some refactoring and modularizing locale

2024-10-23 20:11:01 +02:00
parent 86046c6414
commit b7784f9b15
58 changed files with 256 additions and 165 deletions
--- a/modules/nixos/boot/kernel/default.nix
+++ b/modules/nixos/boot/kernel/default.nix
@@ -0,0 +1,74 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}: let
+  inherit (lib) mkOption;
+  cfg = config.nixos.boot.kernel;
+in {
+  options = {
+    nixos.boot.kernel = {
+      variant = mkOption {
+        type = lib.types.enum ["stable" "latest" "cachyos"];
+        default = "latest";
+        description = "Kernel variant to use.";
+      };
+
+      hardware = mkOption {
+        type = lib.types.enum ["amd" "nvidia"];
+        default = "amd";
+        description = "Hardware type (GPU) configuration.";
+      };
+
+      extraKernelParams = mkOption {
+        type = lib.types.listOf lib.types.str;
+        default = [];
+        description = "Additional kernel parameters.";
+      };
+
+      extraBlacklistedModules = mkOption {
+        type = lib.types.listOf lib.types.str;
+        default = [];
+        description = "Additional kernel nixos.to blacklist.";
+      };
+    };
+  };
+
+  config = {
+    boot = {
+      consoleLogLevel = 3;
+
+      kernelPackages = let
+        variant = cfg.variant or "latest"; # Ensure a default value
+      in
+        if variant == "stable"
+        then pkgs.linuxPackages
+        else if variant == "latest"
+        then pkgs.linuxPackages_latest
+        else if variant == "cachyos"
+        then pkgs.linuxPackages_cachyos
+        else throw "Unknown kernel variant: ${variant}";
+
+      kernelParams =
+        [
+          "quiet"
+          "splash"
+        ]
+        ++ (
+          if cfg.hardware == "amd"
+          then ["amd_pstate=active"]
+          else []
+        )
+        ++ cfg.extraKernelParams;
+
+      blacklistedKernelModules =
+        (
+          if cfg.hardware == "nvidia"
+          then ["nouveau"]
+          else []
+        )
+        ++ cfg.extraBlacklistedModules;
+    };
+  };
+}
--- a/modules/nixos/boot/loader/default.nix
+++ b/modules/nixos/boot/loader/default.nix
@@ -0,0 +1,60 @@
+{
+  pkgs,
+  lib,
+  config,
+  inputs,
+  ...
+}: let
+  inherit (lib) mkIf mkEnableOption mkMerge mkForce;
+  cfg = config.nixos.boot.loader;
+in {
+  options = {
+    nixos.boot.loader = {
+      default = {
+        enable = mkEnableOption "Enable default boot loader configuration.";
+      };
+      lanzaboote = {
+        enable = mkEnableOption "Enable Lanzaboote boot loader configuration.";
+      };
+    };
+  };
+
+  imports = [
+    inputs.lanzaboote.nixosModules.lanzaboote
+  ];
+
+  config = mkMerge [
+    {
+      assertions = [
+        {
+          assertion = !(cfg.default.enable && cfg.lanzaboote.enable);
+          message = "Only one of nixos.boot.loader.default.enable and nixos.boot.loader.lanzaboote.enable can be set to true.";
+        }
+      ];
+    }
+
+    (mkIf cfg.default.enable {
+      # Default boot loader configuration
+      boot.loader = {
+        systemd-boot.enable = true;
+        systemd-boot.graceful = true;
+        efi.canTouchEfiVariables = false;
+      };
+    })
+
+    (mkIf cfg.lanzaboote.enable {
+      # Lanzaboote boot loader configuration
+      boot = {
+        lanzaboote = {
+          enable = true;
+          pkiBundle = "/etc/secureboot";
+        };
+
+        # We let Lanzaboote install systemd-boot
+        loader.systemd-boot.enable = mkForce false;
+      };
+
+      environment.systemPackages = [pkgs.sbctl];
+    })
+  ];
+}