peritia/Nyx-Modules
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Main

Browse source
This commit is contained in:
Peritia 2025-09-10 12:17:16 +02:00
parent fc0abdd4bb
commit aca73cdd0f
73 changed files with 3873 additions and 381 deletions
Download patch file Download diff file Expand all files Collapse all files

38
Modules/System/Application/Gaming/Steam/steam.nix
View file

@ -1,3 +1,20 @@
# Steam (System Module)
#
# Provides:
# - Steam client
# - Optional firewall openings for:
# * Remote Play
# * Source Dedicated Server
# * Local Network Game Transfers
# - ProtonUp tool for managing Proton versions
#
# Options:
# - enable → Enable Steam system module
# - openFirewall.remotePlay → Open firewall for Remote Play
# - openFirewall.dedicatedServer → Open firewall for Source Dedicated Server
# - openFirewall.localNetworkGameTransfers → Open firewall for LAN transfers
#
{ config, lib, pkgs, ... }:
let
@ -5,16 +22,25 @@ let
in
{
options.nyx-module.system.steam = {
enable = lib.mkEnableOption "Enable steam (system) module";
enable = lib.mkEnableOption "Enable Steam (system module)";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.steam;
description = "Package to install for steam.";
openFirewall = {
remotePlay = lib.mkEnableOption "Open firewall for Steam Remote Play";
dedicatedServer = lib.mkEnableOption "Open firewall for Source Dedicated Server";
localNetworkGameTransfers = lib.mkEnableOption "Open firewall for Steam Local Network Game Transfers";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
programs.steam = {
enable = true;
remotePlay.openFirewall = cfg.openFirewall.remotePlay;
dedicatedServer.openFirewall = cfg.openFirewall.dedicatedServer;
localNetworkGameTransfers.openFirewall = cfg.openFirewall.localNetworkGameTransfers;
};
environment.systemPackages = with pkgs; [
protonup
];
};
}

20
Modules/System/Application/Grub/all-grub.nix
View file

@ -1,20 +0,0 @@
{ config, lib, pkgs, ... }:
let
cfg = config.nyx-module.system.all-grub;
in
{
options.nyx-module.system.all-grub = {
enable = lib.mkEnableOption "Enable all-grub (system) module";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.all-grub;
description = "Package to install for all-grub.";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
};
}

8
Modules/System/Application/Grub/default.nix
View file

@ -1,8 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports = [
./all-grub.nix
./minegrub.nix
];
}

20
Modules/System/Application/Grub/minegrub.nix
View file

@ -1,20 +0,0 @@
{ config, lib, pkgs, ... }:
let
cfg = config.nyx-module.system.minegrub;
in
{
options.nyx-module.system.minegrub = {
enable = lib.mkEnableOption "Enable minegrub (system) module";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.minegrub;
description = "Package to install for minegrub.";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
};
}

32
Modules/System/Application/Special-Applications/flatpak.nix
View file

@ -1,3 +1,13 @@
# Flatpak (System Module)
#
# Provides:
# - Flatpak package manager
# - Flatpak service integration
# - XDG portals for sandboxed apps
#
# Options:
# - enable → Enable Flatpak system module
#
{ config, lib, pkgs, ... }:
let
@ -5,16 +15,22 @@ let
in
{
options.nyx-module.system.flatpak = {
enable = lib.mkEnableOption "Enable flatpak (system) module";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.flatpak;
description = "Package to install for flatpak.";
};
enable = lib.mkEnableOption "Enable Flatpak (system module)";
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
services.flatpak.enable = true;
# Flatpak apps need XDG portals for proper desktop integration
xdg.portal = {
enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-gtk # For GTK desktops
# xdg-desktop-portal-kde # Uncomment for KDE Plasma
];
};
# Optional explicit installation (not strictly needed)
environment.systemPackages = [ pkgs.flatpak ];
};
}

39
Modules/System/Application/Special-Applications/wireshark.nix
View file

@ -1,3 +1,15 @@
# Wireshark (System Module)
#
# Provides:
# - Wireshark installation
# - Proper dumpcap permissions
# - Adds user to `wireshark` group
#
# Options:
# - enable → Enable Wireshark system module
# - username → User to add to the wireshark group (required)
#
{ config, lib, pkgs, ... }:
let
@ -5,16 +17,31 @@ let
in
{
options.nyx-module.system.wireshark = {
enable = lib.mkEnableOption "Enable wireshark (system) module";
enable = lib.mkEnableOption "Enable Wireshark (system module)";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.wireshark;
description = "Package to install for wireshark.";
username = lib.mkOption {
type = lib.types.str;
example = "alice";
description = "User to add to the wireshark group.";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
environment.systemPackages = [ pkgs.wireshark ];
programs.wireshark = {
enable = true; # Installs wireshark + sets dumpcap caps
package = pkgs.wireshark;
};
# Add user to wireshark group
users.users.${cfg.username}.extraGroups = [ "wireshark" ];
assertions = [
{
assertion = cfg.username != "";
message = "nyx-module.system.wireshark.username must be set to a valid user.";
}
];
};
}

1
Modules/System/Application/cli/default.nix
View file

@ -4,6 +4,7 @@
imports = [
./docker.nix
./openssh.nix
./podman.nix
./vm.nix
./zsh.nix
];

60
Modules/System/Application/cli/docker.nix
View file

@ -1,3 +1,21 @@
# Docker (System Module)
#
# Provides:
# - Docker runtime and CLI
# - Docker Compose
# - User access via `docker` group
# - Optional rootless mode and cgroup v2 support
#
# Options:
# - enable → Enable Docker system module
# - username → User to add to the docker group
# - enableOnBoot → Start Docker service on boot (default: true)
# - rootless → Enable Docker rootless mode (disabled by default)
#
# Notes:
# - Rootless mode is disabled by default
# - Uses cgroup v2 for better resource management on modern kernels
{ config, lib, pkgs, ... }:
let
@ -5,16 +23,46 @@ let
in
{
options.nyx-module.system.docker = {
enable = lib.mkEnableOption "Enable docker (system) module";
enable = lib.mkEnableOption "Enable Docker (system module)";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.docker;
description = "Package to install for docker.";
username = lib.mkOption {
type = lib.types.str;
example = "alice";
description = "User to add to the docker group.";
};
enableOnBoot = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Whether to enable Docker service on boot.";
};
rootless = lib.mkEnableOption "Enable rootless Docker mode";
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
virtualisation.docker = {
enable = true;
enableOnBoot = cfg.enableOnBoot;
rootless.enable = cfg.rootless;
};
users.users.${cfg.username}.extraGroups = [ "docker" ];
environment.systemPackages = with pkgs; [
docker
docker-compose
];
# Optional: Docker cgroup v2 (usually enabled by default in modern NixOS)
boot.kernelParams = [ "cgroup_enable=memory" "cgroup_memory=1" ];
assertions = [
{
assertion = cfg.username != "";
message = "nyx-module.system.docker.username must be set to a valid user.";
}
];
};
}

39
Modules/System/Application/cli/openssh.nix
View file

@ -1,3 +1,17 @@
# OpenSSH (System Module)
#
# Provides:
# - OpenSSH server (sshd) service
#
# Options:
# - enable → Enable OpenSSH system module
# - passwordAuth → Allow password authentication (default: false)
# - permitRootLogin → Permit root login (default: "no")
#
# Notes:
# - By default, password authentication is disabled for better security
# - Root login is disabled unless explicitly enabled
{ config, lib, pkgs, ... }:
let
@ -5,16 +19,29 @@ let
in
{
options.nyx-module.system.openssh = {
enable = lib.mkEnableOption "Enable openssh (system) module";
enable = lib.mkEnableOption "Enable OpenSSH (system module)";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.openssh;
description = "Package to install for openssh.";
passwordAuth = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to allow password authentication.";
};
permitRootLogin = lib.mkOption {
type = lib.types.str;
default = "no";
example = "prohibit-password";
description = "Whether to permit root login via SSH.";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = cfg.passwordAuth;
PermitRootLogin = cfg.permitRootLogin;
};
};
};
}

53
Modules/System/Application/cli/podman.nix Normal file
View file

@ -0,0 +1,53 @@
# Podman (System Module)
#
# Provides:
# - Podman runtime and CLI
# - Podman Compose
# - User access via `podman` group
#
# Options:
# - enable → Enable Podman system module
# - username → User to add to the podman group
#
# Notes:
# - Adds podman + podman-compose to system packages
# - Enables D-Bus socket activation for Podman
#
{ config, lib, pkgs, ... }:
let
cfg = config.nyx-module.system.podman;
in
{
options.nyx-module.system.podman = {
enable = lib.mkEnableOption "Enable Podman (system module)";
username = lib.mkOption {
type = lib.types.str;
example = "alice";
description = "User to add to the podman group.";
};
};
config = lib.mkIf cfg.enable {
virtualisation.podman.enable = true;
users.users.${cfg.username}.extraGroups = [ "podman" ];
environment.systemPackages = with pkgs; [
podman
podman-compose
];
# Optional: enable Podman socket activation
services.dbus.packages = [ pkgs.podman ];
assertions = [
{
assertion = cfg.username != "";
message = "nyx-module.system.podman.username must be set to a valid user.";
}
];
};
}

59
Modules/System/Application/cli/vm.nix
View file

@ -1,3 +1,21 @@
# VM (System Module)
#
# Provides:
# - QEMU/KVM virtualization via libvirt
# - virt-manager GUI
# - User access via libvirtd and kvm groups
# - Spice, dnsmasq, and bridge-utils for networking and display
#
# Options:
# - enable → Enable VM system module
# - username → User to add to virtualization groups (required)
#
# Notes:
# - QEMU runs as root by default (can be adjusted)
# - virt-manager GUI is enabled automatically
# - Only generic "kvm" kernel module is forced (host picks intel/amd)
#
{ config, lib, pkgs, ... }:
let
@ -5,16 +23,45 @@ let
in
{
options.nyx-module.system.vm = {
enable = lib.mkEnableOption "Enable vm (system) module";
enable = lib.mkEnableOption "Enable VM (system module)";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.vm;
description = "Package to install for vm.";
username = lib.mkOption {
type = lib.types.str;
example = "alice";
description = "User to add to virtualization groups.";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
environment.systemPackages = with pkgs; [
virt-manager
spice-gtk
dnsmasq
bridge-utils
];
virtualisation.libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_full;
runAsRoot = true;
};
};
# Add user to groups
users.users.${cfg.username}.extraGroups = [ "libvirtd" "kvm" ];
# Enable kernel modules for virtualization
boot.kernelModules = [ "kvm" ];
# Enable GUI management tool
programs.virt-manager.enable = true;
assertions = [
{
assertion = cfg.username != "";
message = "nyx-module.system.vm.username must be set to a valid user.";
}
];
};
}

44
Modules/System/Application/cli/zsh.nix
View file

@ -1,3 +1,17 @@
# Zsh (System Module)
#
# Provides:
# - Zsh shell
# - oh-my-zsh integration
# - Theme + plugins support
#
# Options:
# - enable → Enable Zsh system module
# - ohMyZsh → Enable oh-my-zsh integration
# - theme → oh-my-zsh theme (default: "xiong-chiamiov-plus")
# - plugins → List of oh-my-zsh plugins (default: [ "git" ])
#
{ config, lib, pkgs, ... }:
let
@ -5,16 +19,34 @@ let
in
{
options.nyx-module.system.zsh = {
enable = lib.mkEnableOption "Enable zsh (system) module";
enable = lib.mkEnableOption "Enable Zsh (system module)";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.zsh;
description = "Package to install for zsh.";
ohMyZsh = lib.mkEnableOption "Enable oh-my-zsh integration";
theme = lib.mkOption {
type = lib.types.str;
default = "xiong-chiamiov-plus";
description = "oh-my-zsh theme to use.";
};
plugins = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ "git" ];
description = "List of oh-my-zsh plugins to enable.";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
programs.zsh = {
enable = true;
ohMyZsh = lib.mkIf cfg.ohMyZsh {
enable = true;
theme = cfg.theme;
plugins = cfg.plugins;
};
};
# Add zsh to available shells
environment.shells = with pkgs; [ zsh ];
};
}

1
Modules/System/Application/default.nix
View file

@ -4,7 +4,6 @@
imports = [
./cli
./Gaming
./Grub
./Special-Applications
];
}