refactor(nixos): move hardware config options to machine nixos module

2025-06-16 19:59:45 +08:00 · 2025-06-16 19:59:45 +08:00 · 8165d96d7c
commit 8165d96d7c
parent 91c2790b62
15 changed files with 70 additions and 84 deletions
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -6,7 +6,7 @@
  ...
 }:
 let
-  inherit (lib) mkOption;
+  inherit (lib) mkOption singleton;
  inherit (lib.types)
    listOf
    str
@ -14,6 +14,7 @@ let
    submodule
    ;
  inherit (lib.pantheon) mkStrOption;
+  inherit (lib.snowfall.fs) get-file;
  rootDir = submodule {
    options = {
      directory = mkOption { type = str; };
@ -73,24 +74,26 @@ in
    };
    time.timeZone = "Asia/Singapore";
    i18n.defaultLocale = "en_US.UTF-8";
-    users.mutableUsers = false;
-    users.groups.users = {
-      gid = 100;
-      members = [ "${config.mainUser.name}" ];
+    users = {
+      mutableUsers = false;
+      groups.users = {
+        gid = 100;
+        members = [ "${config.mainUser.name}" ];
+      };
+      users."${config.mainUser.name}" = {
+        linger = true;
+        uid = 1000;
+        isNormalUser = true;
+        hashedPasswordFile = config.sops.secrets."${config.mainUser.name}/hashedPassword".path;
+        extraGroups = [ "wheel" ];
+        openssh.authorizedKeys.keys = [ config.mainUser.publicKey ];
+      };
+      users.root.openssh.authorizedKeys.keys = singleton config.mainUser.publicKey;
    };
-    users.users."${config.mainUser.name}" = {
-      linger = true;
-      uid = 1000;
-      isNormalUser = true;
-      hashedPasswordFile = config.sops.secrets."${config.mainUser.name}/hashedPassword".path;
-      extraGroups = [ "wheel" ];
-      openssh.authorizedKeys.keys = [ config.mainUser.publicKey ];
-    };
-    users.users.root.openssh.authorizedKeys.keys = lib.singleton config.mainUser.publicKey;
    services.getty.autologinUser = config.mainUser.name;
    security.sudo.wheelNeedsPassword = false;
    sops = {
-      defaultSopsFile = lib.snowfall.fs.get-file "secrets/secrets.yaml";
+      defaultSopsFile = get-file "secrets/secrets.yaml";
      age.sshKeyPaths = [ "/persist/home/rafiq/.ssh/id_ed25519" ];
      secrets = {
        "keys/openrouter" = { };
--- a/modules/nixos/hardware/platform/default.nix
+++ b/modules/nixos/hardware/platform/default.nix
@ -1,3 +0,0 @@
-{
-  imports = [ ./x86_64.nix ];
-}
--- a/modules/nixos/hardware/platform/x86_64.nix
+++ b/modules/nixos/hardware/platform/x86_64.nix
@ -1,18 +0,0 @@
-{ config, lib, ... }:
-let
-  inherit (lib) singleton mkOption;
-  inherit (lib.types) enum;
-  cfg = config.hardware.platform;
-in
-{
-  options.hardware.platform = mkOption {
-    type = enum [
-      "amd"
-      "intel"
-    ];
-  };
-  config = {
-    hardware.cpu.${cfg}.updateMicrocode = true;
-    boot.kernelModules = singleton "kvm-${cfg}";
-  };
-}
--- a/modules/nixos/machine/bootloader/default.nix
+++ b/modules/nixos/machine/bootloader/default.nix
@ -1,13 +1,16 @@
 {
  config,
  lib,
-  modulesPath,
  ...
 }:
+let
+  inherit (lib.pantheon) mkStrOption;
+  cfg = config.machine.bootloader;
+in
 {
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
+  options.machine.bootloader = {
+    type = mkStrOption;
+  };
  config = lib.mkMerge [
    {
      boot.initrd.availableKernelModules = [
@ -20,7 +23,7 @@
      ];
      boot.loader.efi.canTouchEfiVariables = true;
    }
-    (lib.mkIf (config.system.bootloader == "systemd-boot") {
+    (lib.mkIf (config.machine.bootloader.type == "systemd-boot") {
      boot.loader.systemd-boot.enable = true;
    })
  ];
--- a/modules/nixos/hardware/default.nix
+++ b/modules/nixos/hardware/default.nix
@ -1,8 +1,12 @@
-{ lib, ... }:
+{ lib, modulesPath, ... }:
 let
  inherit (lib) singleton;
 in
 {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
  config = {
    services.fwupd.enable = true;
    persistDirs = singleton "/var/lib/bluetooth";
--- a/modules/nixos/hardware/drives/btrfs/default.nix
+++ b/modules/nixos/hardware/drives/btrfs/default.nix
@ -2,7 +2,7 @@
 let
  inherit (lib) mkIf mkEnableOption;
  inherit (lib.pantheon) mkStrOption;
-  cfg = config.hardware.drives.btrfs;
+  cfg = config.machine.drives.btrfs;
  ephemeralRootCfg = {
    boot.initrd.postDeviceCommands = lib.mkAfter ''
      	    mkdir /btrfs_tmp
@ -44,7 +44,7 @@ let
  };
 in
 {
-  options.hardware.drives.btrfs = {
+  options.machine.drives.btrfs = {
    enable = mkEnableOption "";
    drive = mkStrOption;
    ephemeralRoot = mkEnableOption "";
--- a/modules/nixos/hardware/gpu/default.nix
+++ b/modules/nixos/hardware/gpu/default.nix
@ -11,10 +11,10 @@ let
    mkEnableOption
    singleton
    ;
-  cfg = config.hardware.gpu;
+  cfg = config.machine.gpu;
 in
 {
-  options.hardware.gpu = {
+  options.machine.gpu = {
    nvidia.enable = mkEnableOption "";
  };
  config = mkMerge [
--- a/modules/nixos/machine/platform/default.nix
+++ b/modules/nixos/machine/platform/default.nix
@ -0,0 +1,21 @@
+{ config, lib, ... }:
+let
+  inherit (lib) singleton mkOption;
+  inherit (lib.types) enum;
+  cfg = config.machine.platform;
+in
+{
+  options.machine.platform = {
+    type = mkOption {
+      type = enum [
+        "amd"
+        "intel"
+      ];
+    };
+  };
+
+  config = {
+    hardware.cpu.${cfg.type}.updateMicrocode = true;
+    boot.kernelModules = singleton "kvm-${cfg.type}";
+  };
+}
--- a/modules/nixos/hardware/usb/default.nix
+++ b/modules/nixos/hardware/usb/default.nix
@ -11,10 +11,10 @@ let
    mkMerge
    singleton
    ;
-  cfg = config.hardware.usb;
+  cfg = config.machine.usb;
 in
 {
-  options.hardware.usb = {
+  options.machine.usb = {
    automount = mkEnableOption "";
    enableQmk = mkEnableOption "";
  };
--- a/modules/nixos/server/web-apps/sd-webui-forge/default.nix
+++ b/modules/nixos/server/web-apps/sd-webui-forge/default.nix
@ -15,7 +15,7 @@ mkWebApp {
  };
  extraConfig = {
    assertions = singleton {
-      assertion = config.hardware.gpu.nvidia.enable;
+      assertion = config.machine.gpu.nvidia.enable;
      message = "You must run the sd-webui-forge service only with an nvidia gpu.";
    };
    services.sd-webui-forge = {
--- a/modules/nixos/system/default.nix
+++ b/modules/nixos/system/default.nix
@ -1,15 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-{
-  imports = [
-    ./boot.nix
-  ];
-
-  options.system = {
-    bootloader = lib.pantheon.mkStrOption;
-  };
-}
--- a/systems/x86_64-linux/apollo/default.nix
+++ b/systems/x86_64-linux/apollo/default.nix
@ -6,12 +6,9 @@
  imports = lib.singleton ../common.nix;
  hostname = "apollo";

-  system = {
-    bootloader = "systemd-boot";
-  };
-
-  hardware = {
-    platform = "intel";
+  machine = {
+    platform.type = "intel";
+    bootloader.type = "systemd-boot";
    drives.btrfs = {
      enable = true;
      drive = "/dev/disk/by-id/nvme-eui.002538d221b47b01";
--- a/systems/x86_64-linux/desktop.nix
+++ b/systems/x86_64-linux/desktop.nix
@ -11,7 +11,7 @@
    window-manager.hyprland.enable = true;
  };

-  hardware.usb = {
+  machine.usb = {
    automount = true;
    enableQmk = true;
  };
--- a/systems/x86_64-linux/mellinoe/default.nix
+++ b/systems/x86_64-linux/mellinoe/default.nix
@ -5,17 +5,14 @@
  ];
  hostname = "mellinoe";

-  system = {
-    bootloader = "systemd-boot";
-  };
-
-  hardware = {
+  machine = {
+    platform.type = "intel";
+    bootloader.type = "systemd-boot";
    drives.btrfs = {
      enable = true;
      drive = "/dev/disk/by-id/nvme-KBG40ZPZ128G_TOSHIBA_MEMORY_Z0U103PCNCDL";
      ephemeralRoot = true;
    };
-    platform = "intel";
  };

  desktop.mainMonitor = {
--- a/systems/x86_64-linux/nemesis/default.nix
+++ b/systems/x86_64-linux/nemesis/default.nix
@ -5,18 +5,15 @@
  ];
  hostname = "nemesis";

-  system = {
-    bootloader = "systemd-boot";
-  };
-
-  hardware = {
+  machine = {
+    platform.type = "amd";
+    gpu.nvidia.enable = true;
+    bootloader.type = "systemd-boot";
    drives.btrfs = {
      enable = true;
      drive = "/dev/disk/by-id/nvme-CT2000P3SSD8_2325E6E77434";
      ephemeralRoot = true;
    };
-    platform = "amd";
-    gpu.nvidia.enable = true;
  };

  desktop = {