modularizes linux desktop

flake.nix

@@ -40,6 +40,15 @@
       nixosModules.macos = import ./modules/macos;
       nixosModules.homebrew = import ./modules/homebrew;
       nixosModules.aerospace = import ./modules/aerospace;
+      nixosModules.keyd = import ./modules/keyd;
+      nixosModules.ly = import ./modules/wm/ly;
+      nixosModules.unix = import ./modules/unix;
+      nixosModules.nvidia = import ./modules/unix/nvidia.nix;
+      nixosModules.bluetooth = import ./modules/unix/bluetooth.nix;
+      nixosModules.audio = import ./modules/unix/audio.nix;
+      nixosModules.printing = import ./modules/unix/printing.nix;
+      nixosModules.steam = import ./modules/steam;
+      nixosModules.niriSystem = import ./modules/wm/niri-system;
 
       nixosConfigurations.dnsc-machine = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";

hosts/dnsc-machine/default.nix

@@ -1,6 +1,6 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
+# TODO: Modularize similar to dnsc-air configuration
+# Create further subdirectories in modules if it gets
+# unwieldy
 {
   config,
   inputs,
@@ -14,65 +14,23 @@
     # Include the results of the hardware scan.
     ./hardware-configuration.nix
     inputs.home-manager.nixosModules.home-manager
-    ../../modules/wm/ly
-    ../../modules/keyd
+    outputs.nixosModules.base
+    outputs.nixosModules.unix
+    outputs.nixosModules.nvidia
+    outputs.nixosModules.bluetooth
+    outputs.nixosModules.printing
+    outputs.nixosModules.audio
+    outputs.nixosModules.ly
+    outputs.nixosModules.niriSystem
+    outputs.nixosModules.keyd
+    outputs.nixosModules.steam
   ];
 
-  # Bootloader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  # Networking
-  networking.hostName = "dnsc-machine"; # Define your hostname.
-  networking.networkmanager.enable = true;
-
   # General settings
+  networking.hostName = "dnsc-machine";
   time.timeZone = "Europe/Berlin";
-  i18n.defaultLocale = "en_US.UTF-8";
-  i18n.extraLocaleSettings = {
-    LC_ADDRESS = "de_DE.UTF-8";
-    LC_IDENTIFICATION = "de_DE.UTF-8";
-    LC_MEASUREMENT = "de_DE.UTF-8";
-    LC_MONETARY = "de_DE.UTF-8";
-    LC_NAME = "de_DE.UTF-8";
-    LC_NUMERIC = "de_DE.UTF-8";
-    LC_PAPER = "de_DE.UTF-8";
-    LC_TELEPHONE = "de_DE.UTF-8";
-    LC_TIME = "de_DE.UTF-8";
-  };
-  security.sudo.enable = true;
+  services.xserver.xkb.layout = "eu";
 
-  services.xserver = {
-    xkb = {
-      layout = "eu";
-    };
-
-    videoDrivers = [ "nvidia" ];
-  };
-
-  # Hardware Setup
-  hardware = {
-    bluetooth = {
-      enable = true;
-      settings = {
-        General = {
-          Enable = "Source,Sink,Media,Socket";
-          Experimental = true;
-        };
-      };
-    };
-    graphics.enable = true;
-    nvidia = {
-      modesetting.enable = true;
-      powerManagement.enable = false;
-      powerManagement.finegrained = false;
-      open = true;
-      nvidiaSettings = true;
-      package = config.boot.kernelPackages.nvidiaPackages.stable;
-    };
-  };
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users.dennis = {
     isNormalUser = true;
     description = "dennis";
@@ -80,46 +38,12 @@
       "networkmanager"
       "wheel"
     ];
-    packages = with pkgs; [ ];
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvXWZOPOJJDAoF+Sx/ZLoAVu6G/7/MAWoknBgMAzjul dennis@dnsc-mac"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKnmuxDkpDIku5t1Tykz21u78xoQ7LJR8JEcfth32LGu dennis@dnsc-work"
     ];
   };
 
-  # Shell
-  programs.fish.enable = true;
-  users.defaultUserShell = pkgs.fish;
-
-  # Window Manager Setup
-  programs.niri.enable = true;
-  security.polkit.enable = true;
-  services.gnome.gnome-keyring.enable = true;
-  security.pam.services.hyprlock = { };
-
-  # Steam
-  programs.steam = {
-    enable = true;
-    remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
-    dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
-    localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
-  };
-
-  # Nix settings
-  nix.gc = {
-    automatic = true;
-    dates = "weekly";
-    options = "--delete-older-than 1w";
-  };
-  nix.settings = {
-    auto-optimise-store = true;
-    experimental-features = [
-      "nix-command"
-      "flakes"
-    ];
-  };
-  nixpkgs.config.allowUnfree = true;
-
   # Home Manager
   home-manager = {
     extraSpecialArgs = { inherit inputs outputs; };
@@ -135,107 +59,12 @@
   };
 
   # System Packages
-  environment.systemPackages = with pkgs; [
-    gcc
-    wget
-    git
-    neovim
-    btop
-    ghostty
-    fish
-    pwvucontrol
-  ];
+  environment.systemPackages = lib.mkAfter (with pkgs; []);
 
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  programs.mtr.enable = true;
-  programs.gnupg.agent = {
-    enable = true;
-    enableSSHSupport = true;
-  };
-
-  xdg.portal = {
-    enable = true;
-    extraPortals = [
-      pkgs.xdg-desktop-portal-gtk
-      pkgs.xdg-desktop-portal-gnome
-    ];
-  };
-
-  # Services
-
-  # Pipewire
-  security.rtkit.enable = true;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-    raopOpenFirewall = true;
-    wireplumber.extraConfig."10-bluez" = {
-      "monitor.bluez.properties" = {
-        "bluez5.enable-sbc-xq" = true;
-        "bluez5.enable-msbc" = true;
-        "bluez5.enable-hw-volume" = true;
-        "bluez5.roles" = [
-          "hsp_hs"
-          "hsp_ag"
-          "hfp_hf"
-          "hfp_ag"
-        ];
-      };
-    };
-    extraConfig.pipewire = {
-      "10-airplay" = {
-        "context.modules" = [
-          {
-            name = "libpipewire-module-raop-discover";
-            # increase the buffer size if you get dropouts/glitches
-            # args = {
-            #   "raop.latency.ms" = 500;
-            # };
-          }
-        ];
-      };
-    };
-  };
-
-  # Bluetooth
-  services.blueman.enable = true;
-
-  # SSH
+  # Enable some services that do not need configuration
   services.openssh.enable = true;
-
-  # Tailscale
   services.tailscale.enable = true;
-
-  # Printing
-  services.printing.enable = true;
-  services.avahi = {
-    enable = true;
-    nssmdns4 = true;
-    openFirewall = true;
-  };
-
-  # External Storage Devices
   services.udisks2.enable = true;
 
-  # GVFS (e.g. for trash)
-  services.gvfs.enable = true;
-
-  # Environment & session variables
-  environment.variables = {
-    EDITOR = "nvim";
-    SYSTEMD_EDITOR = "nvim";
-    VISUAL = "nvim";
-  };
-  environment.sessionVariables.NIXOS_OZONE_WL = "1";
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "25.05"; # Did you read the comment?
+  system.stateVersion = "25.05";
 }

modules/base/default.nix

@@ -32,6 +32,8 @@
   };
 
   environment.systemPackages = with pkgs; [
+    gcc
+    wget
     git
     btop
     fish

modules/steam/default.nix

@@ -0,0 +1,8 @@
+{
+  programs.steam = {
+    enable = true;
+    remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
+    dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
+    localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
+  };
+}

modules/unix/audio.nix

@@ -0,0 +1,41 @@
+{ config, ... }:
+
+{
+  environment.systemPackages = lib.mkAfter (with pkgs; [
+    pwvucontrol
+  ]);
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    raopOpenFirewall = true;
+    wireplumber.extraConfig."10-bluez" = {
+      "monitor.bluez.properties" = {
+        "bluez5.enable-sbc-xq" = true;
+        "bluez5.enable-msbc" = true;
+        "bluez5.enable-hw-volume" = true;
+        "bluez5.roles" = [
+          "hsp_hs"
+          "hsp_ag"
+          "hfp_hf"
+          "hfp_ag"
+        ];
+      };
+    };
+    extraConfig.pipewire = {
+      "10-airplay" = {
+        "context.modules" = [
+          {
+            name = "libpipewire-module-raop-discover";
+            # increase the buffer size if you get dropouts/glitches
+            # args = {
+            #   "raop.latency.ms" = 500;
+            # };
+          }
+        ];
+      };
+    };
+  };
+}

modules/unix/base.nix

@@ -0,0 +1,28 @@
+{
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  networking.networkmanager.enable = true;
+  i18n.defaultLocale = "en_US.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "de_DE.UTF-8";
+    LC_IDENTIFICATION = "de_DE.UTF-8";
+    LC_MEASUREMENT = "de_DE.UTF-8";
+    LC_MONETARY = "de_DE.UTF-8";
+    LC_NAME = "de_DE.UTF-8";
+    LC_NUMERIC = "de_DE.UTF-8";
+    LC_PAPER = "de_DE.UTF-8";
+    LC_TELEPHONE = "de_DE.UTF-8";
+    LC_TIME = "de_DE.UTF-8";
+  };
+  security.sudo.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+  programs.mtr.enable = true;
+  environment.variables = {
+    EDITOR = "nvim";
+    SYSTEMD_EDITOR = "nvim";
+    VISUAL = "nvim";
+  };
+}

modules/unix/bluetooth.nix

@@ -0,0 +1,14 @@
+{ config, ... }:
+
+{
+  services.blueman.enable = true;
+  hardware.bluetooth = {
+    enable = true;
+    settings = {
+      General = {
+        Enable = "Source,Sink,Media,Socket";
+        Experimental = true;
+      };
+    };
+  };
+}

modules/unix/default.nix

@@ -0,0 +1,6 @@
+{
+  imports = [
+    ./base.nix
+    ./shell.nix
+  ];
+}

modules/unix/nvidia.nix

@@ -0,0 +1,15 @@
+{ config, ... }:
+
+{
+  services.xserver.videoDrivers = [ "nvidia" ];
+  graphics.enable = true;
+  nvidia = {
+    modesetting.enable = true;
+    powerManagement.enable = false;
+    powerManagement.finegrained = false;
+    open = true;
+    nvidiaSettings = true;
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
+  environment.sessionVariables.NIXOS_OZONE_WL = "1";
+}

modules/unix/printing.nix

@@ -0,0 +1,10 @@
+{ ... }:
+
+{
+  services.printing.enable = true;
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    openFirewall = true;
+  };
+}

modules/unix/shell.nix

@@ -0,0 +1,6 @@
+{ pkgs, ... }:
+
+{
+  programs.fish.enable = true;
+  users.defaultUserShell = pkgs.fish;
+}

modules/wm/default.nix

@@ -0,0 +1,10 @@
+{
+  imports = [
+    ./awww
+    ./cliphist
+    ./fuzzel
+    ./ironbar
+    ./niri
+    ./swaync
+  ];
+}

modules/wm/niri-system/default.nix

@@ -0,0 +1,14 @@
+{
+  programs.niri.enable = true;
+  security.polkit.enable = true;
+  services.gnome.gnome-keyring.enable = true;
+  security.pam.services.hyprlock = { };
+  xdg.portal = {
+    enable = true;
+    extraPortals = [
+      pkgs.xdg-desktop-portal-gtk
+      pkgs.xdg-desktop-portal-gnome
+    ];
+  };
+  services.gvfs.enable = true;
+}