diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index d7c523f..ef35391 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -6,7 +6,7 @@ ... }: let - inherit (lib) mkOption; + inherit (lib) mkOption singleton; inherit (lib.types) listOf str @@ -14,6 +14,7 @@ let submodule ; inherit (lib.pantheon) mkStrOption; + inherit (lib.snowfall.fs) get-file; rootDir = submodule { options = { directory = mkOption { type = str; }; @@ -73,24 +74,26 @@ in }; time.timeZone = "Asia/Singapore"; i18n.defaultLocale = "en_US.UTF-8"; - users.mutableUsers = false; - users.groups.users = { - gid = 100; - members = [ "${config.mainUser.name}" ]; + users = { + mutableUsers = false; + groups.users = { + gid = 100; + members = [ "${config.mainUser.name}" ]; + }; + users."${config.mainUser.name}" = { + linger = true; + uid = 1000; + isNormalUser = true; + hashedPasswordFile = config.sops.secrets."${config.mainUser.name}/hashedPassword".path; + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = [ config.mainUser.publicKey ]; + }; + users.root.openssh.authorizedKeys.keys = singleton config.mainUser.publicKey; }; - users.users."${config.mainUser.name}" = { - linger = true; - uid = 1000; - isNormalUser = true; - hashedPasswordFile = config.sops.secrets."${config.mainUser.name}/hashedPassword".path; - extraGroups = [ "wheel" ]; - openssh.authorizedKeys.keys = [ config.mainUser.publicKey ]; - }; - users.users.root.openssh.authorizedKeys.keys = lib.singleton config.mainUser.publicKey; services.getty.autologinUser = config.mainUser.name; security.sudo.wheelNeedsPassword = false; sops = { - defaultSopsFile = lib.snowfall.fs.get-file "secrets/secrets.yaml"; + defaultSopsFile = get-file "secrets/secrets.yaml"; age.sshKeyPaths = [ "/persist/home/rafiq/.ssh/id_ed25519" ]; secrets = { "keys/openrouter" = { }; diff --git a/modules/nixos/hardware/platform/default.nix b/modules/nixos/hardware/platform/default.nix deleted file mode 100644 index 95a0727..0000000 --- a/modules/nixos/hardware/platform/default.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - imports = [ ./x86_64.nix ]; -} diff --git a/modules/nixos/hardware/platform/x86_64.nix b/modules/nixos/hardware/platform/x86_64.nix deleted file mode 100644 index befb6af..0000000 --- a/modules/nixos/hardware/platform/x86_64.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, lib, ... }: -let - inherit (lib) singleton mkOption; - inherit (lib.types) enum; - cfg = config.hardware.platform; -in -{ - options.hardware.platform = mkOption { - type = enum [ - "amd" - "intel" - ]; - }; - config = { - hardware.cpu.${cfg}.updateMicrocode = true; - boot.kernelModules = singleton "kvm-${cfg}"; - }; -} diff --git a/modules/nixos/system/boot.nix b/modules/nixos/machine/bootloader/default.nix similarity index 61% rename from modules/nixos/system/boot.nix rename to modules/nixos/machine/bootloader/default.nix index 9435cb8..9fc63fb 100644 --- a/modules/nixos/system/boot.nix +++ b/modules/nixos/machine/bootloader/default.nix @@ -1,13 +1,16 @@ { config, lib, - modulesPath, ... }: +let + inherit (lib.pantheon) mkStrOption; + cfg = config.machine.bootloader; +in { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + options.machine.bootloader = { + type = mkStrOption; + }; config = lib.mkMerge [ { boot.initrd.availableKernelModules = [ @@ -20,7 +23,7 @@ ]; boot.loader.efi.canTouchEfiVariables = true; } - (lib.mkIf (config.system.bootloader == "systemd-boot") { + (lib.mkIf (config.machine.bootloader.type == "systemd-boot") { boot.loader.systemd-boot.enable = true; }) ]; diff --git a/modules/nixos/hardware/default.nix b/modules/nixos/machine/default.nix similarity index 72% rename from modules/nixos/hardware/default.nix rename to modules/nixos/machine/default.nix index 27f8b24..b1aeb5a 100644 --- a/modules/nixos/hardware/default.nix +++ b/modules/nixos/machine/default.nix @@ -1,8 +1,12 @@ -{ lib, ... }: +{ lib, modulesPath, ... }: let inherit (lib) singleton; in { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + config = { services.fwupd.enable = true; persistDirs = singleton "/var/lib/bluetooth"; diff --git a/modules/nixos/hardware/drives/btrfs/default.nix b/modules/nixos/machine/drives/btrfs/default.nix similarity index 97% rename from modules/nixos/hardware/drives/btrfs/default.nix rename to modules/nixos/machine/drives/btrfs/default.nix index d8a528c..4164b78 100644 --- a/modules/nixos/hardware/drives/btrfs/default.nix +++ b/modules/nixos/machine/drives/btrfs/default.nix @@ -2,7 +2,7 @@ let inherit (lib) mkIf mkEnableOption; inherit (lib.pantheon) mkStrOption; - cfg = config.hardware.drives.btrfs; + cfg = config.machine.drives.btrfs; ephemeralRootCfg = { boot.initrd.postDeviceCommands = lib.mkAfter '' mkdir /btrfs_tmp @@ -44,7 +44,7 @@ let }; in { - options.hardware.drives.btrfs = { + options.machine.drives.btrfs = { enable = mkEnableOption ""; drive = mkStrOption; ephemeralRoot = mkEnableOption ""; diff --git a/modules/nixos/hardware/gpu/default.nix b/modules/nixos/machine/gpu/default.nix similarity index 94% rename from modules/nixos/hardware/gpu/default.nix rename to modules/nixos/machine/gpu/default.nix index 300271a..1e54a51 100644 --- a/modules/nixos/hardware/gpu/default.nix +++ b/modules/nixos/machine/gpu/default.nix @@ -11,10 +11,10 @@ let mkEnableOption singleton ; - cfg = config.hardware.gpu; + cfg = config.machine.gpu; in { - options.hardware.gpu = { + options.machine.gpu = { nvidia.enable = mkEnableOption ""; }; config = mkMerge [ diff --git a/modules/nixos/machine/platform/default.nix b/modules/nixos/machine/platform/default.nix new file mode 100644 index 0000000..a698c2b --- /dev/null +++ b/modules/nixos/machine/platform/default.nix @@ -0,0 +1,21 @@ +{ config, lib, ... }: +let + inherit (lib) singleton mkOption; + inherit (lib.types) enum; + cfg = config.machine.platform; +in +{ + options.machine.platform = { + type = mkOption { + type = enum [ + "amd" + "intel" + ]; + }; + }; + + config = { + hardware.cpu.${cfg.type}.updateMicrocode = true; + boot.kernelModules = singleton "kvm-${cfg.type}"; + }; +} diff --git a/modules/nixos/hardware/usb/default.nix b/modules/nixos/machine/usb/default.nix similarity index 92% rename from modules/nixos/hardware/usb/default.nix rename to modules/nixos/machine/usb/default.nix index e64cf1a..61b0431 100644 --- a/modules/nixos/hardware/usb/default.nix +++ b/modules/nixos/machine/usb/default.nix @@ -11,10 +11,10 @@ let mkMerge singleton ; - cfg = config.hardware.usb; + cfg = config.machine.usb; in { - options.hardware.usb = { + options.machine.usb = { automount = mkEnableOption ""; enableQmk = mkEnableOption ""; }; diff --git a/modules/nixos/server/web-apps/sd-webui-forge/default.nix b/modules/nixos/server/web-apps/sd-webui-forge/default.nix index 4ad3e82..602bdd4 100644 --- a/modules/nixos/server/web-apps/sd-webui-forge/default.nix +++ b/modules/nixos/server/web-apps/sd-webui-forge/default.nix @@ -15,7 +15,7 @@ mkWebApp { }; extraConfig = { assertions = singleton { - assertion = config.hardware.gpu.nvidia.enable; + assertion = config.machine.gpu.nvidia.enable; message = "You must run the sd-webui-forge service only with an nvidia gpu."; }; services.sd-webui-forge = { diff --git a/modules/nixos/system/default.nix b/modules/nixos/system/default.nix deleted file mode 100644 index 6898a7b..0000000 --- a/modules/nixos/system/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -{ - imports = [ - ./boot.nix - ]; - - options.system = { - bootloader = lib.pantheon.mkStrOption; - }; -} diff --git a/systems/x86_64-linux/apollo/default.nix b/systems/x86_64-linux/apollo/default.nix index e9755cf..0bf7a22 100644 --- a/systems/x86_64-linux/apollo/default.nix +++ b/systems/x86_64-linux/apollo/default.nix @@ -6,12 +6,9 @@ imports = lib.singleton ../common.nix; hostname = "apollo"; - system = { - bootloader = "systemd-boot"; - }; - - hardware = { - platform = "intel"; + machine = { + platform.type = "intel"; + bootloader.type = "systemd-boot"; drives.btrfs = { enable = true; drive = "/dev/disk/by-id/nvme-eui.002538d221b47b01"; diff --git a/systems/x86_64-linux/desktop.nix b/systems/x86_64-linux/desktop.nix index dcd767c..473cad0 100644 --- a/systems/x86_64-linux/desktop.nix +++ b/systems/x86_64-linux/desktop.nix @@ -11,7 +11,7 @@ window-manager.hyprland.enable = true; }; - hardware.usb = { + machine.usb = { automount = true; enableQmk = true; }; diff --git a/systems/x86_64-linux/mellinoe/default.nix b/systems/x86_64-linux/mellinoe/default.nix index e5835db..6bcc25f 100644 --- a/systems/x86_64-linux/mellinoe/default.nix +++ b/systems/x86_64-linux/mellinoe/default.nix @@ -5,17 +5,14 @@ ]; hostname = "mellinoe"; - system = { - bootloader = "systemd-boot"; - }; - - hardware = { + machine = { + platform.type = "intel"; + bootloader.type = "systemd-boot"; drives.btrfs = { enable = true; drive = "/dev/disk/by-id/nvme-KBG40ZPZ128G_TOSHIBA_MEMORY_Z0U103PCNCDL"; ephemeralRoot = true; }; - platform = "intel"; }; desktop.mainMonitor = { diff --git a/systems/x86_64-linux/nemesis/default.nix b/systems/x86_64-linux/nemesis/default.nix index 3899119..b35755f 100644 --- a/systems/x86_64-linux/nemesis/default.nix +++ b/systems/x86_64-linux/nemesis/default.nix @@ -5,18 +5,15 @@ ]; hostname = "nemesis"; - system = { - bootloader = "systemd-boot"; - }; - - hardware = { + machine = { + platform.type = "amd"; + gpu.nvidia.enable = true; + bootloader.type = "systemd-boot"; drives.btrfs = { enable = true; drive = "/dev/disk/by-id/nvme-CT2000P3SSD8_2325E6E77434"; ephemeralRoot = true; }; - platform = "amd"; - gpu.nvidia.enable = true; }; desktop = {