diff --git a/.sops.yaml b/.sops.yaml index 4cc504c..15bcb2b 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -5,7 +5,7 @@ keys: - &kardorf-ssh age15lxw97z03q40xrdscnxqqugh5ky5aqrerg2t2rphkcqm6rnllurq8v98q5 creation_rules: - - path_regex: hosts/common/secrets.yaml$ + - path_regex: hosts/secrets-common.yaml$ key_groups: - age: - *primary diff --git a/hosts/common/global/auto-upgrade.nix b/features-nixos/global/auto-upgrade.nix similarity index 100% rename from hosts/common/global/auto-upgrade.nix rename to features-nixos/global/auto-upgrade.nix diff --git a/hosts/common/global/default.nix b/features-nixos/global/default.nix similarity index 100% rename from hosts/common/global/default.nix rename to features-nixos/global/default.nix diff --git a/hosts/common/global/fish.nix b/features-nixos/global/fish.nix similarity index 100% rename from hosts/common/global/fish.nix rename to features-nixos/global/fish.nix diff --git a/hosts/common/global/locale.nix b/features-nixos/global/locale.nix similarity index 100% rename from hosts/common/global/locale.nix rename to features-nixos/global/locale.nix diff --git a/hosts/common/global/nix.nix b/features-nixos/global/nix.nix similarity index 100% rename from hosts/common/global/nix.nix rename to features-nixos/global/nix.nix diff --git a/hosts/common/global/root.nix b/features-nixos/global/root.nix similarity index 100% rename from hosts/common/global/root.nix rename to features-nixos/global/root.nix diff --git a/hosts/common/global/sops.nix b/features-nixos/global/sops.nix similarity index 89% rename from hosts/common/global/sops.nix rename to features-nixos/global/sops.nix index 1ffa13a..c56b93c 100644 --- a/hosts/common/global/sops.nix +++ b/features-nixos/global/sops.nix @@ -1,4 +1,5 @@ { + self, inputs, config, ... @@ -18,5 +19,5 @@ in { generateKey = false; # TODO: building should not work without secrets!? }; - sops.defaultSopsFile = ../secrets.yaml; + sops.defaultSopsFile = "${self}/hosts/secrets-common.yaml"; } diff --git a/hosts/common/optional/authentication.nix b/features-nixos/optional/authentication.nix similarity index 100% rename from hosts/common/optional/authentication.nix rename to features-nixos/optional/authentication.nix diff --git a/hosts/common/optional/avahi.nix b/features-nixos/optional/avahi.nix similarity index 100% rename from hosts/common/optional/avahi.nix rename to features-nixos/optional/avahi.nix diff --git a/hosts/common/optional/binarycaches.nix b/features-nixos/optional/binarycaches.nix similarity index 100% rename from hosts/common/optional/binarycaches.nix rename to features-nixos/optional/binarycaches.nix diff --git a/hosts/common/optional/boot-efi.nix b/features-nixos/optional/boot-efi.nix similarity index 100% rename from hosts/common/optional/boot-efi.nix rename to features-nixos/optional/boot-efi.nix diff --git a/hosts/common/optional/docker.nix b/features-nixos/optional/docker.nix similarity index 100% rename from hosts/common/optional/docker.nix rename to features-nixos/optional/docker.nix diff --git a/hosts/common/optional/flatpak.nix b/features-nixos/optional/flatpak.nix similarity index 100% rename from hosts/common/optional/flatpak.nix rename to features-nixos/optional/flatpak.nix diff --git a/hosts/common/optional/gamemode.nix b/features-nixos/optional/gamemode.nix similarity index 100% rename from hosts/common/optional/gamemode.nix rename to features-nixos/optional/gamemode.nix diff --git a/hosts/common/optional/gdm.nix b/features-nixos/optional/gdm.nix similarity index 100% rename from hosts/common/optional/gdm.nix rename to features-nixos/optional/gdm.nix diff --git a/hosts/common/optional/greetd.nix b/features-nixos/optional/greetd.nix similarity index 100% rename from hosts/common/optional/greetd.nix rename to features-nixos/optional/greetd.nix diff --git a/hosts/common/optional/i3.nix b/features-nixos/optional/i3.nix similarity index 100% rename from hosts/common/optional/i3.nix rename to features-nixos/optional/i3.nix diff --git a/hosts/common/optional/kerberos.nix b/features-nixos/optional/kerberos.nix similarity index 100% rename from hosts/common/optional/kerberos.nix rename to features-nixos/optional/kerberos.nix diff --git a/hosts/common/optional/openssh.nix b/features-nixos/optional/openssh.nix similarity index 100% rename from hosts/common/optional/openssh.nix rename to features-nixos/optional/openssh.nix diff --git a/hosts/common/optional/pcmanfm.nix b/features-nixos/optional/pcmanfm.nix similarity index 100% rename from hosts/common/optional/pcmanfm.nix rename to features-nixos/optional/pcmanfm.nix diff --git a/hosts/common/optional/pipewire.nix b/features-nixos/optional/pipewire.nix similarity index 100% rename from hosts/common/optional/pipewire.nix rename to features-nixos/optional/pipewire.nix diff --git a/hosts/common/optional/podman.nix b/features-nixos/optional/podman.nix similarity index 100% rename from hosts/common/optional/podman.nix rename to features-nixos/optional/podman.nix diff --git a/hosts/common/optional/redshift.nix b/features-nixos/optional/redshift.nix similarity index 100% rename from hosts/common/optional/redshift.nix rename to features-nixos/optional/redshift.nix diff --git a/hosts/common/optional/remote-builder.nix b/features-nixos/optional/remote-builder.nix similarity index 100% rename from hosts/common/optional/remote-builder.nix rename to features-nixos/optional/remote-builder.nix diff --git a/hosts/common/optional/thunar.nix b/features-nixos/optional/thunar.nix similarity index 100% rename from hosts/common/optional/thunar.nix rename to features-nixos/optional/thunar.nix diff --git a/hosts/common/optional/virtualbox.nix b/features-nixos/optional/virtualbox.nix similarity index 100% rename from hosts/common/optional/virtualbox.nix rename to features-nixos/optional/virtualbox.nix diff --git a/hosts/common/optional/wireguard.nix b/features-nixos/optional/wireguard.nix similarity index 100% rename from hosts/common/optional/wireguard.nix rename to features-nixos/optional/wireguard.nix diff --git a/hosts/common/optional/wireshark.nix b/features-nixos/optional/wireshark.nix similarity index 100% rename from hosts/common/optional/wireshark.nix rename to features-nixos/optional/wireshark.nix diff --git a/hosts/common/optional/xserver.nix b/features-nixos/optional/xserver.nix similarity index 100% rename from hosts/common/optional/xserver.nix rename to features-nixos/optional/xserver.nix diff --git a/hosts/common/users/julian/default.nix b/features-nixos/users/julian/default.nix similarity index 87% rename from hosts/common/users/julian/default.nix rename to features-nixos/users/julian/default.nix index 83521a2..e81d33d 100644 --- a/hosts/common/users/julian/default.nix +++ b/features-nixos/users/julian/default.nix @@ -1,4 +1,5 @@ { + self, pkgs, config, lib, @@ -29,7 +30,7 @@ in { ]; openssh.authorizedKeys.keys = lib.splitString "\n" ( - builtins.readFile ../../../../homes/julian/ssh.pub + builtins.readFile ./ssh.pub ); # hashedPasswordFile = config.sops.secrets.julian-password.path; hashedPassword = "$y$j9T$N33kLJQbV8soUoCbDkpwA1$r/yahJDgOPo4GGOrAi6BUG5zLTzmaBrA5NQ4nno561A"; @@ -44,7 +45,7 @@ in { neededForUsers = true; }; - home-manager.users.julian = import ../../../../homes/julian/${config.networking.hostName}.nix; + home-manager.users.julian = import "${self}/homes/julian/${config.networking.hostName}.nix"; security.pam.services.swaylock = {}; # Make swaylock unlocking work } diff --git a/homes/julian/ssh.pub b/features-nixos/users/julian/ssh.pub similarity index 100% rename from homes/julian/ssh.pub rename to features-nixos/users/julian/ssh.pub diff --git a/hosts/common/users/wolfi/default.nix b/features-nixos/users/wolfi/default.nix similarity index 100% rename from hosts/common/users/wolfi/default.nix rename to features-nixos/users/wolfi/default.nix diff --git a/hosts/aspi/default.nix b/hosts/aspi/default.nix index c3cf5ce..a921a30 100644 --- a/hosts/aspi/default.nix +++ b/hosts/aspi/default.nix @@ -1,28 +1,28 @@ -{ +{self, ...}: { imports = [ ./hardware-configuration.nix - ../common/global - ../common/users/julian - ../common/optional/binarycaches.nix + "${self}/features-nixos/global" + "${self}/features-nixos/users/julian" + "${self}/features-nixos/optional/binarycaches.nix" - ../common/optional/remote-builder.nix - ../common/optional/boot-efi.nix + "${self}/features-nixos/optional/remote-builder.nix" + "${self}/features-nixos/optional/boot-efi.nix" - ../common/optional/greetd.nix - ../common/optional/authentication.nix - ../common/optional/pcmanfm.nix - ../common/optional/pipewire.nix + "${self}/features-nixos/optional/greetd.nix" + "${self}/features-nixos/optional/authentication.nix" + "${self}/features-nixos/optional/pcmanfm.nix" + "${self}/features-nixos/optional/pipewire.nix" - ../common/optional/gamemode.nix - ../common/optional/virtualbox.nix + "${self}/features-nixos/optional/gamemode.nix" + "${self}/features-nixos/optional/virtualbox.nix" - ../common/optional/podman.nix - ../common/optional/wireguard.nix - ../common/optional/wireshark.nix - ../common/optional/flatpak.nix + "${self}/features-nixos/optional/podman.nix" + "${self}/features-nixos/optional/wireguard.nix" + "${self}/features-nixos/optional/wireshark.nix" + "${self}/features-nixos/optional/flatpak.nix" - ../common/optional/avahi.nix + "${self}/features-nixos/optional/avahi.nix" ]; networking.hostName = "aspi"; diff --git a/hosts/builder/default.nix b/hosts/builder/default.nix index b981f58..27cec45 100644 --- a/hosts/builder/default.nix +++ b/hosts/builder/default.nix @@ -2,6 +2,7 @@ # or # deploy .#builder { + self, config, pkgs, ... @@ -9,11 +10,11 @@ imports = [ ./hardware-configuration.nix - ../common/global/fish.nix # fish for admin - ../common/global/locale.nix - ../common/global/nix.nix - ../common/global/sops.nix - ../common/global/root.nix + "${self}/features-nixos/global/fish.nix" # fish for admin + "${self}/features-nixos/global/locale.nix" + "${self}/features-nixos/global/nix.nix" + "${self}/features-nixos/global/sops.nix" + "${self}/features-nixos/global/root.nix" ]; networking.hostName = "builder"; diff --git a/hosts/kardorf/default.nix b/hosts/kardorf/default.nix index 6c04e94..ac41a30 100644 --- a/hosts/kardorf/default.nix +++ b/hosts/kardorf/default.nix @@ -1,30 +1,31 @@ -{pkgs, ...}: { +{ + self, + pkgs, + ... +}: { imports = [ ./hardware-configuration.nix - ../common/global - ../common/users/julian - ../common/users/wolfi - ../common/optional/binarycaches.nix + "${self}/features-nixos/global" + "${self}/features-nixos/users/julian" + "${self}/features-nixos/users/wolfi" + "${self}/features-nixos/optional/binarycaches.nix" - # ../common/optional/xserver.nix - ../common/optional/remote-builder.nix - ../common/optional/boot-efi.nix + "${self}/features-nixos/optional/remote-builder.nix" + "${self}/features-nixos/optional/boot-efi.nix" - ../common/optional/greetd.nix - ../common/optional/authentication.nix - ../common/optional/pcmanfm.nix - ../common/optional/pipewire.nix + "${self}/features-nixos/optional/greetd.nix" + "${self}/features-nixos/optional/authentication.nix" + "${self}/features-nixos/optional/pcmanfm.nix" + "${self}/features-nixos/optional/pipewire.nix" - ../common/optional/virtualbox.nix + "${self}/features-nixos/optional/openssh.nix" - # ../common/optional/gdm.nix - # ../common/optional/i3.nix + "${self}/features-nixos/optional/virtualbox.nix" - ../common/optional/openssh.nix - - ../common/optional/podman.nix - ../common/optional/flatpak.nix + "${self}/features-nixos/optional/podman.nix" + "${self}/features-nixos/optional/wireshark.nix" + "${self}/features-nixos/optional/flatpak.nix" ]; networking.hostName = "kardorf"; diff --git a/hosts/common/secrets.yaml b/hosts/secrets-common.yaml similarity index 100% rename from hosts/common/secrets.yaml rename to hosts/secrets-common.yaml