Move common host features to features-nixos folder

2026-03-23 20:57:12 +01:00
parent b31791b9ef
commit eec600d1d0
37 changed files with 49 additions and 45 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -5,7 +5,7 @@ keys:
  - &kardorf-ssh age15lxw97z03q40xrdscnxqqugh5ky5aqrerg2t2rphkcqm6rnllurq8v98q5
 creation_rules:
-  - path_regex: hosts/common/secrets.yaml$
+  - path_regex: hosts/secrets-common.yaml$
    key_groups:
    - age:
      - *primary
--- a/features-nixos/global/auto-upgrade.nix
+++ b/features-nixos/global/auto-upgrade.nix
--- a/features-nixos/global/default.nix
+++ b/features-nixos/global/default.nix
--- a/features-nixos/global/fish.nix
+++ b/features-nixos/global/fish.nix
--- a/features-nixos/global/locale.nix
+++ b/features-nixos/global/locale.nix
--- a/features-nixos/global/nix.nix
+++ b/features-nixos/global/nix.nix
--- a/features-nixos/global/root.nix
+++ b/features-nixos/global/root.nix
--- a/features-nixos/global/sops.nix
+++ b/features-nixos/global/sops.nix
@@ -1,4 +1,5 @@
 {
  self,
  inputs,
  config,
  ...
@@ -18,5 +19,5 @@ in {
    generateKey = false; # TODO: building should not work without secrets!?
  };
-  sops.defaultSopsFile = ../secrets.yaml;
+  sops.defaultSopsFile = "${self}/hosts/secrets-common.yaml";
 }
--- a/features-nixos/optional/authentication.nix
+++ b/features-nixos/optional/authentication.nix
--- a/features-nixos/optional/avahi.nix
+++ b/features-nixos/optional/avahi.nix
--- a/features-nixos/optional/binarycaches.nix
+++ b/features-nixos/optional/binarycaches.nix
--- a/features-nixos/optional/boot-efi.nix
+++ b/features-nixos/optional/boot-efi.nix
--- a/features-nixos/optional/docker.nix
+++ b/features-nixos/optional/docker.nix
--- a/features-nixos/optional/flatpak.nix
+++ b/features-nixos/optional/flatpak.nix
--- a/features-nixos/optional/gamemode.nix
+++ b/features-nixos/optional/gamemode.nix
--- a/features-nixos/optional/gdm.nix
+++ b/features-nixos/optional/gdm.nix
--- a/features-nixos/optional/greetd.nix
+++ b/features-nixos/optional/greetd.nix
--- a/features-nixos/optional/i3.nix
+++ b/features-nixos/optional/i3.nix
--- a/features-nixos/optional/kerberos.nix
+++ b/features-nixos/optional/kerberos.nix
--- a/features-nixos/optional/openssh.nix
+++ b/features-nixos/optional/openssh.nix
--- a/features-nixos/optional/pcmanfm.nix
+++ b/features-nixos/optional/pcmanfm.nix
--- a/features-nixos/optional/pipewire.nix
+++ b/features-nixos/optional/pipewire.nix
--- a/features-nixos/optional/podman.nix
+++ b/features-nixos/optional/podman.nix
--- a/features-nixos/optional/redshift.nix
+++ b/features-nixos/optional/redshift.nix
--- a/features-nixos/optional/remote-builder.nix
+++ b/features-nixos/optional/remote-builder.nix
--- a/features-nixos/optional/thunar.nix
+++ b/features-nixos/optional/thunar.nix
--- a/features-nixos/optional/virtualbox.nix
+++ b/features-nixos/optional/virtualbox.nix
--- a/features-nixos/optional/wireguard.nix
+++ b/features-nixos/optional/wireguard.nix
--- a/features-nixos/optional/wireshark.nix
+++ b/features-nixos/optional/wireshark.nix
--- a/features-nixos/optional/xserver.nix
+++ b/features-nixos/optional/xserver.nix
--- a/features-nixos/users/julian/default.nix
+++ b/features-nixos/users/julian/default.nix
@@ -1,4 +1,5 @@
 {
  self,
  pkgs,
  config,
  lib,
@@ -29,7 +30,7 @@ in {
    ];
    openssh.authorizedKeys.keys = lib.splitString "\n" (
-      builtins.readFile ../../../../homes/julian/ssh.pub
+      builtins.readFile ./ssh.pub
    );
    # hashedPasswordFile = config.sops.secrets.julian-password.path;
    hashedPassword = "$y$j9T$N33kLJQbV8soUoCbDkpwA1$r/yahJDgOPo4GGOrAi6BUG5zLTzmaBrA5NQ4nno561A";
@@ -44,7 +45,7 @@ in {
    neededForUsers = true;
  };
-  home-manager.users.julian = import ../../../../homes/julian/${config.networking.hostName}.nix;
+  home-manager.users.julian = import "${self}/homes/julian/${config.networking.hostName}.nix";
  security.pam.services.swaylock = {}; # Make swaylock unlocking work
 }
--- a/features-nixos/users/julian/ssh.pub
+++ b/features-nixos/users/julian/ssh.pub
--- a/features-nixos/users/wolfi/default.nix
+++ b/features-nixos/users/wolfi/default.nix
--- a/hosts/aspi/default.nix
+++ b/hosts/aspi/default.nix
@@ -1,28 +1,28 @@
-{
+{self, ...}: {
  imports = [
    ./hardware-configuration.nix
-    ../common/global
+    "${self}/features-nixos/global"
-    ../common/users/julian
+    "${self}/features-nixos/users/julian"
-    ../common/optional/binarycaches.nix
+    "${self}/features-nixos/optional/binarycaches.nix"
-    ../common/optional/remote-builder.nix
+    "${self}/features-nixos/optional/remote-builder.nix"
-    ../common/optional/boot-efi.nix
+    "${self}/features-nixos/optional/boot-efi.nix"
-    ../common/optional/greetd.nix
+    "${self}/features-nixos/optional/greetd.nix"
-    ../common/optional/authentication.nix
+    "${self}/features-nixos/optional/authentication.nix"
-    ../common/optional/pcmanfm.nix
+    "${self}/features-nixos/optional/pcmanfm.nix"
-    ../common/optional/pipewire.nix
+    "${self}/features-nixos/optional/pipewire.nix"
-    ../common/optional/gamemode.nix
+    "${self}/features-nixos/optional/gamemode.nix"
-    ../common/optional/virtualbox.nix
+    "${self}/features-nixos/optional/virtualbox.nix"
-    ../common/optional/podman.nix
+    "${self}/features-nixos/optional/podman.nix"
-    ../common/optional/wireguard.nix
+    "${self}/features-nixos/optional/wireguard.nix"
-    ../common/optional/wireshark.nix
+    "${self}/features-nixos/optional/wireshark.nix"
-    ../common/optional/flatpak.nix
+    "${self}/features-nixos/optional/flatpak.nix"
-    ../common/optional/avahi.nix
+    "${self}/features-nixos/optional/avahi.nix"
  ];
  networking.hostName = "aspi";
--- a/hosts/builder/default.nix
+++ b/hosts/builder/default.nix
@@ -2,6 +2,7 @@
 # or
 # deploy .#builder
 {
  self,
  config,
  pkgs,
  ...
@@ -9,11 +10,11 @@
  imports = [
    ./hardware-configuration.nix
-    ../common/global/fish.nix # fish for admin
+    "${self}/features-nixos/global/fish.nix" # fish for admin
-    ../common/global/locale.nix
+    "${self}/features-nixos/global/locale.nix"
-    ../common/global/nix.nix
+    "${self}/features-nixos/global/nix.nix"
-    ../common/global/sops.nix
+    "${self}/features-nixos/global/sops.nix"
-    ../common/global/root.nix
+    "${self}/features-nixos/global/root.nix"
  ];
  networking.hostName = "builder";
--- a/hosts/kardorf/default.nix
+++ b/hosts/kardorf/default.nix
@@ -1,30 +1,31 @@
-{pkgs, ...}: {
+{
  self,
  pkgs,
  ...
 }: {
  imports = [
    ./hardware-configuration.nix
-    ../common/global
+    "${self}/features-nixos/global"
-    ../common/users/julian
+    "${self}/features-nixos/users/julian"
-    ../common/users/wolfi
+    "${self}/features-nixos/users/wolfi"
-    ../common/optional/binarycaches.nix
+    "${self}/features-nixos/optional/binarycaches.nix"
-    # ../common/optional/xserver.nix
+    "${self}/features-nixos/optional/remote-builder.nix"
-    ../common/optional/remote-builder.nix
+    "${self}/features-nixos/optional/boot-efi.nix"
    ../common/optional/boot-efi.nix
-    ../common/optional/greetd.nix
+    "${self}/features-nixos/optional/greetd.nix"
-    ../common/optional/authentication.nix
+    "${self}/features-nixos/optional/authentication.nix"
-    ../common/optional/pcmanfm.nix
+    "${self}/features-nixos/optional/pcmanfm.nix"
-    ../common/optional/pipewire.nix
+    "${self}/features-nixos/optional/pipewire.nix"
-    ../common/optional/virtualbox.nix
+    "${self}/features-nixos/optional/openssh.nix"
-    # ../common/optional/gdm.nix
+    "${self}/features-nixos/optional/virtualbox.nix"
    # ../common/optional/i3.nix
-    ../common/optional/openssh.nix
+    "${self}/features-nixos/optional/podman.nix"
-
+    "${self}/features-nixos/optional/wireshark.nix"
-    ../common/optional/podman.nix
+    "${self}/features-nixos/optional/flatpak.nix"
    ../common/optional/flatpak.nix
  ];
  networking.hostName = "kardorf";
--- a/hosts/secrets-common.yaml
+++ b/hosts/secrets-common.yaml