break up into reusable modules

Signed-off-by: unexplrd <unexplrd@linerds.us>
2025-03-28 16:16:16 +02:00
parent 28f935cfd0
commit 08408c5602
7 changed files with 125 additions and 119 deletions
--- a/hosts/eldrid/boot.nix
+++ b/hosts/eldrid/boot.nix
@ -0,0 +1,35 @@
+{
+  pkgs,
+  config,
+  inputs,
+  ...
+}: {
+  imports = with inputs; [
+    lanzaboote.nixosModules.lanzaboote
+  ];
+  boot = {
+    # kernelPackages = pkgs.linuxPackages_latest;
+    kernelPackages = pkgs.linuxPackages_cachyos;
+    plymouth.enable = true;
+    loader.efi.canTouchEfiVariables = true;
+    loader.systemd-boot = {
+      enable = !config.boot.lanzaboote.enable;
+      consoleMode = "auto";
+    };
+    initrd = {
+      availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" "xe" "i915"];
+      kernelModules = [];
+    };
+    kernelModules = ["kvm-intel"];
+    extraModulePackages = [];
+    lanzaboote = {
+      enable = true;
+      pkiBundle = "/var/lib/sbctl";
+    };
+  };
+  console = {
+    earlySetup = true;
+    packages = [pkgs.terminus_font];
+    font = "${pkgs.terminus_font}/share/consolefonts/ter-c18n.psf.gz";
+  };
+}
--- a/hosts/eldrid/configuration.nix
+++ b/hosts/eldrid/configuration.nix
@ -1,111 +1,45 @@
-# device-specific setup
-{
-  pkgs,
-  config,
-  inputs,
-  ...
-}: {
+{inputs, ...}: {
  imports = with inputs; [
-    chaotic.nixosModules.default
-    lanzaboote.nixosModules.lanzaboote
-    lix.nixosModules.default
    self.nixosModules.desktop
    self.nixosModules.system
-    ./hardware.nix
-    ./programs.nix
-    ./stylix.nix
+    ./boot.nix
    ./disko.nix
-    ./users.nix
+    ./hardware.nix
+    ./networking.nix
+    ./nix.nix
+    ./programs.nix
+    ./services.nix
    ./sops.nix
+    ./stylix.nix
+    ./users.nix
  ];

-  desktop = {
-    niri.enable = true;
-  };
+  desktop.niri.enable = true;

-  nix = {
-    channel.enable = false;
-    daemonCPUSchedPolicy = "idle";
-    settings = {
-      experimental-features = ["nix-command" "flakes"];
-      builders-use-substitutes = true;
-    };
-    distributedBuilds = true;
-    buildMachines = [
-      {
-        hostName = "dunamis";
-        sshUser = "nix-ssh";
-        system = "x86_64-linux";
-        sshKey = config.sops.secrets."ssh-eldrid-user".path;
-        supportedFeatures = ["nixos-test" "big-parallel" "kvm" "benchmark"];
-        publicHostKey = builtins.readFile "${inputs.mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
-      }
-    ];
-  };
-
-  system.stateVersion = "25.05";
-
-  time.timeZone = "Europe/Kyiv";
  locale.ukrainian.enable = true;

-  networking = {
-    networkmanager.enable = true;
-    hostName = "eldrid";
-    hosts = {
-      "192.168.1.42" = ["dunamis"];
-    };
-  };
+  opentabletdriver.enable = false;

-  boot = {
-    # kernelPackages = pkgs.linuxPackages_latest;
-    kernelPackages = pkgs.linuxPackages_cachyos;
-    plymouth.enable = true;
-    loader.efi.canTouchEfiVariables = true;
-    loader.systemd-boot = {
-      enable = !config.boot.lanzaboote.enable;
-      consoleMode = "auto";
-    };
-    lanzaboote = {
-      enable = true;
-      pkiBundle = "/var/lib/sbctl";
-    };
-  };
-
-  console = {
-    earlySetup = true;
-    packages = [pkgs.terminus_font];
-    font = "${pkgs.terminus_font}/share/consolefonts/ter-c18n.psf.gz";
-  };
-
-  services = {
-    power-profiles-daemon.enable = true;
-    flatpak.enable = true;
-    fstrim.enable = true;
-    openssh.enable = true;
-    syncthing.openDefaultPorts = true;
-    dnscrypt-proxy2 = {
-      enable = true;
-      settings = {
-        require_dnssec = true;
-        server_names = ["mullvad-doh"];
-        bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
-      };
-    };
-  };
-  services.scx = {
-    enable = true;
-    scheduler = "scx_flash";
-  };
+  qmk-vial.enable = true;

  security.basic.enable = true;

-  virtual = {
-    libvirt.enable = true;
-    podman.enable = false;
+  system.stateVersion = "25.05";
+
+  swapDevices = [
+    {
+      device = "/swap/swapfile";
+      size = 8 * 1024; # eight gigs
+    }
+  ];
+
+  time.timeZone = "Europe/Kyiv";
+
+  virtual.libvirt.enable = true;
+
+  wireless = {
+    wifi.enable = true;
+    bluetooth.enable = true;
+    bluetooth.enableBlueman = true;
  };
-
-  wireless.bluetooth.enableBlueman = true;
-
-  opentabletdriver.enable = false;
-  qmk-vial.enable = true;
 }
--- a/hosts/eldrid/hardware.nix
+++ b/hosts/eldrid/hardware.nix
@ -21,27 +21,6 @@
    '';
  };
 in {
-  boot = {
-    initrd = {
-      availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" "xe" "i915"];
-      kernelModules = [];
-    };
-    kernelModules = ["kvm-intel"];
-    extraModulePackages = [];
-  };
-
-  swapDevices = [
-    {
-      device = "/swap/swapfile";
-      size = 8 * 1024; # eight gigs
-    }
-  ];
-
-  wireless = {
-    wifi.enable = true;
-    bluetooth.enable = true;
-  };
-
  hardware.graphics = {
    enable = true;
    extraPackages = with pkgs; [
@ -53,12 +32,12 @@ in {

  # intel ax201 wifi card firmware
  hardware.enableRedistributableFirmware = true;
-
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

  # physically broken touchscreen
  services.udev.extraRules = "ACTION==\"add|change\", KERNELS==\"input[0-9]*\", SUBSYSTEMS==\"input\", ATTRS{id/vendor}==\"27c6\", ATTRS{id/product}==\"0e84\", ENV{LIBINPUT_IGNORE_DEVICE}=\"1\"";
+
  services.keyd = {
    enable = true;
    keyboards.internal = {
--- a/hosts/eldrid/networking.nix
+++ b/hosts/eldrid/networking.nix
@ -0,0 +1,9 @@
+{
+  networking = {
+    networkmanager.enable = true;
+    hostName = "eldrid";
+    hosts = {
+      "192.168.1.42" = ["dunamis"];
+    };
+  };
+}
--- a/hosts/eldrid/nix.nix
+++ b/hosts/eldrid/nix.nix
@ -0,0 +1,28 @@
+{
+  config,
+  inputs,
+  ...
+}: {
+  imports = with inputs; [
+    lix.nixosModules.default
+  ];
+  nix = {
+    channel.enable = false;
+    daemonCPUSchedPolicy = "idle";
+    settings = {
+      experimental-features = ["nix-command" "flakes"];
+      builders-use-substitutes = true;
+    };
+    distributedBuilds = true;
+    buildMachines = [
+      {
+        hostName = "dunamis";
+        sshUser = "nix-ssh";
+        system = "x86_64-linux";
+        sshKey = config.sops.secrets."ssh-eldrid-user".path;
+        supportedFeatures = ["nixos-test" "big-parallel" "kvm" "benchmark"];
+        publicHostKey = builtins.readFile "${inputs.mysecrets}/ssh/ssh_host_ed25519_dunamis.base64";
+      }
+    ];
+  };
+}
--- a/hosts/eldrid/services.nix
+++ b/hosts/eldrid/services.nix
@ -0,0 +1,21 @@
+{
+  services = {
+    flatpak.enable = true;
+    fstrim.enable = true;
+    openssh.enable = true;
+    power-profiles-daemon.enable = true;
+    syncthing.openDefaultPorts = true;
+    dnscrypt-proxy2 = {
+      enable = true;
+      settings = {
+        require_dnssec = true;
+        server_names = ["mullvad-doh"];
+        bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
+      };
+    };
+    scx = {
+      enable = true;
+      scheduler = "scx_flash";
+    };
+  };
+}
--- a/hosts/eldrid/sops.nix
+++ b/hosts/eldrid/sops.nix
@ -1,8 +1,8 @@
 {inputs, ...}: let
  secretsPath = builtins.toString inputs.mysecrets;
 in {
-  imports = [
-    inputs.sops-nix.nixosModules.sops
+  imports = with inputs; [
+    sops-nix.nixosModules.sops
  ];

  sops = {