sync

common/system/desktop.nix

@@ -6,19 +6,22 @@
   ...
 }: {
   imports = [
-    "${inputs.impermanence}/nixos.nix"
-
     ./features/avahi.nix
     ./features/bluetooth.nix
     ./features/command-not-found.nix
+    ./features/flatpak.nix
     ./features/fonts.nix
     ./features/fwupd.nix
     ./features/geoclue.nix
+    ./features/mullvad.nix
     ./features/opengl.nix
     ./features/openssh.nix
+    ./features/opentabletdriver.nix
     ./features/pipewire.nix
     ./features/plasma.nix
+    ./features/printing.nix
     ./features/sops.nix
+    ./features/steam.nix
     ./features/sudo.nix
     ./features/users.nix
   ];

common/system/features/mullvad.nix

@@ -0,0 +1,3 @@
+{
+  services.mullvad-vpn.enable = true;
+}

common/system/server.nix

@@ -6,8 +6,6 @@
   ...
 }: {
   imports = [
-    (inputs.impermanence + "/nixos.nix")
-
     ./features/avahi.nix
     ./features/command-not-found.nix
     ./features/openssh.nix

common/user/desktop.nix

@@ -45,7 +45,7 @@
     sops
     systeroid
     tokei
-    vscodium
+    vscodium-fhs
   ];
 
   xdg = {

flake.lock

@@ -2,11 +2,11 @@
   "nodes": {
     "hardware": {
       "locked": {
-        "lastModified": 1694710316,
-        "narHash": "sha256-uRh46iIC86D8BD1wCDA5gRrt+hslUXiD0kx/UjnjBcs=",
+        "lastModified": 1695887975,
+        "narHash": "sha256-u3+5FR12dI305jCMb0fJNQx2qwoQ54lv1tPoEWp0hmg=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "570256327eb6ca6f7bebe8d93af49459092a0c43",
+        "rev": "adcfd6aa860d1d129055039696bc457af7d50d0e",
         "type": "github"
       },
       "original": {
@@ -22,11 +22,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1694643239,
-        "narHash": "sha256-pv2k/5FvyirDE8g4TNehzwZ0T4UOMMmqWSQnM/luRtE=",
+        "lastModified": 1695738267,
+        "narHash": "sha256-LTNAbTQ96xSj17xBfsFrFS9i56U2BMLpD0BduhrsVkU=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "d9b88b43524db1591fb3d9410a21428198d75d49",
+        "rev": "0f4e5b4999fd6a42ece5da8a3a2439a50e48e486",
         "type": "github"
       },
       "original": {
@@ -52,11 +52,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1694767346,
-        "narHash": "sha256-5uH27SiVFUwsTsqC5rs3kS7pBoNhtoy9QfTP9BmknGk=",
+        "lastModified": 1695830400,
+        "narHash": "sha256-gToZXQVr0G/1WriO83olnqrLSHF2Jb8BPcmCt497ro0=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "ace5093e36ab1e95cb9463863491bee90d5a4183",
+        "rev": "8a86b98f0ba1c405358f1b71ff8b5e1d317f5db2",
         "type": "github"
       },
       "original": {
@@ -68,11 +68,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1693675694,
-        "narHash": "sha256-2pIOyQwGyy2FtFAUIb8YeKVmOCcPOTVphbAvmshudLE=",
+        "lastModified": 1694908564,
+        "narHash": "sha256-ducA98AuWWJu5oUElIzN24Q22WlO8bOfixGzBgzYdVc=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "5601118d39ca9105f8e7b39d4c221d3388c0419d",
+        "rev": "596611941a74be176b98aeba9328aa9d01b8b322",
         "type": "github"
       },
       "original": {
@@ -84,11 +84,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1693626178,
-        "narHash": "sha256-Rpiy6lIOu4zny8tfGuIeN1ji9eSz9nPmm9yBhh/4IOM=",
+        "lastModified": 1694760568,
+        "narHash": "sha256-3G07BiXrp2YQKxdcdms22MUx6spc6A++MSePtatCYuI=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "bfb7dfec93f3b5d7274db109f2990bc889861caf",
+        "rev": "46688f8eb5cd6f1298d873d4d2b9cf245e09e88e",
         "type": "github"
       },
       "original": {
@@ -113,11 +113,11 @@
         "nixpkgs-stable": "nixpkgs-stable"
       },
       "locked": {
-        "lastModified": 1694495315,
-        "narHash": "sha256-sZEYXs9T1NVHZSSbMqBEtEm2PGa7dEDcx0ttQkArORc=",
+        "lastModified": 1695284550,
+        "narHash": "sha256-z9fz/wz9qo9XePEvdduf+sBNeoI9QG8NJKl5ssA8Xl4=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "ea208e55f8742fdcc0986b256bdfa8986f5e4415",
+        "rev": "2f375ed8702b0d8ee2430885059d5e7975e38f78",
         "type": "github"
       },
       "original": {

flake.nix

@@ -20,6 +20,7 @@
     self,
     nixpkgs,
     home-manager,
+    impermanence,
     sops-nix,
     ...
   } @ inputs: let
@@ -34,11 +35,14 @@
           pkgs = import nixpkgs {inherit system;};
         });
 
-    mkSystem = class: name: args @ {modules ? [], ...}:
+    mkSystem = name: {
+      class,
+      modules ? [],
+      ...
+    }:
       nixpkgs.lib.nixosSystem ({
           specialArgs = {inherit inputs;};
         }
-        // args
         // {
           modules =
             modules
@@ -51,7 +55,7 @@
                 nix = {
                   registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
 
-                  nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
+                  nixPath = lib.mapAttrsToList (key: _: "${key}=flake:${key}") config.nix.registry;
 
                   settings = {
                     experimental-features = "nix-command flakes";
@@ -63,51 +67,64 @@
 
                 networking.hostName = lib.mkDefault name;
               })
-              (./common/nixos + "/${class}.nix")
-              (./nixos + "/${name}")
-              home-manager.nixosModules.home-manager
-              {
+              (./system + "/${name}")
+              ({lib, ...}: {
                 home-manager = {
                   useGlobalPkgs = true;
                   extraSpecialArgs = {inherit inputs;};
-                  users.lukas.imports = [
-                    ({config, ...}: {
-                      home.homeDirectory =
-                        nixpkgs.lib.mkDefault "/home/${config.home.username}";
 
-                      systemd.user.startServices = "sd-switch";
+                  users = lib.mapAttrs (username: user:
+                    user
+                    // {
+                      imports =
+                        user.imports
+                        ++ [
+                          ({config, ...}: {
+                            home = {
+                              username = lib.mkDefault username;
+                              homeDirectory = lib.mkDefault "/home/${config.home.username}";
+                            };
+
+                            systemd.user.startServices = "sd-switch";
+                          })
+                          (./common/user + "/${class}.nix")
+                        ];
                     })
-                    (./common/home-manager + "/${class}.nix")
-                    (./home-manager + "/${name}/lukas.nix")
-                  ];
+                  (import (./user + "/${name}"));
                 };
-              }
+              })
+              (./common/system + "/${class}.nix")
+
+              home-manager.nixosModules.home-manager
+    (impermanence + "/nixos.nix")
               (sops-nix + "/modules/sops")
             ];
         });
 
-    setups = {
-      desktop = {
-        glacier = {};
-
-        flamingo = {};
-
-        scenery = {};
+    systems = {
+      glacier = {
+        class = "desktop";
       };
 
-      server = {
-        abacus = {};
+      flamingo = {
+        class = "desktop";
+      };
 
-        vessel = {};
+      scenery = {
+        class = "desktop";
+      };
+
+      abacus = {
+        class = "server";
+      };
+
+      vessel = {
+        class = "server";
       };
     };
   in {
     formatter = forEachSystem ({pkgs}: pkgs.alejandra);
 
-    nixosConfigurations =
-      nixpkgs.lib.attrsets.mergeAttrsList
-      (builtins.attrValues (nixpkgs.lib.mapAttrs
-        (class: configs: (nixpkgs.lib.mapAttrs (mkSystem class) configs))
-        setups));
+    nixosConfigurations = nixpkgs.lib.mapAttrs mkSystem systems;
   };
 }

system/abacus/hiraeth.nix

@@ -52,7 +52,7 @@ in {
       StateDirectoryMode = "0700";
       UMask = "0077";
       WorkingDirectory = "/var/lib/hiraeth";
-      ExecStart = "${hiraeth}/bin/hiraeth run";
+      ExecStart = "${pkgs.getExe' hiraeth "hiraeth"} run";
       Restart = "on-failure";
       TimeoutSec = 15;
       ReadOnlyPaths = "/etc/hiraeth/hiraeth.toml";

system/flamingo/default.nix

@@ -11,8 +11,6 @@
     (modulesPath + "/installer/scan/not-detected.nix")
 
     inputs.hardware.nixosModules.lenovo-thinkpad-t480
-
-    ../features/flatpak.nix
   ];
 
   nixpkgs.hostPlatform = "x86_64-linux";
@@ -22,8 +20,6 @@
     kernelModules = ["kvm-intel"];
   };
 
-  hardware.cpu.intel.updateMicrocode = config.hardware.enableRedistributableFirmware;
-
   system.stateVersion = "23.11";
 
   powerManagement.cpuFreqGovernor = "powersave";

system/glacier/default.nix

@@ -11,11 +11,6 @@
     inputs.hardware.nixosModules.common-cpu-amd
     inputs.hardware.nixosModules.common-gpu-amd
     inputs.hardware.nixosModules.common-pc-ssd
-
-    ../features/flatpak.nix
-    ../features/opentabletdriver.nix
-    ../features/printing.nix
-    ../features/steam.nix
   ];
 
   nixpkgs.hostPlatform = "x86_64-linux";
@@ -30,8 +25,6 @@
     binfmt.emulatedSystems = ["aarch64-linux"];
   };
 
-  hardware.cpu.amd.updateMicrocode = config.hardware.enableRedistributableFirmware;
-
   system.stateVersion = "23.11";
 
   powerManagement.cpuFreqGovernor = "performance";
@@ -40,6 +33,4 @@
     epson-escpr
     epson-escpr2
   ];
-
-  services.mullvad-vpn.enable = true;
 }

system/scenery/default.nix

@@ -18,8 +18,6 @@
     kernelModules = ["kvm-intel"];
   };
 
-  hardware.cpu.intel.updateMicrocode = config.hardware.enableRedistributableFirmware;
-
   system.stateVersion = "23.11";
 
   powerManagement.cpuFreqGovernor = "powersave";

system/vessel/backup.nix

@@ -1,4 +1,8 @@
-{pkgs, ...}: {
+{
+  pkgs,
+  lib,
+  ...
+}: {
   systemd.timers.local-backup = {
     description = "Local rsync Backup";
     wantedBy = ["timers.target"];
@@ -13,7 +17,7 @@
     description = "Local rsync Backup";
     serviceConfig = {
       Type = "oneshot";
-      ExecStart = ''${pkgs.rsync}/bin/rsync --verbose --verbose --archive --update --delete /srv/storage/ /srv/backup/'';
+      ExecStart = ''${lib.getExe pkgs.rsync} --verbose --verbose --archive --update --delete /srv/storage/ /srv/backup/'';
       User = "root";
       Group = "root";
     };

system/vessel/default.nix

@@ -24,8 +24,6 @@
     kernelModules = ["kvm-intel"];
   };
 
-  hardware.cpu.intel.updateMicrocode = config.hardware.enableRedistributableFirmware;
-
   system.stateVersion = "23.11";
 
   powerManagement.cpuFreqGovernor = "performance";

user/abacus/default.nix

@@ -0,0 +1,5 @@
+{
+  lukas.imports = [
+    ./lukas
+  ];
+}

user/abacus/lukas/default.nix

@@ -1,6 +1,5 @@
 {pkgs, ...}: {
   home = {
-    username = "lukas";
     packages = with pkgs; [
       gitea
     ];

user/flamingo/default.nix

@@ -0,0 +1,5 @@
+{
+  lukas.imports = [
+    ./lukas
+  ];
+}

user/flamingo/lukas/default.nix

@@ -1,6 +1,9 @@
 {
+  pkgs,
+  lib,
+  ...
+}: {
   home = {
-    username = "lukas";
     stateVersion = "23.11";
   };
 }

user/glacier/default.nix

@@ -0,0 +1,5 @@
+{
+  lukas.imports = [
+    ./lukas
+  ];
+}

user/glacier/lukas/default.nix

@@ -1,10 +1,13 @@
-{pkgs, ...}: {
+{
+  pkgs,
+  lib,
+  ...
+}: {
   home = {
-    username = "lukas";
+    stateVersion = "23.11";
     packages = with pkgs; [
       nvtop-amd
       mullvad-vpn
     ];
-    stateVersion = "23.11";
   };
 }

user/scenery/default.nix

@@ -0,0 +1,5 @@
+{
+  lukas.imports = [
+    ./lukas
+  ];
+}

user/vessel/default.nix

@@ -0,0 +1,5 @@
+{
+  lukas.imports = [
+    ./lukas
+  ];
+}

user/vessel/lukas/default.nix

@@ -1,6 +1,5 @@
-{
+{pkgs, ...}: {
   home = {
-    username = "lukas";
     stateVersion = "23.11";
   };
 }