From 61c3722f5ae4516a464286a89dbe8dc22ff50ceb Mon Sep 17 00:00:00 2001 From: Julian Sutter Date: Wed, 30 Jul 2025 23:17:03 -0700 Subject: [PATCH] Refactor NixOS configuration: Move GUI apps to desktop modules and create headless config - Move GUI applications from users/jsutter.nix to appropriate desktop modules: * office.nix: slack, signal-desktop * gaming.nix: discord, stremio * plasma.nix: arc-theme, pinentry, tigervnc * dev.nix: putty * media.nix (new): vlc, deluge - Create systems/common-headless.nix for server configurations: * Remove GUI dependencies (Flatpak, XDG portals, fonts, graphics drivers) * Include only essential CLI tools and server packages * Disable X server completely - Simplify skip01 configuration: * Remove Intel graphics drivers and OpenGL support * Use headless common configuration * Keep unified users/jsutter.nix (no split files) - Update flake.nix to include new media.nix module in desktop systems Result: Clean separation between desktop and headless configurations with improved modularity and maintainability. --- desktop/dev.nix | 1 + desktop/gaming.nix | 6 +- desktop/media.nix | 8 ++ desktop/office.nix | 16 ++-- desktop/plasma.nix | 3 + flake.nix | 3 +- servers/common.nix | 7 +- systems/common-headless.nix | 153 ++++++++++++++++++++++++++++++++++++ systems/skip01.nix | 20 +---- users/jsutter.nix | 19 ++--- 10 files changed, 194 insertions(+), 42 deletions(-) create mode 100644 desktop/media.nix create mode 100644 systems/common-headless.nix diff --git a/desktop/dev.nix b/desktop/dev.nix index 0423c2c..8eecea7 100644 --- a/desktop/dev.nix +++ b/desktop/dev.nix @@ -6,6 +6,7 @@ environment.systemPackages = with pkgs; [ (python3.withPackages(ps: with ps; [ pandas requests python-dotenv pip uv ])) nodejs rpi-imager + putty # SSH/Telnet client pkgs-unstable.windsurf # Use windsurf from unstable packages ]; diff --git a/desktop/gaming.nix b/desktop/gaming.nix index bbcd5d2..71dc325 100644 --- a/desktop/gaming.nix +++ b/desktop/gaming.nix @@ -3,8 +3,10 @@ { environment.systemPackages = with pkgs; [ -# parsec-bin -# bottles + discord # Gaming communication + stremio # Media streaming +# parsec-bin +# bottles ]; # Steam diff --git a/desktop/media.nix b/desktop/media.nix new file mode 100644 index 0000000..1866dca --- /dev/null +++ b/desktop/media.nix @@ -0,0 +1,8 @@ +{ config, pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ + vlc # Media player + deluge # BitTorrent client + ]; +} diff --git a/desktop/office.nix b/desktop/office.nix index 2475a8a..be3884c 100644 --- a/desktop/office.nix +++ b/desktop/office.nix @@ -1,12 +1,12 @@ -{ config, pkgs, ... }: +{ config, pkgs, pkgs-unstable, ... }: { - - -environment.systemPackages = with pkgs; [ - libreoffice-qt - thunderbird -# gimp # Temporarily commented out to avoid build errors -# calibre + environment.systemPackages = with pkgs; [ + libreoffice-qt + thunderbird + slack # Team communication + pkgs-unstable.signal-desktop # Private messaging +# gimp # Temporarily commented out to avoid build errors +# calibre ]; } diff --git a/desktop/plasma.nix b/desktop/plasma.nix index 77f8acf..6e33c4c 100644 --- a/desktop/plasma.nix +++ b/desktop/plasma.nix @@ -15,6 +15,9 @@ environment.systemPackages = with pkgs; [ kdePackages.spectacle + arc-theme # Desktop theme + pinentry # GUI pinentry for GPG + tigervnc # VNC client/server ]; # GNUPG Stuff diff --git a/flake.nix b/flake.nix index f4e8b9d..1ff1493 100644 --- a/flake.nix +++ b/flake.nix @@ -45,6 +45,7 @@ ./desktop/dev.nix ./desktop/office.nix ./desktop/gaming.nix + ./desktop/media.nix ./desktop/virtualization.nix ./desktop/crypto.nix ]; @@ -77,7 +78,7 @@ }; skip01 = mkSystem { modules = [ - ./systems/common.nix + ./systems/common-headless.nix ./systems/skip01.nix ./users/jsutter.nix ./servers/common.nix diff --git a/servers/common.nix b/servers/common.nix index fe75bcb..845bc72 100644 --- a/servers/common.nix +++ b/servers/common.nix @@ -1,4 +1,9 @@ -virtualisation = { +{ config, pkgs, ... }: + +{ + virtualisation = { docker = { enable = true; }; + }; +} diff --git a/systems/common-headless.nix b/systems/common-headless.nix new file mode 100644 index 0000000..97eb08b --- /dev/null +++ b/systems/common-headless.nix @@ -0,0 +1,153 @@ +{ config, pkgs, ... }: + +{ + fileSystems."/" = + { device = "/dev/disk/by-partlabel/primary"; + fsType = "btrfs"; + }; + fileSystems."/boot" = + { device = "/dev/disk/by-partlabel/ESP"; + fsType = "vfat"; + }; + + # hardware + hardware.enableRedistributableFirmware = true; + services.fwupd.enable = true; + + # Network + networking = { + extraHosts = ""; + networkmanager = { + enable = true; + plugins = with pkgs; [ + networkmanager-openvpn + networkmanager-openconnect + ]; + }; + useDHCP = false; # Depreciated + }; + + # Bootloader + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # Kernel + boot.kernelPackages = pkgs.linuxPackages_latest; + + # Nix + nix = { + # Automate garbage collection + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + package = pkgs.nixVersions.stable; + settings = { + auto-optimise-store = true; + trusted-users = [ "root" "jsutter" ]; + experimental-features = [ "nix-command" "flakes" ]; + }; + }; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # Set your time zone. + time.timeZone = "America/Los_Angeles"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + + # Enable CUPS to print documents (disabled for headless) + # services.printing.enable = true; + + # Enable sound (disabled for headless) + # sound.enable = true; + # hardware.pulseaudio.enable = false; + # security.rtkit.enable = true; + # services.pipewire = { + # enable = true; + # alsa.enable = true; + # alsa.support32Bit = true; + # pulse.enable = true; + # }; + + # Define a user account. Don't forget to set a password with 'passwd'. + users.defaultUserShell = pkgs.zsh; + programs.zsh.enable = true; + + # System state version + system.stateVersion = "24.05"; + + # List packages installed in system profile + environment.systemPackages = with pkgs; [ + # Essential CLI tools for server management + vim + git + curl + wget + htop + iotop + nethogs + ncdu + tree + unzip + zip + jq + yq + tmux + screen + lsof + netcat + nmap + tcpdump + iftop + dnsutils + whois + rsync + pciutils + sysstat + powertop + gnupg + p7zip + openssl + gnumake + kopia + dig + python3 + pv + stress + s-tui + clinfo + fwupd + ]; + + # No GUI services for headless + # services.flatpak.enable = false; # Explicitly disabled + + # No fonts needed for headless + # fonts.packages = []; # No GUI fonts needed + + # Disable X server completely for headless + services.xserver.enable = false; + + # Disable documentation to save space + documentation.nixos.enable = false; + + # Network optimizations + systemd.network.wait-online.enable = false; + boot.initrd.systemd.network.wait-online.enable = false; +} diff --git a/systems/skip01.nix b/systems/skip01.nix index 8b03843..f9d09b2 100644 --- a/systems/skip01.nix +++ b/systems/skip01.nix @@ -6,13 +6,12 @@ # Boot and kernel modules for Intel NUC boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ "i915" ]; # Intel integrated graphics + boot.initrd.kernelModules = [ ]; # No graphics drivers needed for headless boot.kernelModules = [ "kvm-intel" ]; # Intel virtualization support boot.extraModulePackages = []; - # Intel-specific kernel parameters + # Server-specific kernel parameters boot.kernelParams = [ - "i915.enable_guc=2" # Enable GuC and HuC for better power management "intel_iommu=on" # Enable IOMMU for virtualization ]; @@ -20,18 +19,7 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - # Intel graphics support - hardware.opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - extraPackages = with pkgs; [ - intel-media-driver # VAAPI driver for newer Intel GPUs - vaapiIntel # VAAPI driver for older Intel GPUs - vaapiVdpau - libvdpau-va-gl - ]; - }; + # No graphics support needed for headless server # Power management optimized for server use powerManagement = { @@ -61,7 +49,7 @@ } ]; - # Enable hardware monitoring + # Enable hardware monitoring (CLI only) hardware.sensor.iio.enable = true; # Network performance tuning for server use diff --git a/users/jsutter.nix b/users/jsutter.nix index 1105b40..b8068f6 100644 --- a/users/jsutter.nix +++ b/users/jsutter.nix @@ -10,20 +10,11 @@ hashedPassword = "$6$tvkhGd24G6pVOsWr$j8ZAqSnXPTGwMGmIulU5Puzqd4iKdu8eAMSFis/cPqTW6u2xGQMqPHH1W9IZwKSL6.nS7Jc/NR2VwpPosyXDH/"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBNVUh+RrcOSMRV6qysnsdPs5AyK8dSm4QhhnwgpikyI jsutter@symbiotrip.com" ]; packages = with pkgs; [ - vlc - pinentry - arc-theme - slack - direnv - deluge - pkgs-unstable.signal-desktop - putty - rpi-imager - discord - stremio - tigervnc - appimage-run - cloudflared + # Essential CLI tools and user utilities only + # GUI applications have been moved to appropriate desktop modules + direnv # Development environment management + appimage-run # System utility for AppImages + cloudflared # Cloudflare tunnel CLI ]; };