feat(nix): add nixos module and overlay

Author: ashhhleyyy

flake.nix

@@ -5,7 +5,12 @@
   };
 
   outputs = { self, nixpkgs, flake-utils }:
-    flake-utils.lib.eachDefaultSystem (system:
+    {
+       overlays.default = final: prev: {
+        inherit (self.packages.${prev.system}) default;
+      };
+      nixosModules.default = import ./nixos.nix (self.overlays.default);
+    } // flake-utils.lib.eachDefaultSystem (system:
       let
         pkgs = import nixpkgs {
           inherit system;

nixos.nix

@@ -0,0 +1,41 @@
+baps-overlay:
+
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+let
+  cfg = config.services.bapsicle;
+in
+
+{
+  options.services.bapsicle = {
+    enable = lib.mkEnableOption "BAPSicle server";
+  };
+
+  config = {
+    nixpkgs.overlays = [baps-overlay];
+
+    systemd.user.services.bapsicle = lib.mkIf cfg.enable {
+      description = "BAPS 3 Server";
+
+      serviceConfig = {
+        ExecStart = "${pkgs.bapsicle}";
+        LockPersonality = "yes";
+        MemoryDenyWriteExecute = "yes";
+        NoNewPrivileges = "yes";
+        Restart = "on-failure";
+        RestrictNamespaces = "yes";
+        SystemCallArchitectures = "native";
+        SystemCallFilter = "@system-service";
+        TimeoutSec = "13500000000000";
+      };
+
+      after = ["pipewire-pulse.socket"];
+      wantedBy = "default.target";
+    };
+  };
+}