gwg313/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

initial commit

Browse source
This commit is contained in:
gwg313 2026-04-15 18:26:05 -04:00
commit ebc1be5217
Signed by: gwg313
GPG key ID: 60FF63B4826B7400
143 changed files with 7721 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

106
modules/aspects/roles.nix Normal file
View file

@ -0,0 +1,106 @@
{
lib,
...
}:
{
options.dendritic.roles = lib.mkOption {
type = lib.types.attrsOf (
lib.types.submodule (
{ ... }:
{
options = {
roles = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
};
features = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
};
};
}
)
);
default = { };
};
config.dendritic.roles = {
core-user.features = [
"shell"
"nh"
"system-nix"
];
security-baseline.features = [
"security-kernel-hardened"
"system-services"
"security-systemd"
"security-sysctl"
"security-firewall"
"security-auditd"
"security-malware-clamav"
"ntp-chrony"
"security-usbguard"
];
desktop-wayland.features = [
"browser-brave"
"wm-niri"
"terminal-ghostty"
"audio"
"bluetooth"
"gnupg-agent"
"wayland"
"proton"
"earlyoom"
"dolphin"
];
laptop.features = [
"hardware-laptop"
"security-systemd-bluetooth"
];
server.roles = [
"security-baseline"
"security-sysctl-strict"
];
server.features = [
"security-ssh-hardening"
"security-firewall-nftables"
"ops-server-base"
];
developer.features = [
"developer-cli"
"editor-neovim"
"containers-podman"
"ops-k8s"
"virtualization-libvirt"
"security-sudo-rs"
"security-ssh-client"
"dev-devenv"
];
secrets-managed.features = [
"secrets-system-sops"
"secrets-home-sops"
];
theme-stylix.features = [
"theme-system-stylix"
"theme-home-stylix"
];
workstation.roles = [
"core-user"
"security-baseline"
"desktop-wayland"
"developer"
"secrets-managed"
"theme-stylix"
];
};
}