整理许多内容

2026-01-12 04:39:23 +08:00 · 2023-07-26 23:36:12 +08:00
parent 3430a00548
commit ba2b67e3dd
5 changed files with 239 additions and 227 deletions
--- a/modules/boot/default.nix
+++ b/modules/boot/default.nix
@@ -9,34 +9,38 @@ inputs:
 			installDevice = mkOption { type = types.str; }; # "efi" using efi, or dev path like "/dev/sda" using bios
 		};
 	};
-	config = let inherit (inputs.lib) mkMerge mkIf; inherit (inputs.localLib) mkConditional; in mkMerge
-	[
-		# generic
-		{
-			boot =
+	config =
+		let
+			inherit (inputs.lib) mkMerge mkIf;
+			inherit (inputs.localLib) mkConditional;
+			inherit (inputs.config.nixos) boot;
+		in mkMerge
+		[
+			# generic
 			{
-				loader.grub = { enable = true; useOSProber = false; };
-				initrd.systemd.enable = true;
-			};
-		}
-		# grub.timeout
-		{ boot.loader.timeout = inputs.config.nixos.boot.grub.timeout; }
-		# grub.entries
-		(
-			mkIf (inputs.config.nixos.boot.grub.entries != null)
-				{ boot.loader.grub.extraEntries = inputs.config.nixos.boot.grub.entries; }
-		)
-		# grub.installDevice
-		(
-			mkConditional (inputs.config.nixos.boot.grub.installDevice == "efi")
+				boot =
 				{
-					boot.loader =
+					loader.grub = { enable = true; useOSProber = false; };
+					initrd.systemd.enable = true;
+				};
+			}
+			# grub.timeout
+			{ boot.loader.timeout = boot.grub.timeout; }
+			# grub.entries
+			(
+				mkIf (boot.grub.entries != null) { boot.loader.grub.extraEntries = boot.grub.entries; }
+			)
+			# grub.installDevice
+			(
+				mkConditional (boot.grub.installDevice == "efi")
 					{
-						efi = { canTouchEfiVariables = true; efiSysMountPoint = "/boot/efi"; };
-						grub = { device = "nodev"; efiSupport = true; };
-					};
-				}
-				{ boot.loader.grub.device = inputs.config.nixos.boot.grub.installDevice; }
-		)
-	];
+						boot.loader =
+						{
+							efi = { canTouchEfiVariables = true; efiSysMountPoint = "/boot/efi"; };
+							grub = { device = "nodev"; efiSupport = true; };
+						};
+					}
+					{ boot.loader.grub.device = boot.grub.installDevice; }
+			)
+		];
 }
--- a/modules/fileSystems/default.nix
+++ b/modules/fileSystems/default.nix
@@ -25,120 +25,125 @@ inputs:
 			path = mkOption { type = types.nonEmptyStr; };
 		}; }); };
 	};
-	config = let inherit (inputs.lib) mkMerge mkIf; inherit (inputs.localLib) stripeTabs; in mkMerge
-	[
-		# mount.vfat
-		{
-			fileSystems = builtins.listToAttrs (builtins.map
-				(device: { name = device.value; value = { device = device.name; fsType = "vfat"; }; })
-				(inputs.localLib.attrsToList inputs.config.nixos.fileSystems.mount.vfat));
-		}
-		# mount.btrfs
-		{
-			fileSystems = builtins.listToAttrs (builtins.concatLists (builtins.map
-				(
-					device: builtins.map
-						(
-							subvol:
-							{
-								name = subvol.value;
-								value =
-								{
-									device = device.name;
-									fsType = "btrfs";
-									options = [ "compress-force=zstd:8" "subvol=${subvol.name}" ];
-								};
-							}
-						)
-						(inputs.localLib.attrsToList device.value)
-				)
-				(inputs.localLib.attrsToList inputs.config.nixos.fileSystems.mount.btrfs)));
-		}
-		# decrypt.auto
-		(
-			mkIf (inputs.config.nixos.fileSystems.decrypt.auto != null)
+	config =
+		let
+			inherit (builtins) listToAttrs map concatLists;
+			inherit (inputs.lib) mkMerge mkIf;
+			inherit (inputs.localLib) stripeTabs attrsToList;
+			inherit (inputs.config.nixos) fileSystems;
+		in mkMerge
+		[
+			# mount.vfat
 			{
-				boot.initrd =
-				{
-					luks.devices = (builtins.listToAttrs (builtins.map
-						(
-							device:
-							{
-								name = device.value.mapper;
-								value =
-								{
-									device = device.name;
-									allowDiscards = device.value.ssd;
-									bypassWorkqueues = device.value.ssd;
-									crypttabExtraOpts = [ "fido2-device=auto" "x-initrd.attach" ];
-								};
-							}
-						)
-						(inputs.localLib.attrsToList inputs.config.nixos.fileSystems.decrypt.auto)));
-					systemd.services =
-						let
-							createService = device:
-							{
-								name = "systemd-cryptsetup@${device.value.mapper}";
-								value =
-								{
-									before = builtins.map (device: "systemd-cryptsetup@${device}.service") device.value.before;
-									overrideStrategy = "asDropin";
-								};
-							};
-						in
-							builtins.listToAttrs (builtins.map createService
-								(builtins.filter (device: device.value.before != null)
-									(inputs.localLib.attrsToList inputs.config.nixos.fileSystems.decrypt.auto)));
-				};
+				fileSystems = listToAttrs (map
+					(device: { name = device.value; value = { device = device.name; fsType = "vfat"; }; })
+					(attrsToList fileSystems.mount.vfat));
 			}
-		)
-		# mdadm
-		(
-			mkIf (inputs.config.nixos.fileSystems.mdadm != null)
-				{ boot.initrd.services.swraid = { enable = true; mdadmConf = inputs.config.nixos.fileSystems.mdadm; }; }
-		)
-		# swap
-		{ swapDevices = builtins.map (device: { device = device; }) inputs.config.nixos.fileSystems.swap; }
-		# resume
-		(
-			mkIf (inputs.config.nixos.fileSystems.resume != null) { boot =
+			# mount.btrfs
+			{
+				fileSystems = listToAttrs (concatLists (map
+					(
+						device: map
+							(
+								subvol:
+								{
+									name = subvol.value;
+									value =
+									{
+										device = device.name;
+										fsType = "btrfs";
+										options = [ "compress-force=zstd:8" "subvol=${subvol.name}" ];
+									};
+								}
+							)
+							(attrsToList device.value)
+					)
+					(attrsToList fileSystems.mount.btrfs)));
+			}
+			# decrypt.auto
 			(
-				if builtins.typeOf inputs.config.nixos.fileSystems.resume == "string" then
-					{ resumeDevice = inputs.config.nixos.fileSystems.resume; }
-				else
+				mkIf (fileSystems.decrypt.auto != null)
 				{
-					resumeDevice = inputs.config.nixos.fileSystems.resume.device;
-					kernelModules = [ "resume_offset=${inputs.config.nixos.fileSystems.resume.offset}" ];
+					boot.initrd =
+					{
+						luks.devices = (listToAttrs (map
+							(
+								device:
+								{
+									name = device.value.mapper;
+									value =
+									{
+										device = device.name;
+										allowDiscards = device.value.ssd;
+										bypassWorkqueues = device.value.ssd;
+										crypttabExtraOpts = [ "fido2-device=auto" "x-initrd.attach" ];
+									};
+								}
+							)
+							(attrsToList fileSystems.decrypt.auto)));
+						systemd.services =
+							let
+								createService = device:
+								{
+									name = "systemd-cryptsetup@${device.value.mapper}";
+									value =
+									{
+										before = map (device: "systemd-cryptsetup@${device}.service") device.value.before;
+										overrideStrategy = "asDropin";
+									};
+								};
+							in
+								listToAttrs (map createService
+									(builtins.filter (device: device.value.before != null) (attrsToList fileSystems.decrypt.auto)));
+					};
 				}
-			);}
-		)
-		# rollingRootfs
-		(
-			mkIf (inputs.config.nixos.fileSystems.rollingRootfs != null)
-			{
-				boot.initrd.systemd.services.roll-rootfs =
+			)
+			# mdadm
+			(
+				mkIf (fileSystems.mdadm != null)
+					{ boot.initrd.services.swraid = { enable = true; mdadmConf = fileSystems.mdadm; }; }
+			)
+			# swap
+			{ swapDevices = map (device: { device = device; }) fileSystems.swap; }
+			# resume
+			(
+				mkIf (fileSystems.resume != null) { boot =
+				(
+					if builtins.typeOf fileSystems.resume == "string" then
+						{ resumeDevice = fileSystems.resume; }
+					else
+					{
+						resumeDevice = fileSystems.resume.device;
+						kernelModules = [ "resume_offset=${fileSystems.resume.offset}" ];
+					}
+				);}
+			)
+			# rollingRootfs
+			(
+				mkIf (fileSystems.rollingRootfs != null)
 				{
-					wantedBy = [ "local-fs-pre.target" ];
-					after = [ "cryptsetup.target" "systemd-hibernate-resume.slice" ];
-					before = [ "local-fs-pre.target" ];
-					unitConfig.DefaultDependencies = false;
-					serviceConfig.Type = "oneshot";
-					script = let inherit (inputs.config.nixos.fileSystems.rollingRootfs) device path; in stripeTabs
-					"
-						mount ${device} /mnt -m
-						if [ -f /mnt${path}/current/.timestamp ]
-						then
-							mv /mnt${path}/current /mnt${path}/$(cat /mnt${path}/current/.timestamp)
-						fi
-						btrfs subvolume create /mnt${path}/current
-						echo $(date '+%Y%m%d%H%M%S') > /mnt${path}/current/.timestamp
-						umount /mnt
-					";
-				};
-			}
-		)
-	];
+					boot.initrd.systemd.services.roll-rootfs =
+					{
+						wantedBy = [ "local-fs-pre.target" ];
+						after = [ "cryptsetup.target" "systemd-hibernate-resume.slice" ];
+						before = [ "local-fs-pre.target" ];
+						unitConfig.DefaultDependencies = false;
+						serviceConfig.Type = "oneshot";
+						script = let inherit (fileSystems.rollingRootfs) device path; in stripeTabs
+						"
+							mount ${device} /mnt -m
+							if [ -f /mnt${path}/current/.timestamp ]
+							then
+								mv /mnt${path}/current /mnt${path}/$(cat /mnt${path}/current/.timestamp)
+							fi
+							btrfs subvolume create /mnt${path}/current
+							echo $(date '+%Y%m%d%H%M%S') > /mnt${path}/current/.timestamp
+							umount /mnt
+						";
+					};
+				}
+			)
+		];
 }

 # Disable CoW for VM image and database:
--- a/modules/hardware/chn-PC.nix
+++ b/modules/hardware/chn-PC.nix
@@ -2,36 +2,6 @@
 {
 	config =
 	{
-		nixpkgs =
-		{
-			overlays =
-			[(
-				final: prev:
-					let
-						generic-pkgs = (inputs.topInputs.nixpkgs.lib.nixosSystem
-						{
-							system = "x86_64-linux";
-							modules = [{ config.nixpkgs.config.allowUnfree = true; }];
-						}).pkgs;
-					in
-						{
-							# pandoc = generic-pkgs.pandoc;
-							# fwupd = generic-pkgs.fwupd;
-						}
-			)];
-		};
-		hardware.opengl =
-		{
-			enable = true;
-			driSupport = true;
-			extraPackages = with inputs.pkgs;
-			[
-				intel-compute-runtime intel-media-driver mesa.drivers intel-vaapi-driver libvdpau-va-gl vaapiVdpau
-			];
-			driSupport32Bit = true;
-		};
-		environment.variables.VDPAU_DRIVER = "va_gl";
-		hardware.nvidia.modesetting.enable = false;
 		systemd.services =
 		{
 			reload-iwlwifi-after-hibernate =
--- a/modules/hardware/default.nix
+++ b/modules/hardware/default.nix
@@ -9,70 +9,95 @@ inputs:
 		cpu = mkOption { type = types.listOf (types.enum [ "intel" "amd" ]); default = []; };
 		gpu = mkOption { type = types.listOf (types.enum [ "intel" "nvidia" ]); default = []; };
 	};
-	config = let inherit (inputs.lib) mkMerge mkIf; in mkMerge
-	[
-		# bluetooth
-		(mkIf inputs.config.nixos.hardware.bluetooth.enable { hardware.bluetooth.enable = true; })
-		# joystick
-		(mkIf inputs.config.nixos.hardware.joystick.enable { hardware = { xone.enable = true; xpadneo.enable = true; }; })
-		# printer
-		(
-			mkIf inputs.config.nixos.hardware.printer.enable
-			{
-				services =
+	config =
+		let
+			inherit (inputs.lib) mkMerge mkIf;
+			inherit (inputs.config.nixos) hardware;
+			inherit (builtins) listToAttrs map concatLists;
+		in mkMerge
+		[
+			# bluetooth
+			(mkIf hardware.bluetooth.enable { hardware.bluetooth.enable = true; })
+			# joystick
+			(mkIf hardware.joystick.enable { hardware = { xone.enable = true; xpadneo.enable = true; }; })
+			# printer
+			(
+				mkIf hardware.printer.enable
 				{
-					printing = { enable = true; drivers = [ inputs.pkgs.cnijfilter2 ]; };
-					avahi = { enable = true; nssmdns = true; openFirewall = true; };
-				};
-			}
-		)
-		# sound
-		(
-			mkIf inputs.config.nixos.hardware.sound.enable
-			{
-				hardware.pulseaudio.enable = false;
-				services.pipewire = { enable = true; alsa = { enable = true; support32Bit = true; }; pulse.enable = true; };
-				sound.enable = true;
-				security.rtkit.enable = true;
-				environment.etc."wireplumber/main.lua.d/50-alsa-config.lua".text =
-					let
-						content = builtins.readFile
-							("/." + inputs.pkgs.wireplumber + "/share/wireplumber/main.lua.d/50-alsa-config.lua");
-						matched = builtins.match
-							".*\n([[:space:]]*)(--\\[\"session\\.suspend-timeout-seconds\"][^\n]*)[\n].*" content;
-						spaces = builtins.elemAt matched 0;
-						comment = builtins.elemAt matched 1;
-						config = ''["session.suspend-timeout-seconds"] = 0'';
-					in
-						builtins.replaceStrings [(spaces + comment)] [(spaces + config)] content;
-			}
-		)
-		# cpu
-		{
-			hardware.cpu = builtins.listToAttrs (builtins.map
-				(name: { inherit name; value = { updateMicrocode = true; }; })
-				inputs.config.nixos.hardware.cpu);
-			boot.initrd.availableKernelModules =
-				let
-					modules =
+					services =
 					{
-						intel = [ "intel_cstate" "aesni_intel" ];
-						amd = [];
+						printing = { enable = true; drivers = [ inputs.pkgs.cnijfilter2 ]; };
+						avahi = { enable = true; nssmdns = true; openFirewall = true; };
 					};
-				in
-					builtins.concatLists (builtins.map (cpu: modules.${cpu}) inputs.config.nixos.hardware.cpu);
-		}
-		# gpu
-		{
-			boot.initrd.availableKernelModules =
-				let
-					modules =
+				}
+			)
+			# sound
+			(
+				mkIf hardware.sound.enable
+				{
+					hardware.pulseaudio.enable = false;
+					services.pipewire = { enable = true; alsa = { enable = true; support32Bit = true; }; pulse.enable = true; };
+					sound.enable = true;
+					security.rtkit.enable = true;
+					environment.etc."wireplumber/main.lua.d/50-alsa-config.lua".text =
+						let
+							content = builtins.readFile
+								("/." + inputs.pkgs.wireplumber + "/share/wireplumber/main.lua.d/50-alsa-config.lua");
+							matched = builtins.match
+								".*\n([[:space:]]*)(--\\[\"session\\.suspend-timeout-seconds\"][^\n]*)[\n].*" content;
+							spaces = builtins.elemAt matched 0;
+							comment = builtins.elemAt matched 1;
+							config = ''["session.suspend-timeout-seconds"] = 0'';
+						in
+							builtins.replaceStrings [(spaces + comment)] [(spaces + config)] content;
+				}
+			)
+			# cpu
+			(
+				mkIf (hardware.cpu != [])
+				{
+					hardware.cpu = listToAttrs (map (name: { inherit name; value = { updateMicrocode = true; }; }) hardware.cpu);
+					boot.initrd.availableKernelModules =
+						let
+							modules =
+							{
+								intel = [ "intel_cstate" "aesni_intel" ];
+								amd = [];
+							};
+						in
+							concatLists (map (cpu: modules.${cpu}) hardware.cpu);
+				}
+			)
+			# gpu
+			(
+				mkIf (hardware.gpu != [])
+				{
+					boot.initrd.availableKernelModules =
+						let
+							modules =
+							{
+								intel = [ "i915" ];
+								nvidia = [ "nvidia" "nvidia_drm" "nvidia_modeset" "nvidia_uvm" ];
+							};
+						in
+							concatLists (map (gpu: modules.${gpu}) hardware.gpu);
+					hardware.opengl =
 					{
-						intel = [ "i915" ];
-						nvidia = [ "nvidia" "nvidia_drm" "nvidia_modeset" "nvidia_uvm" ];
+						enable = true;
+						driSupport = true;
+						extraPackages =
+							with inputs.pkgs;
+							let
+								packages =
+								{
+									intel = [ intel-compute-runtime intel-media-driver intel-vaapi-driver libvdpau-va-gl ];
+									nvidia = [ vaapiVdpau ];
+								};
+							in
+								concatLists (map (gpu: packages.${gpu}) hardware.gpu);
+						driSupport32Bit = true;
 					};
-				in
-					builtins.concatLists (builtins.map (cpu: modules.${cpu}) inputs.config.nixos.hardware.cpu);
-		}
-	];
+				}
+			)
+		];
 }
--- a/modules/system/default.nix
+++ b/modules/system/default.nix
@@ -39,7 +39,15 @@ inputs:
 			};
 			networking.networkmanager.enable = true;
 			programs = { dconf.enable = true; nix-ld.enable = true; };
-			nixpkgs.config.allowUnfree = true;
+			nixpkgs =
+			{
+				config.allowUnfree = true;
+				overlays = [(final: prev: { genericPackages = (inputs.topInputs.nixpkgs.lib.nixosSystem
+				{
+					system = "x86_64-linux";
+					modules = [{ config.nixpkgs.config.allowUnfree = true; }];
+				}).pkgs;})];
+			};
 			time.timeZone = "Asia/Shanghai";
 			system =
 			{