# Common.nix { config, pkgs, lib, inputs, ... }: { imports = [ # Hosts # ./hosts/FredOS-Gaming.nix ./hosts/FredOS-Macbook.nix ./hosts/FredOS-Mediaserver.nix # Generic settings # ./settings/desktop.nix ./settings/hyprland.nix ./settings/locale.nix ./settings/audio.nix ./settings/users.nix ./settings/shell.nix ./apps/zen.nix # Services # ./services/server-permissions.nix ./services/game-servers.nix ./services/dr-server.nix ./services/qbittorrent-nox.nix ./services/nginx.nix ./services/go2rtc.nix ./services/sonarr.nix ./services/radarr.nix ./services/prowlarr.nix ./services/jellyfin.nix ./services/bazarr.nix ./services/bazarr-sync.nix ./services/cloudflare-ddns.nix ./services/authelia.nix ./services/homepage.nix ./services/arr-interconnect.nix ./services/profilarr.nix ./services/adguard.nix ./services/router.nix ./services/crowdsec.nix ./services/sabnzbd.nix ./services/forgejo-runner.nix ./services/code-server.nix ./services/memos.nix ]; ### Make build time quicker documentation.nixos.enable = false; # Home Manager # home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.backupFileExtension = "hm-bak"; home-manager.extraSpecialArgs = { inherit inputs; }; home-manager.users.fred = import ./home-manager/fred.nix; ############################################################################# # Kill all user processes on logout so systemd user services don't linger # in broken states across sessions (e.g. waybar failing to start on re-login). services.logind.settings.Login.KillUserProcesses = true; # Shorten shutdown stop timeout to avoid long "stop job" waits systemd.settings.Manager.DefaultTimeoutStopSec = "10s"; # Make boot time quicker boot.loader.timeout = lib.mkDefault 5; systemd.services.NetworkManager-wait-online.enable = false; systemd.services.systemd-udev-settle.enable = false; systemd.services.firewall = { wantedBy = lib.mkForce [ ]; after = [ "multi-user.target" ]; }; boot.initrd.verbose = false; ############################################################################# # Compressed in-memory swap as a safety net during local build storms. # Cheap when idle; without it a transient OOM during an uncached build # can stall AdGuard/Jellyfin to the point of freezing the box. zramSwap = { enable = true; memoryPercent = 50; }; # Use latest kernel boot.kernelPackages = pkgs.linuxPackages_latest; # Allow unfree packages nixpkgs.config.allowUnfree = true; # Enable network-manager networking.networkmanager.enable = true; # Fish shell programs.fish.enable = true; users.defaultUserShell = pkgs.fish; # Shell aliases (work in both bash and fish) environment.shellAliases = { update = "bash -c 'set -o pipefail && OLD_SYSTEM=$(readlink /run/current-system) && sudo nixos-rebuild switch $@ --impure --refresh --flake git+https://forg.gregersen.it/rope/nixos -L --log-format internal-json 2>&1 | nom --json && nvd diff $OLD_SYSTEM /run/current-system && (command -v record-update &>/dev/null && record-update $OLD_SYSTEM /run/current-system || true)' --"; clean = "sudo nix-collect-garbage -d"; ll = "ls -alh"; clear = "command clear"; reboot = "bash -c 'if [ \"$(hostname)\" = \"FredOS-Mediaserver\" ]; then read -r -p \"Reboot $(hostname)? [y/N] \" confirm; case \"$confirm\" in [Yy]) ;; *) exit 0 ;; esac; fi; sudo systemctl reboot'"; }; # Add packages environment.systemPackages = with pkgs; [ git localsend nvd nix-output-monitor jq dnsutils busybox ]; # Offload builds to the media server. Excluded on the server itself to # avoid a pointless SSH round-trip to localhost. nix.distributedBuilds = lib.mkIf (config.networking.hostName != "FredOS-Mediaserver") true; nix.buildMachines = lib.mkIf (config.networking.hostName != "FredOS-Mediaserver") [{ hostName = "nordhammer.it"; systems = [ "x86_64-linux" "i686-linux" ]; sshUser = "fred"; sshKey = "/root/.ssh/id_ed25519"; maxJobs = 4; supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; }]; # Accept unsigned paths copied back from the remote builder. nix.extraOptions = lib.mkIf (config.networking.hostName != "FredOS-Mediaserver") '' require-sigs = false ''; }