nixos: remove ./flake-modules

2023-12-10 23:56:40 +08:00 · 2023-12-10 23:56:40 +08:00 · ada1f8980e
commit ada1f8980e
parent 491f672b14
17 changed files with 31 additions and 94 deletions
--- a/README.md
+++ b/README.md
@ -21,7 +21,6 @@ It just works™
 │   ### System configuration
 ├──  darwin
 ├──  nixos
-│  ├──  flake-modules
 │  ├──  hardware
 │  ├──  modules
 │  └──  profiles
--- a/flake.nix
+++ b/flake.nix
@ -175,14 +175,14 @@
          ./users/guanranwang/nixos/profiles/core
          ./users/guanranwang/nixos/profiles/device-type/laptop
          ./users/guanranwang/nixos/profiles/opt-in/clash-meta-client.nix
-          ./users/guanranwang/nixos/profiles/opt-in/gaming.nix
-          ./users/guanranwang/nixos/profiles/opt-in/torrenting.nix
+          ./users/guanranwang/nixos/profiles/opt-in/gaming
+          ./users/guanranwang/nixos/profiles/opt-in/torrenting

          # Hardware
          ./nixos/hardware/lenovo/legion/81fw
-          ./nixos/flake-modules/lanzaboote.nix
-          ./nixos/flake-modules/impermanence.nix
-          ./nixos/flake-modules/disko.nix
+          ./nixos/profiles/opt-in/lanzaboote.nix
+          ./nixos/profiles/opt-in/impermanence.nix
+          ./nixos/profiles/opt-in/disko.nix

          {
            networking.hostName = "Aristotle";
--- a/nixos/flake-modules/berberman.nix
+++ b/nixos/flake-modules/berberman.nix
@ -1,13 +0,0 @@
-{
-  inputs,
-  lib,
-  ...
-}: {
-  nixpkgs.overlays = [
-    inputs.berberman.overlays.default
-  ];
-  nix.settings = {
-    substituters = lib.mkAfter ["https://berberman.cachix.org"];
-    trusted-public-keys = ["berberman.cachix.org-1:UHGhodNXVruGzWrwJ12B1grPK/6Qnrx2c3TjKueQPds="];
-  };
-}
--- a/nixos/flake-modules/home-manager.nix
+++ b/nixos/flake-modules/home-manager.nix
@ -1,9 +0,0 @@
-{inputs, ...}: {
-  imports = [inputs.home-manager.nixosModules.home-manager];
-
-  home-manager = {
-    useGlobalPkgs = true;
-    useUserPackages = true;
-    extraSpecialArgs = {inherit inputs;}; # ??? isnt specialArgs imported by default ???
-  };
-}
--- a/nixos/flake-modules/hyprland.nix
+++ b/nixos/flake-modules/hyprland.nix
@ -1,6 +0,0 @@
-{lib, ...}: {
-  nix.settings = {
-    substituters = lib.mkAfter ["https://hyprland.cachix.org"];
-    trusted-public-keys = ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="];
-  };
-}
--- a/nixos/flake-modules/sops-nix.nix
+++ b/nixos/flake-modules/sops-nix.nix
@ -1,3 +0,0 @@
-{inputs, ...}: {
-  imports = [inputs.sops-nix.nixosModules.sops];
-}
--- a/nixos/profiles/core/default.nix
+++ b/nixos/profiles/core/default.nix
@ -1,15 +1,27 @@
 {
  config,
  lib,
+  inputs,
  ...
 }: {
-  # Imported by default
  imports = [
    ../../modules

    ./nix
    ./packages
    ./sysctl.nix
+
+    # Flake modules
+    inputs.disko.nixosModules.disko
+    inputs.home-manager.nixosModules.home-manager
+    inputs.impermanence.nixosModules.impermanence
+    inputs.lanzaboote.nixosModules.lanzaboote
+    inputs.sops-nix.nixosModules.sops
+  ];
+
+  # Flake overlays
+  nixpkgs.overlays = [
+    inputs.berberman.overlays.default
  ];

  boot.initrd.systemd.enable = true;
@ -76,6 +88,12 @@
    #};
  };

+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    extraSpecialArgs = {inherit inputs;}; # ??? isnt specialArgs imported by default ???
+  };
+
  ### Basic hardening
  # ref: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix
  # ref: https://madaidans-insecurities.github.io/guides/linux-hardening.html
--- a/nixos/profiles/core/nix/nix.nix
+++ b/nixos/profiles/core/nix/nix.nix
@ -14,10 +14,14 @@
      ++ [
        "https://nix-community.cachix.org"
        "https://cache.garnix.io"
+        "https://berberman.cachix.org"
+        "https://hyprland.cachix.org"
      ];
    trusted-public-keys = [
      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
      "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
+      "berberman.cachix.org-1:UHGhodNXVruGzWrwJ12B1grPK/6Qnrx2c3TjKueQPds="
+      "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
    ];
    use-xdg-base-directories = true;
  };
--- a/nixos/profiles/opt-in/disko.nix
+++ b/nixos/profiles/opt-in/disko.nix
@ -1,10 +1,4 @@
-{
-  inputs,
-  disks ? ["/dev/sda"],
-  ...
-}: {
-  imports = [inputs.disko.nixosModules.disko];
-
+{disks ? ["/dev/sda"], ...}: {
  disko.devices = {
    disk = {
      "one" = {
--- a/nixos/profiles/opt-in/impermanence.nix
+++ b/nixos/profiles/opt-in/impermanence.nix
@ -1,13 +1,4 @@
-{
-  inputs,
-  lib,
-  ...
-}: {
-  imports = [
-    inputs.impermanence.nixosModules.impermanence
-    ./sops-nix.nix
-  ];
-
+{lib, ...}: {
  ### sops-nix
  sops.age.sshKeyPaths = lib.mkForce ["/nix/persist/system/etc/ssh/ssh_host_ed25519_key"];

--- a/nixos/profiles/opt-in/lanzaboote.nix
+++ b/nixos/profiles/opt-in/lanzaboote.nix
@ -1,10 +1,4 @@
-{
-  inputs,
-  pkgs,
-  ...
-}: {
-  imports = [inputs.lanzaboote.nixosModules.lanzaboote];
-
+{pkgs, ...}: {
  environment.systemPackages = with pkgs; [sbctl];
  boot.loader.systemd-boot.enable = false;
  boot.lanzaboote = {
--- a/users/guanranwang/darwin/profiles/core/default.nix
+++ b/users/guanranwang/darwin/profiles/core/default.nix
@ -16,12 +16,5 @@

  ### Options
  myFlake.darwin.networking.dns.provider = lib.mkDefault "alidns";
-
-  ### Flakes
-  imports = [
-    ../../../../../darwin/flake-modules/home-manager.nix
-  ];
-
-  ### home-manager
  home-manager.users.guanranwang = import ./home;
 }
--- a/users/guanranwang/nixos/profiles/core/default.nix
+++ b/users/guanranwang/nixos/profiles/core/default.nix
@ -23,12 +23,6 @@
  users.groups."nix-access-tokens" = {};
  nix.extraOptions = "!include ${config.sops.secrets.nix-access-tokens.path}";

-  ### Flakes
-  imports = [
-    ../../../../../nixos/flake-modules/sops-nix.nix
-    ../../../../../nixos/flake-modules/home-manager.nix
-  ];
-
  ### sops-nix
  sops = {
    defaultSopsFile = ../../../secrets/secrets.yaml;
--- a/users/guanranwang/nixos/profiles/device-type/desktop/default.nix
+++ b/users/guanranwang/nixos/profiles/device-type/desktop/default.nix
@ -3,13 +3,6 @@
  lib,
  ...
 }: {
-  imports = [
-    ### Flakes
-    ../../../../../../nixos/flake-modules/sops-nix.nix
-    ../../../../../../nixos/flake-modules/home-manager.nix
-    ../../../../../../nixos/flake-modules/berberman.nix
-  ];
-
  ### Options
  myFlake.nixos.boot.noLoaderMenu = lib.mkDefault true;

--- a/users/guanranwang/nixos/profiles/opt-in/clash-meta-client.nix
+++ b/users/guanranwang/nixos/profiles/opt-in/clash-meta-client.nix
@ -4,10 +4,6 @@
  inputs,
  ...
 }: {
-  imports = [
-    ../../../../../nixos/flake-modules/sops-nix.nix
-  ];
-
  ### sops-nix
  sops.secrets."clash-config" = {
    owner = config.users.users."clash-meta".name;
--- a/users/guanranwang/nixos/profiles/opt-in/hysteria2-server.nix
+++ b/users/guanranwang/nixos/profiles/opt-in/hysteria2-server.nix
@ -5,10 +5,6 @@
 }: let
  port = 43956;
 in {
-  imports = [
-    ../../../../../../nixos/flake-modules/sops-nix.nix
-  ];
-
  ### Firewall
  networking.firewall = {
    allowedTCPPorts = [port 80 443];
--- a/users/guanranwang/nixos/profiles/opt-in/juicity-server.nix
+++ b/users/guanranwang/nixos/profiles/opt-in/juicity-server.nix
@ -5,10 +5,6 @@
 }: let
  port = "33829";
 in {
-  imports = [
-    ../../../../../../nixos/flake-modules/sops-nix.nix
-  ];
-
  ### Firewall
  networking.firewall = {
    allowedTCPPorts = [port];