feat(system): professionalize system configurations

- Consolidate imperative system settings into /etc/nixos/state.json - Implement nomarchy.system options for DNS, Wifi powersave, Timezone, and hardware features - Add declarative browser policies for Chromium/Brave based on theme - Update toggles scripts to mutate system JSON and run sys-update --impure - Remove obsolete imperative browser theme and redundant system modules
2026-04-04 19:22:47 +01:00
parent 42f515f4a9
commit 08e2b4e248
17 changed files with 225 additions and 164 deletions
--- a/modules/system/network.nix
+++ b/modules/system/network.nix
@@ -1,5 +1,26 @@
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:

+let
+  cfg = config.nomarchy.system;
+in
 {
  networking.networkmanager.enable = true;
+  
+  networking.networkmanager.wifi.powersave = cfg.wifi.powersave;
+
+  # DNS Configuration
+  networking.nameservers = if cfg.dns == "Cloudflare" then [ "1.1.1.1" "1.0.0.1" ]
+                           else if cfg.dns == "Google" then [ "8.8.8.8" "8.8.4.4" ]
+                           else if cfg.dns == "Custom" then cfg.customDns
+                           else []; # DHCP lets NM handle it
+
+  services.resolved = {
+    enable = cfg.dns != "DHCP";
+    dnssec = "allow-downgrade";
+    domains = [ "~." ];
+    fallbackDns = [ "9.9.9.9" "149.112.112.112" ];
+    extraConfig = ''
+      DNSOverTLS=opportunistic
+    '';
+  };
 }