about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-05-02 08:03:36 -0700
committerFranck Cuny <franck@fcuny.net>2023-05-02 08:03:36 -0700
commit7aa912237697c08537688cc4d13d75bff819f7aa (patch)
tree646be15680ccec130463e5c66da65a5cf0a0f403
parentprofiles/workstation: add font configurations (diff)
downloadworld-7aa912237697c08537688cc4d13d75bff819f7aa.tar.gz
profiles/default: more consolidation
-rw-r--r--modules/system/console/default.nix8
-rw-r--r--modules/system/default.nix4
-rw-r--r--modules/system/documentation/default.nix14
-rw-r--r--modules/system/nix/default.nix38
-rw-r--r--modules/system/security/default.nix8
-rw-r--r--modules/system/security/ssh.nix17
-rw-r--r--profiles/default.nix53
-rw-r--r--profiles/documentation.nix15
-rw-r--r--profiles/server.nix7
-rw-r--r--profiles/workstation.nix1
10 files changed, 76 insertions, 89 deletions
diff --git a/modules/system/console/default.nix b/modules/system/console/default.nix
deleted file mode 100644
index 5bb169b..0000000
--- a/modules/system/console/default.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ pkgs, ... }: {
-  console = {
-    earlySetup = true;
-    font = "${pkgs.terminus_font}/share/consolefonts/ter-132n.psf.gz";
-    packages = with pkgs; [ terminus_font ];
-    keyMap = "us";
-  };
-}
diff --git a/modules/system/default.nix b/modules/system/default.nix
index 46cefbd..b2f6a19 100644
--- a/modules/system/default.nix
+++ b/modules/system/default.nix
@@ -4,11 +4,7 @@
   imports = [
     ./boot
     ./btrfs
-    ./console
-    ./documentation
-    ./nix
     ./packages
-    ./security
     ./users
   ];
 }
diff --git a/modules/system/documentation/default.nix b/modules/system/documentation/default.nix
deleted file mode 100644
index 67f84ff..0000000
--- a/modules/system/documentation/default.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ config, lib, pkgs, ... }: {
-  documentation = {
-    enable = true;
-    dev.enable = true;
-    info.enable = true;
-    man = {
-      enable = true;
-      generateCaches = true;
-    };
-    nixos.enable = true;
-  };
-
-  environment.systemPackages = with pkgs; [ man-pages man-pages-posix ];
-}
diff --git a/modules/system/nix/default.nix b/modules/system/nix/default.nix
deleted file mode 100644
index 67029ad..0000000
--- a/modules/system/nix/default.nix
+++ /dev/null
@@ -1,38 +0,0 @@
-# Nix related settings
-{ lib, pkgs, ... }: {
-  nix = {
-    package = pkgs.nixFlakes;
-    settings = {
-      trusted-users = [ "root" "@wheel" ];
-      auto-optimise-store = true;
-      substituters = [
-        "https://cachix.cachix.org"
-        "https://nix-community.cachix.org"
-      ];
-      trusted-public-keys = [
-        "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
-        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
-      ];
-      experimental-features = [ "nix-command" "flakes" ];
-      # Whether to warn about dirty Git/Mercurial trees - this is not
-      # useful information to me.
-      warn-dirty = false;
-      # The timeout (in seconds) for establishing connections in the binary
-      # cache substituter. It corresponds to curl’s –connect-timeout option.
-      # The default is equivalent to 300 seconds, way too long.
-      connect-timeout = 5;
-      # The number of lines of the tail of the log to show if a build fails.
-      # The default is 10 and it's usually too short.
-      log-lines = 25;
-      # If set to true, Nix will fall back to building from source if
-      # a binary substitute fails. This is equivalent to the –fallback
-      # flag. The default is false.
-      fallback = true;
-    };
-
-    gc = {
-      automatic = true;
-      options = "--delete-older-than 14d";
-    };
-  };
-}
diff --git a/modules/system/security/default.nix b/modules/system/security/default.nix
deleted file mode 100644
index debcd9e..0000000
--- a/modules/system/security/default.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ ... }:
-
-{
-  imports = [ ./ssh.nix ];
-
-  security.sudo.wheelNeedsPassword = false;
-  security.polkit.enable = true;
-}
diff --git a/modules/system/security/ssh.nix b/modules/system/security/ssh.nix
deleted file mode 100644
index 14cbf5d..0000000
--- a/modules/system/security/ssh.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ ... }:
-
-{
-  programs.ssh = {
-    # $ ssh-keyscan example.com
-    knownHosts = {
-      github = {
-        hostNames = [ "github.com" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
-      };
-      rsync = {
-        hostNames = [ "de2664.rsync.net" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIObQN4P/deJ/k4P4kXh6a9K4Q89qdyywYetp9h3nwfPo";
-      };
-    };
-  };
-}
diff --git a/profiles/default.nix b/profiles/default.nix
index f415edf..7421144 100644
--- a/profiles/default.nix
+++ b/profiles/default.nix
@@ -4,4 +4,57 @@
   i18n.defaultLocale = "en_US.UTF-8";
 
   time.timeZone = "America/Los_Angeles";
+
+  security.sudo.wheelNeedsPassword = false;
+  security.polkit.enable = true;
+
+  programs.ssh = {
+    # $ ssh-keyscan example.com
+    knownHosts = {
+      github = {
+        hostNames = [ "github.com" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
+      };
+      rsync = {
+        hostNames = [ "de2664.rsync.net" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIObQN4P/deJ/k4P4kXh6a9K4Q89qdyywYetp9h3nwfPo";
+      };
+    };
+  };
+
+  nix = {
+    package = pkgs.nixFlakes;
+    settings = {
+      trusted-users = [ "root" "@wheel" ];
+      auto-optimise-store = true;
+      substituters = [
+        "https://cachix.cachix.org"
+        "https://nix-community.cachix.org"
+      ];
+      trusted-public-keys = [
+        "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      ];
+      experimental-features = [ "nix-command" "flakes" ];
+      # Whether to warn about dirty Git/Mercurial trees - this is not
+      # useful information to me.
+      warn-dirty = false;
+      # The timeout (in seconds) for establishing connections in the binary
+      # cache substituter. It corresponds to curl’s –connect-timeout option.
+      # The default is equivalent to 300 seconds, way too long.
+      connect-timeout = 5;
+      # The number of lines of the tail of the log to show if a build fails.
+      # The default is 10 and it's usually too short.
+      log-lines = 25;
+      # If set to true, Nix will fall back to building from source if
+      # a binary substitute fails. This is equivalent to the –fallback
+      # flag. The default is false.
+      fallback = true;
+    };
+
+    gc = {
+      automatic = true;
+      options = "--delete-older-than 14d";
+    };
+  };
 }
diff --git a/profiles/documentation.nix b/profiles/documentation.nix
new file mode 100644
index 0000000..71ba06b
--- /dev/null
+++ b/profiles/documentation.nix
@@ -0,0 +1,15 @@
+{ config, lib, pkgs, ... }:
+{
+  documentation = {
+    enable = true;
+    dev.enable = true;
+    info.enable = true;
+    man.enable = true;
+    nixos.enable = true;
+  };
+
+  environment.systemPackages = with pkgs; [
+    man-pages
+    man-pages-posix
+  ];
+}
diff --git a/profiles/server.nix b/profiles/server.nix
index 5b96d56..27498d6 100644
--- a/profiles/server.nix
+++ b/profiles/server.nix
@@ -3,4 +3,11 @@
   imports = [
     ./default.nix
   ];
+
+  console = {
+    earlySetup = true;
+    font = "${pkgs.terminus_font}/share/consolefonts/ter-132n.psf.gz";
+    packages = with pkgs; [ terminus_font ];
+    keyMap = "us";
+  };
 }
diff --git a/profiles/workstation.nix b/profiles/workstation.nix
index 2c7ee02..151357c 100644
--- a/profiles/workstation.nix
+++ b/profiles/workstation.nix
@@ -2,6 +2,7 @@
 {
   imports = [
     ./default.nix
+    ./documentation.nix
   ];
 
   virtualisation.docker.enable = false;