes" - ]; - }; - }; -} diff --git a/modules/common-shell-fish.nix b/modules/common-shell-fish.nix deleted file mode 100644 index 13d0505..0000000 --- a/modules/common-shell-fish.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ pkgs, lib, ... }: -{ - # https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell - # Login shells stay bash but immediately `exec fish` so fish is the effective shell - # without breaking scripts that hardcode #!/bin/bash. - programs.fish.enable = true; - programs.bash = { - interactiveShellInit = '' - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${lib.getExe pkgs.fish} $LOGIN_OPTION - fi - ''; - }; -} diff --git a/modules/common.nix b/modules/common.nix new file mode 100644 index 0000000..9daccb0 --- /dev/null +++ b/modules/common.nix @@ -0,0 +1,57 @@ +{ + config, + lib, + pkgs, + username, + ... +}: +{ + # Common Nix daemon settings. Host-specific overrides (binary cache substituters, + # gc retention) live in the host's default.nix. + nix = { + optimise.automatic = true; + + gc = { + automatic = true; + dates = "weekly"; + # Default retention: override per-host via lib.mkForce if different. + options = lib.mkDefault "--delete-older-than 30d"; + }; + + settings = { + experimental-features = [ + "nix-command" + "flakes" + ]; + }; + }; + + # doas replaces sudo on every host + security = { + doas.enable = true; + sudo.enable = false; + doas.extraRules = [ + { + users = [ username ]; + keepEnv = true; + persist = true; + } + ]; + }; + + # https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell + # Login shells stay bash but immediately `exec fish` so fish is the effective shell + # without breaking scripts that hardcode #!/bin/bash. + programs.fish.enable = true; + programs.bash = { + interactiveShellInit = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${lib.getExe pkgs.fish} $LOGIN_OPTION + fi + ''; + }; + + services.kmscon.enable = true; +} diff --git a/modules/desktop-common.nix b/modules/desktop-common.nix index 1016441..af12764 100644 --- a/modules/desktop-common.nix +++ b/modules/desktop-common.nix @@ -10,10 +10,7 @@ }: { imports = [ - # shared across all hosts - ./common-doas.nix - ./common-shell-fish.nix - ./common-nix.nix + ./common.nix # desktop-only modules ./desktop-vm.nix @@ -34,8 +31,6 @@ hardware.enableRedistributableFirmware = true; hardware.cpu.amd.updateMicrocode = true; - services.kmscon.enable = true; - # Add niri to display manager session packages services.displayManager.sessionPackages = [ niri-package ]; @@ -255,6 +250,8 @@ SGETMASK_SYSCALL = lib.mkForce no; UID16 = lib.mkForce no; X86_X32_ABI = lib.mkForce no; + + VT = lib.mkForce (!config.services.kmscon.enable); }; } ];