services: refactor

modules/shared/nixos/services.nix

@@ -1,40 +1,38 @@
-{
+{lib, ...}: {
-  services = {
+  services =
-    # hardware.openrgb.enable = true;
+    lib.attrsets.recursiveUpdate {
-    avahi.enable = true;
+      # hardware.openrgb.enable = true;
-    dnscrypt-proxy2 = {
+      avahi.enable = true;
-      enable = true;
+      dnscrypt-proxy.enable = true;
-      settings = {
+      flatpak.enable = true;
+      fstrim.enable = true;
+      fwupd.enable = true;
+      kmscon.enable = true;
+      opensnitch.enable = false;
+      openssh.enable = true;
+      scx.enable = true;
+      userborn.enable = true;
+    } {
+      dnscrypt-proxy.settings = {
         bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
         require_dnssec = true;
         server_names = ["mullvad-doh"];
       };
-    };
+      fstrim.interval = "daily";
-    flatpak.enable = true;
+      kmscon = {
-    fstrim = {
+        hwRender = true;
-      enable = true;
+        extraOptions = "--drm";
-      interval = "daily";
+      };
-    };
+      logind.settings.Login = {
-    fwupd.enable = true;
+        HandleLidSwitch = "ignore";
-    logind = {
+        HandlePowerKey = "suspend";
-      lidSwitch = "ignore";
+      };
-      powerKey = "suspend";
+      opensnitch.settings = {
-    };
-    opensnitch = {
-      enable = false;
-      settings = {
         DefaultAaction = "deny";
         Firewall = "iptables";
         InterceptUnknown = true;
         ProcMonitorMethod = "ebpf";
       };
+      scx.scheduler = "scx_flash";
     };
-    openssh.enable = true;
-    scx = {
-      enable = true;
-      scheduler = "scx_flash";
-    };
-    syncthing.openDefaultPorts = true;
-    userborn.enable = true;
-  };
 }