mirror of
https://github.com/ryan4yin/nix-config.git
synced 2026-05-02 21:54:16 +02:00
df9ca7aefa
* feat: hardening nixos desktops * refactor: move hardening to the root folder * feat: add nixpaks into nixpkgs via overlays * feat: nixpak - add netease music * docs: hardening * fix: nvidia * fix: disable apparmor & hardening profile to avoid neovim being killed * fix: firefox cursor & fonts
62 lines
1.5 KiB
Nix
62 lines
1.5 KiB
Nix
{
|
|
# NOTE: the args not used in this file CAN NOT be removed!
|
|
# because haumea pass argument lazily,
|
|
# and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc.
|
|
inputs,
|
|
lib,
|
|
myvars,
|
|
mylib,
|
|
system,
|
|
genSpecialArgs,
|
|
...
|
|
} @ args: let
|
|
# 星野 アイ, Hoshino Ai
|
|
name = "ai";
|
|
base-modules = {
|
|
nixos-modules = map mylib.relativeToRoot [
|
|
# common
|
|
"secrets/nixos.nix"
|
|
"modules/nixos/desktop.nix"
|
|
# host specific
|
|
"hosts/idols-${name}"
|
|
# nixos hardening
|
|
# "hardening/profiles/default.nix"
|
|
"hardening/nixpaks"
|
|
# "hardening/apparmor"
|
|
];
|
|
home-modules = map mylib.relativeToRoot [
|
|
# common
|
|
"home/linux/gui.nix"
|
|
# host specific
|
|
"hosts/idols-${name}/home.nix"
|
|
];
|
|
};
|
|
|
|
modules-hyprland = {
|
|
nixos-modules =
|
|
[
|
|
{
|
|
modules.desktop.wayland.enable = true;
|
|
modules.secrets.desktop.enable = true;
|
|
modules.secrets.impermanence.enable = true;
|
|
}
|
|
]
|
|
++ base-modules.nixos-modules;
|
|
home-modules =
|
|
[
|
|
{modules.desktop.hyprland.enable = true;}
|
|
]
|
|
++ base-modules.home-modules;
|
|
};
|
|
in {
|
|
nixosConfigurations = {
|
|
# host with hyprland compositor
|
|
"${name}-hyprland" = mylib.nixosSystem (modules-hyprland // args);
|
|
};
|
|
|
|
# generate iso image for hosts with desktop environment
|
|
packages = {
|
|
"${name}-hyprland" = inputs.self.nixosConfigurations."${name}-hyprland".config.formats.iso;
|
|
};
|
|
}
|