feat: build a much more minimal config for installing

2025-10-11 07:10:39 +02:00 · 2023-09-26 21:43:23 +02:00 · 2023-09-26 21:43:23 +02:00 · 73d7a42879
commit 73d7a42879
parent 73897f648d
11 changed files with 136 additions and 113 deletions
--- a/flake.nix
+++ b/flake.nix
@ -131,6 +131,7 @@
        hosts
        microvmConfigurations
        nixosConfigurations
        nixosConfigurationsMinimal
        ;
      # All nixosSystem instanciations are collected here, so that we can refer
@ -141,11 +142,13 @@
      # For each true NixOS system, we want to expose an installer package that
      # can be used to do the initial setup on the node from a live environment.
      # We use the minimal sibling configuration to reduce the amount of stuff
      # we have to copy to the live system.
      inherit
        (foldl' recursiveUpdate {}
          (mapAttrsToList
            (import ./nix/generate-installer-package.nix inputs)
-            self.nixosConfigurations))
+            self.nixosConfigurationsMinimal))
        packages
        ;
    }
--- a/hosts/kroma/default.nix
+++ b/hosts/kroma/default.nix
@ -1,4 +1,10 @@
-{inputs, ...}: {
+{
  inputs,
  lib,
  minimal,
  ...
 }:
 {
  imports = [
    inputs.nixos-hardware.nixosModules.common-cpu-amd
    inputs.nixos-hardware.nixosModules.common-cpu-amd-pstate
@ -25,15 +31,17 @@
  ];
  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
-  boot.binfmt.emulatedSystems = ["aarch64-linux"];
+}
-  graphical.gaming.enable = true;
+// lib.optionalAttrs (!minimal) {
  # TODO goodbye once -sk keys.
  environment.shellInit = ''
    gpg-connect-agent /bye
    export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
  '';
  boot.binfmt.emulatedSystems = ["aarch64-linux"];
  graphical.gaming.enable = true;
  stylix.fonts.sizes = {
    #desktop = 20;
    applications = 10;
--- a/modules/config/nix.nix
+++ b/modules/config/nix.nix
@ -44,18 +44,12 @@
      options = "--delete-older-than 90d";
    };
    # Define global flakes for this system
-    registry = {
+    registry = rec {
      nixpkgs.flake = inputs.nixpkgs;
-      p.flake = inputs.nixpkgs;
+      p = nixpkgs;
      pkgs.flake = inputs.nixpkgs;
      templates.flake = inputs.templates;
    };
  };
-  system = {
+  system.stateVersion = "23.11";
    extraSystemBuilderCmds = ''
      ln -sv ${pkgs.path} $out/nixpkgs
    '';
    stateVersion = "23.11";
  };
 }
--- a/modules/optional/dev/default.nix
+++ b/modules/optional/dev/default.nix
@ -1,8 +1,11 @@
 {
  inputs,
  pkgs,
  lib,
  minimal,
  ...
-}: {
+}:
 lib.optionalAttrs (!minimal) {
  imports = [
    inputs.nixseparatedebuginfod.nixosModules.default
    ./documentation.nix
--- a/modules/optional/graphical/default.nix
+++ b/modules/optional/graphical/default.nix
@ -2,14 +2,24 @@
  config,
  inputs,
  lib,
  minimal,
  ...
 }: let
  inherit
    (lib)
    mkOption
    types
    optionalAttrs
    ;
-in {
+in
  {
    options.graphical.gaming.enable = mkOption {
      description = "Enables gaming on this machine and will add a lot of gaming related packages and configuration.";
      default = false;
      type = types.bool;
    };
  }
  // optionalAttrs (!minimal) {
    imports = [
      inputs.stylix.nixosModules.stylix
@ -19,12 +29,6 @@ in {
      ./xserver.nix
    ];
  options.graphical.gaming.enable = mkOption {
    description = "Enables gaming on this machine and will add a lot of gaming related packages and configuration.";
    default = false;
    type = types.bool;
  };
    config = {
      # Needed for gtk
      programs.dconf.enable = true;
--- a/modules/optional/hardware/nvidia.nix
+++ b/modules/optional/hardware/nvidia.nix
@ -1,8 +1,10 @@
 {
  lib,
  minimal,
  pkgs,
  ...
-}: {
+}:
 lib.optionalAttrs (!minimal) {
  boot.blacklistedKernelModules = ["nouveau"];
  services.xserver.videoDrivers = lib.mkForce ["nvidia"];
--- a/modules/optional/sound.nix
+++ b/modules/optional/sound.nix
@ -1,8 +1,10 @@
 {
  lib,
  minimal,
  pkgs,
  ...
-}: {
+}:
 lib.optionalAttrs (!minimal) {
  # Helpful utilities:
  # Show pipewire devices and application overview or specifics
  # > wpctl status; wpctl inspect <id>
--- a/modules/repo/meta.nix
+++ b/modules/repo/meta.nix
@ -5,19 +5,18 @@
 }: let
  inherit
    (lib)
    mdDoc
    mkOption
    types
    ;
 in {
  options.node = {
    name = mkOption {
-      description = mdDoc "A unique name for this node (host) in the repository. Defines the default hostname, but this can be overwritten.";
+      description = "A unique name for this node (host) in the repository. Defines the default hostname, but this can be overwritten.";
      type = types.str;
    };
    secretsDir = mkOption {
-      description = mdDoc "Path to the secrets directory for this node.";
+      description = "Path to the secrets directory for this node.";
      type = types.path;
    };
  };
--- a/nix/hosts.nix
+++ b/nix/hosts.nix
@ -12,15 +12,15 @@ inputs: let
    ;
  # Creates a new nixosSystem with the correct specialArgs, pkgs and name definition
-  mkHost = name: system: let
+  mkHost = {minimal}: name: hostCfg: let
-    pkgs = self.pkgs.${system};
+    pkgs = self.pkgs.${hostCfg.system};
  in
    nixosSystem {
      specialArgs = {
        # Use the correct instance lib that has our overlays
        inherit (pkgs) lib;
        inherit (self) nodes;
-        inherit inputs;
+        inherit inputs minimal;
      };
      modules = [
        {
@ -28,7 +28,7 @@ inputs: let
          # inputs.nixpkgs.nixosModules.readOnlyPkgs, since some nixosModules
          # like nixseparatedebuginfod depend on adding packages via nixpkgs.overlays.
          # So we just mimic the options and overlays defined by the passed pkgs set.
-          nixpkgs.hostPlatform = system;
+          nixpkgs.hostPlatform = hostCfg.system;
          nixpkgs.overlays = pkgs.overlays;
          nixpkgs.config = pkgs.config;
          node.name = name;
@ -45,7 +45,8 @@ inputs: let
  # Get all hosts of type "nixos"
  nixosHosts = filterAttrs (_: x: x.type == "nixos") hosts;
  # Process each nixosHosts declaration and generatea nixosSystem definitions
-  nixosConfigurations = flip mapAttrs nixosHosts (name: hostCfg: mkHost name hostCfg.system);
+  nixosConfigurations = flip mapAttrs nixosHosts (mkHost {minimal = false;});
  nixosConfigurationsMinimal = flip mapAttrs nixosHosts (mkHost {minimal = true;});
  # True NixOS nodes can define additional microvms (guest nodes) that are built
  # together with the true host. We collect all defined microvm nodes
@ -59,5 +60,6 @@ in {
    hosts
    microvmConfigurations
    nixosConfigurations
    nixosConfigurationsMinimal
    ;
 }
--- a/users/myuser/default.nix
+++ b/users/myuser/default.nix
@ -1,10 +1,13 @@
 {
  config,
  lib,
  pkgs,
  minimal,
  ...
 }: let
  myuser = config.repo.secrets.global.myuser.name;
-in {
+in
  lib.optionalAttrs (!minimal) {
    users.groups.${myuser}.gid = config.users.users.${myuser}.uid;
    users.users.${myuser} = {
      uid = 1000;
--- a/users/myuser/graphical/default.nix
+++ b/users/myuser/graphical/default.nix
@ -37,6 +37,9 @@
      zathura
    ];
    # TODO audible bell in qt pinentry drives me nuts
    # TODO secureboot -> use pam yubikey login
    # TODO keyboard stays lit on poweroff -> add systemd service to disable it on shutdown
    # TODO on neogit close do neotree update
    # TODO kitty terminfo missing with ssh root@localhost
    # TODO nix repl cltr+del doesnt work