Clean up aspi and kardorf configs

hosts/common/global/default.nix

@@ -11,15 +11,25 @@
       ./fish.nix # fish for admin
       ./locale.nix
       ./nix.nix
-      ./podman.nix
       ./sops.nix
-      ./xserver.nix
+      ./root.nix
     ]
     ++ [
       inputs.home-manager.nixosModules.home-manager
     ]
     ++ (builtins.attrValues outputs.nixosModules);
 
+  # Replaces the (modulesPath + "/installer/scan/not-detected.nix") from default hardware-configuration.nix
+  # Enables non-free firmware
+  hardware.enableRedistributableFirmware = true;
+
+  # Networking
+  networking.networkmanager.enable = true;
+  services.resolved.enable = true;
+
+  programs.dconf.enable = true;
+
+  # HM
   home-manager.useGlobalPkgs = true;
   home-manager.extraSpecialArgs = {
     inherit inputs outputs;

hosts/common/global/locale.nix

@@ -21,4 +21,6 @@
   };
 
   console.keyMap = "de";
+
+  time.timeZone = "Europe/Berlin";
 }

hosts/common/global/root.nix

@@ -0,0 +1,11 @@
+{ pkgs, ... }:
+
+{
+  # Packages needed as root
+  environment.systemPackages = with pkgs; [
+    vim
+    htop
+    mc
+    gparted-xhost # needs to be installed as system package so it can be actually opened
+  ];
+}

hosts/common/optional/authentication.nix

@@ -1,14 +1,11 @@
+{ pkgs, ... }:
 {
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-
-{
+  # Make programs like nextcloud client access saved passwords
+  programs.seahorse.enable = true;
+  services.gnome.gnome-keyring.enable = true;
 
+  # Make authentication work for e.g. gparted
   security.polkit.enable = true;
-
   systemd = {
     user.services.polkit-gnome-authentication-agent-1 = {
       description = "polkit-gnome-authentication-agent-1";

hosts/common/optional/avahi.nix

@@ -0,0 +1,9 @@
+{
+  # MDNS on local network
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    publish.enable = true;
+    publish.addresses = true;
+  };
+}

hosts/common/optional/docker.nix

@@ -0,0 +1,5 @@
+{
+  virtualisation.docker = {
+    enable = true;
+  };
+}

hosts/common/optional/flatpak.nix

@@ -2,10 +2,9 @@
   pkgs,
   ...
 }:
-
 {
+  services.flatpak.enable = true;
   xdg.portal.enable = true;
   xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
   xdg.portal.config.common.default = "*"; # Use first portal implementation found
-  # hyprland desktop portal added automatically
 }

hosts/common/optional/kerberos.nix

@@ -0,0 +1,24 @@
+{
+
+  security.krb5.enable = true;
+  security.krb5.settings = {
+    # domain_realm = {
+    #   ".julian-mutter.de" = "julian-mutter.de";
+    #   "julian-mutter.de" = "julian-mutter.de";
+    # };
+    libdefaults = {
+      default_realm = "julian-mutter.de";
+      #   dns_lookup_realm = true;
+      #   dns_lookup_kdc = true;
+      #   ticket_lifetime = "24h";
+      #   renew_lifetime = "7d";
+    };
+    realms = {
+      "julian-mutter.de" = {
+        kdc = [ "kerberos.julian-mutter.de" ];
+        admin_server = "kerberos-admin.julian-mutter.de";
+        default_domain = "julian-mutter.de";
+      };
+    };
+  };
+}

hosts/common/optional/keyring.nix

@@ -1,12 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-
-{
-
-  programs.seahorse.enable = true;
-  services.gnome.gnome-keyring.enable = true;
-}

hosts/common/optional/wireguard.nix

@@ -0,0 +1,11 @@
+{
+  networking.wg-quick.interfaces = {
+    julian = {
+      configFile = "/etc/wireguard/julian.conf";
+      autostart = true; # This interface is started on boot
+    };
+    comu = {
+      configFile = "/etc/wireguard/comu.conf";
+    };
+  };
+}