pogrupowanie konfiguracji oraz dodanie serwerów dns i DNS-over-TLS

2024-11-01 00:47:21 +01:00
parent 3224ea75aa
commit 8730e8637b
2 changed files with 113 additions and 77 deletions
--- a/hosts/garand-laptop/config.nix
+++ b/hosts/garand-laptop/config.nix
@@ -31,8 +31,10 @@ in {
      "vm.max_map_count" = 2147483642;
    };
    # Bootloader.
-    loader.systemd-boot.enable = true;
-    loader.efi.canTouchEfiVariables = true;
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
    # Make /tmp a tmpfs
    tmp = {
      useTmpfs = false;
@@ -74,9 +76,11 @@ in {
    # };
    polarity = "dark";
    opacity.terminal = 0.8;
-    cursor.package = pkgs.bibata-cursors;
-    cursor.name = "Bibata-Modern-Ice";
-    cursor.size = 24;
+    cursor = {
+      package = pkgs.bibata-cursors;
+      name = "Bibata-Modern-Ice";
+      size = 24;
+    };
    fonts = {
      monospace = {
        package = pkgs.nerdfonts.override {fonts = ["JetBrainsMono"];};
@@ -100,21 +104,39 @@ in {
  };

  # Extra Module Options
-  drivers.amdgpu.enable = true;
-  drivers.nvidia.enable = false;
-  drivers.nvidia-prime = {
-    enable = false;
-    intelBusID = "";
-    nvidiaBusID = "";
+  drivers = {
+    amdgpu.enable = true;
+    nvidia.enable = false;
+    nvidia-prime = {
+      enable = false;
+      intelBusID = "";
+      nvidiaBusID = "";
+    };
+    intel.enable = false;
  };
-  drivers.intel.enable = false;
  vm.guest-services.enable = false;
  local.hardware-clock.enable = false;

+  services.resolved = {
+    enable = true;
+    dnssec = "true";
+    domains = ["~."]; # "use as default interface for all requests"
+    # (see man resolved.conf)
+    # let Avahi handle mDNS publication
+    extraConfig = ''
+      DNSOverTLS=opportunistic
+      MulticastDNS=resolve
+    '';
+    llmnr = "true";
+  };
+
  # Enable networking
-  networking.networkmanager.enable = true;
-  networking.hostName = host;
-  networking.timeServers = options.networking.timeServers.default ++ ["pool.ntp.org"];
+  networking = {
+    nameservers = ["176.9.1.117" "213.196.191.96" "2a01:4f8:151:34aa::198"];
+    networkmanager.enable = true;
+    hostName = host;
+    timeServers = options.networking.timeServers.default ++ ["pool.ntp.org"];
+  };

  # Set your time zone.
  time.timeZone = "Europe/Warsaw";
@@ -408,38 +430,49 @@ in {
    disabledDefaultBackends = ["escl"];
  };

-  # Extra Logitech Support
-  hardware.logitech.wireless.enable = false;
-  hardware.logitech.wireless.enableGraphical = false;
-
-  # Bluetooth Support
-  hardware.bluetooth.enable = true;
-  hardware.bluetooth.powerOnBoot = true;
+  hardware = {
+    logitech = {
+      wireless = {
+        enable = false;
+        enableGraphical = false;
+      };
+    };
+    bluetooth = {
+      enable = true;
+      powerOnBoot = true;
+    };
+    pulseaudio = {
+      enable = false;
+    };
+    graphics = {
+      enable = true;
+      enable32Bit = true;
+    };
+  };
  services.blueman.enable = true;

-  # Enable sound with pipewire.
-  hardware.pulseaudio.enable = false;
-
  # Security / Polkit
  security = {
    rtkit.enable = true;
-    polkit.enable = true;
-    polkit.extraConfig = ''
-      polkit.addRule(function(action, subject) {
-        if (
-          subject.isInGroup("users")
-            && (
-              action.id == "org.freedesktop.login1.reboot" ||
-              action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
-              action.id == "org.freedesktop.login1.power-off" ||
-              action.id == "org.freedesktop.login1.power-off-multiple-sessions"
+    polkit = {
+      enable = true;
+      extraConfig = ''
+        polkit.addRule(function(action, subject) {
+          if (
+            subject.isInGroup("users")
+              && (
+                action.id == "org.freedesktop.login1.reboot" ||
+                action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
+                action.id == "org.freedesktop.login1.power-off" ||
+                action.id == "org.freedesktop.login1.power-off-multiple-sessions"
+              )
            )
-          )
-        {
-          return polkit.Result.YES;
-        }
-      })
-    '';
+          {
+            return polkit.Result.YES;
+          }
+        })
+      '';
+    };
    pam.services.swaylock = {
      text = ''
        auth include login
@@ -469,22 +502,17 @@ in {
      dates = "weekly";
      options = "--delete-older-than 7d";
    };
-
    nixPath = ["nixpkgs=${inputs.nixpkgs}"];
  };

  # Virtualization / Containers
-  virtualisation.libvirtd.enable = true;
-  virtualisation.podman = {
-    enable = true;
-    dockerCompat = true;
-    defaultNetwork.settings.dns_enabled = true;
-  };
-
-  # OpenGL
-  hardware.graphics = {
-    enable = true;
-    enable32Bit = true;
+  virtualisation = {
+    libvirtd.enable = true;
+    podman = {
+      enable = true;
+      dockerCompat = true;
+      defaultNetwork.settings.dns_enabled = true;
+    };
  };

  console.keyMap = "${keyboardLayout}";
--- a/hosts/garand-laptop/home.nix
+++ b/hosts/garand-laptop/home.nix
@@ -27,28 +27,26 @@ in {
  ];

  # Place Files Inside Home Directory
-  home.file."Pictures/Wallpapers" = {
-    source = ../../config/wallpapers;
-    recursive = true;
+  home.file = {
+    "Pictures/Wallpapers".source = ../../config/wallpapers;
+    "Pictures/Wallpapers".recursive = true;
+    ".config/wlogout/icons".source = ../../config/wlogout;
+    ".config/wlogout/icons".recursive = true;
+    ".face.icon".source = ../../config/face.jpg;
+    ".config/face.jpg".source = ../../config/face.jpg;
+    ".config/swappy/config".text = ''
+      [Default]
+      save_dir=/home/${username}/Pictures/Screenshots
+      save_filename_format=swappy-%Y%m%d-%H%M%S.png
+      show_panel=false
+      line_size=5
+      text_size=20
+      text_font=Ubuntu
+      paint_mode=brush
+      early_exit=true
+      fill_shape=false
+    '';
  };
-  home.file.".config/wlogout/icons" = {
-    source = ../../config/wlogout;
-    recursive = true;
-  };
-  home.file.".face.icon".source = ../../config/face.jpg;
-  home.file.".config/face.jpg".source = ../../config/face.jpg;
-  home.file.".config/swappy/config".text = ''
-    [Default]
-    save_dir=/home/${username}/Pictures/Screenshots
-    save_filename_format=swappy-%Y%m%d-%H%M%S.png
-    show_panel=false
-    line_size=5
-    text_size=20
-    text_font=Ubuntu
-    paint_mode=brush
-    early_exit=true
-    fill_shape=false
-  '';

  # Install & Configure Git
  programs.git = {
@@ -73,9 +71,19 @@ in {
  };

  # Styling Options
-  stylix.targets.waybar.enable = false;
-  stylix.targets.rofi.enable = false;
-  stylix.targets.hyprland.enable = false;
+  stylix = {
+    targets = {
+      waybar = {
+        enable = false;
+      };
+      rofi = {
+        enable = false;
+      };
+      hyprland = {
+        enable = false;
+      };
+    };
+  };
  gtk = {
    iconTheme = {
      name = "Papirus-Dark";