factor out common configuration options

15 files changed, 275 insertions, 318 deletions

diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..1c87019
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,109 @@
+{
+  "nodes": {
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": "nixpkgs",
+        "utils": "utils"
+      },
+      "locked": {
+        "lastModified": 1675935446,
+        "narHash": "sha256-WajulTn7QdwC7QuXRBavrANuIXE5z+08EdxdRw1qsNs=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "2dce7f1a55e785a22d61668516df62899278c9e4",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "my-nixpkgs": {
+      "locked": {
+        "lastModified": 1676204203,
+        "narHash": "sha256-EXigtR8D4/sbkIXpx4SD5GV2qQJ+LOC9IwnSFRW4TO8=",
+        "ref": "refs/heads/master",
+        "rev": "6ea803da80558e269564c99070e92e285cf977ff",
+        "revCount": 2,
+        "type": "git",
+        "url": "file:///home/qaristote/code/nix/my-nixpkgs"
+      },
+      "original": {
+        "type": "git",
+        "url": "file:///home/qaristote/code/nix/my-nixpkgs"
+      }
+    },
+    "nixos-hardware": {
+      "locked": {
+        "lastModified": 1675933606,
+        "narHash": "sha256-y427VhPQHOKkYvkc9MMsL/2R7M11rQxzsRdRLM3htx8=",
+        "owner": "NixOS",
+        "repo": "nixos-hardware",
+        "rev": "44ae00e02e8036a66c08f4decdece7e3bbbefee2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "master",
+        "repo": "nixos-hardware",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1675115703,
+        "narHash": "sha256-4zetAPSyY0D77x+Ww9QBe8RHn1akvIvHJ/kgg8kGDbk=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "2caf4ef5005ecc68141ecb4aac271079f7371c44",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1676335949,
+        "narHash": "sha256-mnvvqmFhotH++nSovRiIZX4CW8nbr2bEEnWgymzM4z4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "0a25e2c87e784bf7e06e7833ec0e06d34836959a",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "root": {
+      "inputs": {
+        "home-manager": "home-manager",
+        "my-nixpkgs": "my-nixpkgs",
+        "nixos-hardware": "nixos-hardware",
+        "nixpkgs": "nixpkgs_2"
+      }
+    },
+    "utils": {
+      "locked": {
+        "lastModified": 1667395993,
+        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
index ff8161a..07f44e4 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,11 +1,20 @@
 {
   inputs = {
-    my-nixpkgs = "git+file:///home/qaristote/code/nix/my-nixpkgs";
+    my-nixpkgs.url = "git+file:///home/qaristote/code/nix/my-nixpkgs";
+    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
+    home-manager.url = "github:nix-community/home-manager";
   };
-  outputs = { self, nixpkgs }: {
+
+  outputs = { self, nixpkgs, my-nixpkgs, nixos-hardware, home-manager }:
+    let system = "x86_64-linux"; in {
     nixosConfigurations.latitude-7490 = nixpkgs.lib.nixosSystem {
-      system = "x86_64-linux";
-      modules = [ ./nixos/configuration.nix ];
+      inherit system;
+      specialArgs = { inherit nixos-hardware home-manager; home.qaristote = import ./home; };
+      modules = [ my-nixpkgs.nixosModules.personal ./nixos ];
+    };
+    homeConfigurations.qaristote = home-manager.lib.homeManagerConfiguration {
+      pkgs = nixpkgs.legacyPackages."${system}";
+      modules = [ ./home ];
     };
   };
 }
diff --git a/nixos/boot.nix b/nixos/boot.nix
index 1e1f0c0..bbdf1fe 100644
--- a/nixos/boot.nix
+++ b/nixos/boot.nix
@@ -1,54 +1,7 @@
 { config, pkgs, ... }:
 
 {
-  imports = [ # Include the results of the hardware scan.
-    ./hardware-configuration.nix
+  personal.boot.grub.enable = true;
 
-    <nixos-hardware/dell/latitude/7490>
-    <nixos-hardware/common/pc/ssd>
-  ];
-
-  # Bootloader
-  boot.loader = {
-    efi = { canTouchEfiVariables = true; };
-    grub = {
-      enable = true;
-      version = 2;
-      efiSupport = true;
-      enableCryptodisk = true;
-      device = "nodev";
-      # extraEntries =
-      #   # Recovery mode
-      #   # Generate the image with generate-recovery.sh
-      #   ''
-      #   menuentry "NixOS - Recovery" {
-      #   search --set=drive1 -fs-uuid 330B-45DE
-      #          linux ($drive1)//kernels/recovery-linux-bzImage loglevel=4
-      #          initrd ($drive1)//kernels/recovery-initrd
-      #   }
-      #   '';
-    };
-  };
-
-  # Decrypt disk
-  boot.initrd.luks.devices = {
-    sda3_crypt = {
-      name = "sda3_crypt";
-      device = "/dev/disk/by-uuid/ba5dc9cd-3a73-4a01-880b-8720844307ae";
-      preLVM = true;
-    };
-  };
-
-  # Kernel
-  boot.initrd.availableKernelModules = [ "usb_storage" ];
-  boot.kernelParams = [ "i915.dc_enable=0" "intel_idle.max_cstate=1" ];
   boot.kernelPackages = pkgs.linuxPackages_latest;
-
-  # Hardware
-  hardware.firmware = with pkgs; [ firmwareLinuxNonfree ];
-  ## mcelog
-  hardware.mcelog.enable = true;
-  services.udev.extraRules = ''
-    ACTION=="add", KERNEL=="mcelog", SUBSYSTEM=="misc", TAG+="systemd", ENV{SYSTEMD_WANTS}+="mcelog.service"
-  '';
 }
diff --git a/nixos/configuration.nix b/nixos/configuration.nix
deleted file mode 100644
index 2143307..0000000
--- a/nixos/configuration.nix
+++ /dev/null
@@ -1,64 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ lib, config, pkgs, ... }:
-
-{
-  imports = [
-    <home-manager/nixos>
-
-    ./boot.nix
-    ./locale.nix
-    ./networking.nix
-    ./desktop.nix
-    ./users.nix
-    ./services.nix
-  ];
-
-  # List packages installed in system profile. To search, run:
-  # $ nix search wget
-  environment.systemPackages = with pkgs; [ vim busybox coreutils openssl ];
-  nixpkgs.config = { allowUnfree = true; };
-
-  nix = {
-    settings = {
-      auto-optimise-store = true;
-      experimental-features = [ "nix-command" "flakes" ];
-      # Binary Cache for Haskell.nix
-      trusted-public-keys = [
-        "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ="
-      ];
-      substituters = [
-        "https://cache.iog.io"
-      ];
-    };
-    gc = {
-      automatic = true;
-      dates = "daily";
-      options = "--delete-old";
-    };
-  };
-  system.autoUpgrade = {
-    enable = true;
-    flags = [ "--upgrade-all" ];
-  };
-  systemd.services.nix-gc.after =
-    lib.mkIf config.system.autoUpgrade.enable [ "nixos-upgrade.service" ];
-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = {
-  #   enable = true;
-  #   enableSSHSupport = true;
-  # };
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "20.09"; # Did you read the comment?
-}
diff --git a/nixos/default.nix b/nixos/default.nix
new file mode 100644
index 0000000..e6c7a88
--- /dev/null
+++ b/nixos/default.nix
@@ -0,0 +1,25 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ lib, config, pkgs, ... }:
+
+{
+  imports = [
+    ./boot.nix
+    ./environment.nix
+    ./gui.nix
+    ./hardware
+    ./nix.nix
+    ./networking.nix
+    ./users.nix
+  ];
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "20.09"; # Did you read the comment?
+}
diff --git a/nixos/desktop.nix b/nixos/desktop.nix
deleted file mode 100644
index f241b49..0000000
--- a/nixos/desktop.nix
+++ /dev/null
@@ -1,72 +0,0 @@
-{ config, pkgs, nixpkgs, ... }:
-
-let
-  # background-image = builtins.path {
-  #   name = "background-image";
-  #   path = /home/qaristote/.background-image;
-  # };
-  background-image = config.home-manager.users.qaristote.home.wallpaper;
-in {
-  # Configure keymap in X11
-  # services.xserver.layout = "us";
-  # services.xserver.xkbOptions = "eurosign:e";
-
-  # Enable CUPS to print documents.
-  # services.printing.enable = true;
-
-  # Enable sound.
-  sound.enable = true;
-  hardware.pulseaudio = {
-    enable = true;
-    support32Bit = true;
-    package = pkgs.pulseaudioFull;
-    extraConfig = ''
-      load-module module-dbus-protocol
-    '';
-  };
-  nixpkgs.config.pulseaudio = true;
-
-  # Enable X server
-  services.xserver = {
-    enable = true;
-    desktopManager.xfce = {
-      enable = true;
-      noDesktop = true;
-      enableXfwm = false;
-    };
-    windowManager.i3.enable = true;
-    displayManager = {
-      lightdm = {
-        enable = true;
-        background = background-image;
-        greeters.gtk = {
-          enable = true;
-          extraConfig = ''
-            user-background = false
-          '';
-          theme = {
-            name = "Arc-Dark";
-            package = pkgs.arc-theme;
-          };
-          iconTheme = {
-            name = "Breeze-dark";
-            package = pkgs.breeze-icons;
-          };
-        };
-      };
-      defaultSession = "xfce+i3";
-    };
-    # Hardware
-    libinput.enable = true;
-    layout = "fr";
-    autoRepeatDelay = 200;
-  };
-
-  programs.steam.enable = true;
-
-  # Allow all users to change hardware settings (brightness, backlight)
-  services.udev.extraRules = ''
-    ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness"
-    ACTION=="add", SUBSYSTEM=="leds", KERNEL=="dell::kbd_backlight", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/leds/%k/brightness"
-  '';
-}
diff --git a/nixos/environment.nix b/nixos/environment.nix
new file mode 100644
index 0000000..a266ca0
--- /dev/null
+++ b/nixos/environment.nix
@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+
+{
+  personal.environment = {
+    enable = true;
+    locale.enable = true;
+  };
+
+  location = {
+    latitude = 48.856614;
+    longitude = 2.3522219;
+  };
+}
diff --git a/nixos/gui.nix b/nixos/gui.nix
new file mode 100644
index 0000000..82a1328
--- /dev/null
+++ b/nixos/gui.nix
@@ -0,0 +1,23 @@
+{ config, pkgs, nixpkgs, ... }:
+
+let background-image = config.home-manager.users.qaristote.home.wallpaper;
+in {
+  personal.gui = {
+    enable = true;
+    xserver.enable = true;
+    i3.enable = true;
+  };
+
+  services.xserver = {
+    displayManager.lightdm = {
+      background = background-image;
+      greeters.gtk = {
+        extraConfig = ''
+          user-background = false
+        '';
+      };
+    };
+  };
+
+  programs.steam.enable = true;
+}
diff --git a/nixos/hardware/default.nix b/nixos/hardware/default.nix
new file mode 100644
index 0000000..0e8dc15
--- /dev/null
+++ b/nixos/hardware/default.nix
@@ -0,0 +1,26 @@
+{ nixos-hardware, ... }:
+
+{
+  imports = [ # Include the results of the hardware scan.
+    ./hardware-configuration.nix
+
+    # Community-curated hardware configuration
+    nixos-hardware.nixosModules.dell-latitude-7490
+    nixos-hardware.nixosModules.common-pc-ssd
+  ];
+
+  personal.hardware = {
+    usb.enable = true;
+    disks.crypted = "/dev/disk/by-uuid/ba5dc9cd-3a73-4a01-880b-8720844307ae";
+    firmwareNonFree.enable = true;
+    keyboard.keyMap = "fr";
+    backlights = {
+      screen = "intel_backlight";
+      keyboard = "dell::kbd_backlight";
+    };
+    sound.enable = true;
+  };
+
+  # faulty Intel CPU
+  boot.kernelParams = [ "i915.dc_enable=0" "intel_idle.max_cstate=1" ];
+}
diff --git a/nixos/hardware-configuration.nix b/nixos/hardware/hardware-configuration.nix
index b7f076e..77f7942 100644
--- a/nixos/hardware-configuration.nix
+++ b/nixos/hardware/hardware-configuration.nix
@@ -4,33 +4,31 @@
 { config, lib, pkgs, modulesPath, ... }:
 
 {
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc" ];
   boot.initrd.kernelModules = [ "dm-snapshot" ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/f5809224-8478-474f-b25d-dde1ada37957";
-      fsType = "ext4";
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/f5809224-8478-474f-b25d-dde1ada37957";
+    fsType = "ext4";
+  };
 
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/330B-45DE";
-      fsType = "vfat";
-    };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/330B-45DE";
+    fsType = "vfat";
+  };
 
-  fileSystems."/home" =
-    { device = "/dev/disk/by-uuid/8a6efcde-2361-40d5-a341-62188c014618";
-      fsType = "ext4";
-    };
+  fileSystems."/home" = {
+    device = "/dev/disk/by-uuid/8a6efcde-2361-40d5-a341-62188c014618";
+    fsType = "ext4";
+  };
 
   swapDevices =
-    [ { device = "/dev/disk/by-uuid/0cf1b50c-670c-4dc6-bb91-fc45d6148028"; }
-    ];
+    [{ device = "/dev/disk/by-uuid/0cf1b50c-670c-4dc6-bb91-fc45d6148028"; }];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
@@ -43,5 +41,6 @@
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
diff --git a/nixos/locale.nix b/nixos/locale.nix
deleted file mode 100644
index a206259..0000000
--- a/nixos/locale.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{ config, ... }:
-
-{
-  time.timeZone = "Europe/Paris";
-  location = {
-    latitude = 48.856614;
-    longitude = 2.3522219;
-  };
-
-  i18n = {
-    defaultLocale = "fr_FR.utf8";
-    extraLocaleSettings.LANG = "en_US.utf8";
-  };
-  console = {
-    font = "Lat2-Terminus16";
-    keyMap = "fr";
-  };
-}
diff --git a/nixos/networking.nix b/nixos/networking.nix
index 27b92ea..be4f223 100644
--- a/nixos/networking.nix
+++ b/nixos/networking.nix
@@ -1,30 +1,32 @@
 { config, pkgs, ... }:
 
 {
-  networking.hostName = "latitude-7490";
-
-  # NetworkManager
-  environment.systemPackages = with pkgs; [ networkmanager ];
-  networking.networkmanager = {
+  personal.networking = {
     enable = true;
-    unmanaged = [ "interface-name:ve-*" ];
+    bluetooth.enable = true;
+    networkmanager.enable = true;
+    firewall = {
+      syncthing = true;
+      kdeconnect = true;
+    };
   };
 
-  # Hosts
-  networking.hosts = {
-    "10.3.141.1" = [ "raspberrypi.local" ];
-    "192.168.1.10" = [ "dionysos.local" ];
-    # "10.233.1.2" = [ "searx.aristote.fr" "quentin.aristote.fr" "aristote.fr" ];
-  };
+  networking = {
+    hostName = "latitude-7490";
+    hosts = {
+      "10.3.141.1" = [ "raspberrypi.local" ];
+      "192.168.1.10" = [ "dionysos.local" ];
+      # "10.233.1.2" = [ "searx.aristote.fr" "quentin.aristote.fr" "aristote.fr" ];
+    };
 
-  # DHCP
-  networking.interfaces.enp0s31f6.useDHCP = true;
-  networking.interfaces.wlp2s0.useDHCP = true;
+    interfaces = {
+      enp0s31f6.useDHCP = true;
+      wlp2s0.useDHCP = true;
+    };
+  };
 
   # NAT
-  boot.kernel.sysctl = {
-    "net.ipv4.ip_forward" = 1;
-  };
+  boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; };
   networking = {
     nat = {
       enable = true;
@@ -32,38 +34,4 @@
       externalInterface = "tun0";
     };
   };
-
-  # Firewall
-  networking.firewall = {
-    enable = true;
-    allowedTCPPorts = [
-      # Syncthing
-      22000
-    ];
-    allowedTCPPortRanges = [
-      # KDEConnect
-      {
-        from = 1714;
-        to = 1764;
-      }
-    ];
-    allowedUDPPorts = [
-      # Syncthing
-      22000
-      21027
-      # Wireguard
-      # 51820
-    ];
-    allowedUDPPortRanges = [
-      # KDE Connect
-      {
-        from = 1714;
-        to = 1764;
-      }
-    ];
-  };
-
-  # Bluetooth
-  hardware.bluetooth.enable = true;
-  services.blueman.enable = true;
 }
diff --git a/nixos/nix.nix b/nixos/nix.nix
new file mode 100644
index 0000000..01f86e7
--- /dev/null
+++ b/nixos/nix.nix
@@ -0,0 +1,18 @@
+{ ... }:
+
+{
+  personal.nix = {
+    enable = true;
+    autoUpgrade = true;
+    flake = "git+file:///home/qaristote/code/nix/machines/latitude-7490";
+    gc.enable = true;
+  };
+
+  system.autoUpgrade.flags =
+    let update-input = input: [ "--update-input" input ];
+    in update-input "home-manager" ++ update-input "nixos-hardware"
+    ++ [ "--impure" ];
+
+  # make auto-upgrade service lightweight
+  systemd.services.nixos-upgrade.unitConfig = { CPUWeight = 1; };
+}
diff --git a/nixos/services.nix b/nixos/services.nix
deleted file mode 100644
index 908913c..0000000
--- a/nixos/services.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ lib, config, pkgs, ... }:
-
-{
-  # List services that you want to enable:
-
-  # Enable the OpenSSH daemon.
-  # services.openssh.enable = true;
-
-  systemd.services = {
-    nix-gc-remove-dead-roots = {
-      enable = true;
-      description = "Remove dead symlinks in /nix/var/nix/gcroots";
-
-      serviceConfig.Type = "oneshot";
-
-      script = "find /nix/var/nix/gcroots -xtype l -delete";
-
-      before = lib.mkIf config.nix.gc.automatic [ "nix-gc.service" ];
-      wantedBy = lib.mkIf config.nix.gc.automatic [ "nix-gc.service" ];
-    };
-
-    nixos-upgrade.unitConfig = {
-      CPUWeight = 1;
-    };
-  };
-
-  # virtualisation.docker.enable = true;
-}
diff --git a/nixos/users.nix b/nixos/users.nix
index 2b1a630..b7512e8 100644
--- a/nixos/users.nix
+++ b/nixos/users.nix
@@ -1,20 +1,16 @@
-{ config, lib, ... }:
+{ home, home-manager, ... }:
 
-let cfg = config.users.users;
-in {
-  users.users.qaristote = {
-    isNormalUser = true;
-    extraGroups = [
-      "wheel" # Enable ‘sudo’ for the user.
-      "audio"
-      "networkmanager"
-      "docker"
-    ];
+{
+  imports = [ home-manager.nixosModules.home-manager ];
+
+  personal.user = {
+    enable = true;
+    name = "qaristote";
   };
 
   home-manager = {
-    users.qaristote = (import (/home/qaristote/.config/nixpkgs));
+    users.qaristote = home.qaristote;
     useGlobalPkgs = false;
-    useUserPackages = true; # to enable fontconfig inside home-manager
+    useUserPackages = true;
   };
 }