titaniumtown/nixos
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

cleanup common configs + disable CONFIG_VT if kmscon is enabled
Some checks failed
Build and Deploy / mreow (push) Failing after 40s
Details
Build and Deploy / yarn (push) Failing after 41s
Details
Build and Deploy / muffin (push) Successful in 1m7s
Details

Browse Source
This commit is contained in:
Simon Gardling
2026-04-22 13:18:34 -04:00
parent f03cc87fc9
commit d73ff40e0e
7 changed files with 62 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
AGENTS.md
View File

@@ -21,7 +21,7 @@ flake.nix # 3 hosts, 2 channels
deploy.sh # wrapper: current-host rebuild or `muffin` deploy-rs deploy.sh # wrapper: current-host rebuild or `muffin` deploy-rs
hosts/<host>/ # host entrypoints (default.nix, home.nix, disk.nix, …) hosts/<host>/ # host entrypoints (default.nix, home.nix, disk.nix, …)
modules/ # flat namespace; see module naming below modules/ # flat namespace; see module naming below
common-*.nix # imported by ALL hosts (nix settings, doas, fish shim) common.nix # imported by ALL hosts (nix settings, doas, fish shim)
desktop-*.nix # imported by mreow/yarn only desktop-*.nix # imported by mreow/yarn only
server-*.nix # imported by muffin only server-*.nix # imported by muffin only
<bare>.nix # scoped by filename (age-secrets, zfs, no-rgb, …) <bare>.nix # scoped by filename (age-secrets, zfs, no-rgb, …)

6
hosts/muffin/default.nix
View File

@@ -12,9 +12,7 @@
{ {
imports = [ imports = [
# common across all hosts # common across all hosts
../../modules/common-doas.nix ../../modules/common.nix
../../modules/common-shell-fish.nix
../../modules/common-nix.nix
# muffin-only system modules # muffin-only system modules
./hardware.nix ./hardware.nix
@@ -95,8 +93,6 @@
services.deployGuard.enable = true; services.deployGuard.enable = true;
services.kmscon.enable = true;
# Disable serial getty on ttyS0 to prevent dmesg warnings # Disable serial getty on ttyS0 to prevent dmesg warnings
systemd.services."serial-getty@ttyS0".enable = false; systemd.services."serial-getty@ttyS0".enable = false;

15
modules/common-doas.nix
View File

@@ -1,15 +0,0 @@
{ username, ... }:
{
# doas replaces sudo on every host
security = {
doas.enable = true;
sudo.enable = false;
doas.extraRules = [
{
users = [ username ];
keepEnv = true;
persist = true;
}
];
};
}

22
modules/common-nix.nix
View File

@@ -1,22 +0,0 @@
{ lib, ... }:
{
# Common Nix daemon settings. Host-specific overrides (binary cache substituters,
# gc retention) live in the host's default.nix.
nix = {
optimise.automatic = true;
gc = {
automatic = true;
dates = "weekly";
# Default retention: override per-host via lib.mkForce if different.
options = lib.mkDefault "--delete-older-than 30d";
};
settings = {
experimental-features = [
"nix-command"
"flakes"
];
};
};
}

16
modules/common-shell-fish.nix
View File

@@ -1,16 +0,0 @@
{ pkgs, lib, ... }:
{
# https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell
# Login shells stay bash but immediately `exec fish` so fish is the effective shell
# without breaking scripts that hardcode #!/bin/bash.
programs.fish.enable = true;
programs.bash = {
interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${lib.getExe pkgs.fish} $LOGIN_OPTION
fi
'';
};
}

57
modules/common.nix Normal file
View File

@@ -0,0 +1,57 @@
{
config,
lib,
pkgs,
username,
...
}:
{
# Common Nix daemon settings. Host-specific overrides (binary cache substituters,
# gc retention) live in the host's default.nix.
nix = {
optimise.automatic = true;
gc = {
automatic = true;
dates = "weekly";
# Default retention: override per-host via lib.mkForce if different.
options = lib.mkDefault "--delete-older-than 30d";
};
settings = {
experimental-features = [
"nix-command"
"flakes"
];
};
};
# doas replaces sudo on every host
security = {
doas.enable = true;
sudo.enable = false;
doas.extraRules = [
{
users = [ username ];
keepEnv = true;
persist = true;
}
];
};
# https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell
# Login shells stay bash but immediately `exec fish` so fish is the effective shell
# without breaking scripts that hardcode #!/bin/bash.
programs.fish.enable = true;
programs.bash = {
interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${lib.getExe pkgs.fish} $LOGIN_OPTION
fi
'';
};
services.kmscon.enable = true;
}

9
modules/desktop-common.nix
View File

@@ -10,10 +10,7 @@
}: }:
{ {
imports = [ imports = [
# shared across all hosts ./common.nix
./common-doas.nix
./common-shell-fish.nix
./common-nix.nix
# desktop-only modules # desktop-only modules
./desktop-vm.nix ./desktop-vm.nix
@@ -34,8 +31,6 @@
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
hardware.cpu.amd.updateMicrocode = true; hardware.cpu.amd.updateMicrocode = true;
services.kmscon.enable = true;
# Add niri to display manager session packages # Add niri to display manager session packages
services.displayManager.sessionPackages = [ niri-package ]; services.displayManager.sessionPackages = [ niri-package ];
@@ -255,6 +250,8 @@
SGETMASK_SYSCALL = lib.mkForce no; SGETMASK_SYSCALL = lib.mkForce no;
UID16 = lib.mkForce no; UID16 = lib.mkForce no;
X86_X32_ABI = lib.mkForce no; X86_X32_ABI = lib.mkForce no;
VT = lib.mkForce (!config.services.kmscon.enable);
}; };
} }
]; ];