Way too massive refactoring

2025-05-29 15:39:42 +03:00 · 2025-05-29 15:39:42 +03:00 · 24aac9708b
commit 24aac9708b
parent 113d68be68
49 changed files with 481 additions and 407 deletions
--- a/machine-confs/lithium.nix
+++ b/machine-confs/lithium.nix
@ -1,78 +1,31 @@
-{ pkgs, config, ... }:
+{ lib, ... }:
 {
-  networking = {
-    hostName = "lithium";
+  networking.hostName = "lithium";
+  custom.home_wg_suffix = "3";

-    wg-quick.interfaces = {
-      wg0 = {
-        autostart = true;
-        address = [ "${config.custom.gua_pref}ff::3/64" ];
-        dns = [
-          "${config.custom.gua_pref}ff::1"
-          "vsinerva.fi"
-        ];
-        privateKeyFile = "/root/wireguard-keys/privatekey-home";
-        listenPort = 51820;
-
-        peers = [
-          {
-            publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
-            presharedKeyFile = "/root/wireguard-keys/psk-home";
-            allowedIPs = [ "::/0" ];
-            endpoint = "wg.vsinerva.fi:51820";
-          }
-        ];
-      };
-    };
-  };
-  # Dirty hack to fix autostart failing due to DNS lookups
-  systemd.services."wg-quick-wg0".serviceConfig = {
-    Restart = "on-failure";
-    RestartSec = "1s";
-  };
-  services.clatd = {
-    enable = true;
-    settings.clat-v6-addr = "${config.custom.gua_pref}ff::c3";
-  };
-  systemd.services.clatd.wants = [ "wg-quick-wg0.service" ];
-
-  services.openssh.openFirewall = false;
-  services.fail2ban.enable = pkgs.lib.mkForce false;
+  system.autoUpgrade.allowReboot = lib.mkForce false;
+  # boot.kernelParams = [ "resume_offset=39292928" ];

  imports = [
-    ../base.nix
-    ../users/vili.nix
-    ../desktop.nix
-    ../development.nix
-    ../services/syncthing.nix
-    ../services/redshift.nix
-    ../services/moonlight.nix
-    ../hardware-specific/onlykey.nix
-    ../hardware-specific/keychron-q11.nix
-    ../hardware-specific/trackball.nix
-    ../hardware-specific/usb-automount.nix
-    ../hardware-specific/intel-laptop.nix
+    ../shared/base.nix
+
+    ../personal-machines/desktop.nix
+    ../personal-machines/development.nix
+
+    ../personal-machines/hardware/hibernate.nix
+    ../personal-machines/hardware/intel-laptop.nix
+    ../personal-machines/hardware/onlykey.nix
+
+    ../personal-machines/networking/home-wg.nix
+    ../personal-machines/networking/printing.nix
+
+    ../personal-machines/programs/bitwarden.nix
+    ../personal-machines/programs/communication.nix
+    ../personal-machines/programs/firefox.nix
+    ../personal-machines/programs/i3.nix
+    ../personal-machines/programs/moonlight.nix
+    ../personal-machines/programs/redshift.nix
+    ../personal-machines/programs/study.nix
+    ../personal-machines/programs/usb-automount.nix
  ];
-
-  system.autoUpgrade.allowReboot = pkgs.lib.mkForce false;
-
-  swapDevices = pkgs.lib.mkForce [
-    {
-      device = "/var/lib/swapfile";
-      size = 16 * 1024;
-    }
-  ];
-
-  boot = {
-    loader.timeout = 10;
-    initrd.luks = {
-      fido2Support = true;
-      devices."nixos".fido2 = {
-        passwordLess = true;
-        credential = "f29b0760a6ec3b18b0a9958d77d8be8b15ff4fd90d42c3ceaeeb5d24a19c8f81315f52dae2262619c1da2be7562ec9dd94888c71a9326fea70dfe16214b5ea8ec014225afa01";
-      };
-    };
-    resumeDevice = "/dev/mapper/nixos";
-    kernelParams = [ "resume_offset=39292928" ];
-  };
 }