Modularised configs

nixos/homeserver.nix

@@ -9,8 +9,13 @@
   imports = [
     ./core.nix
     ./homeserver/hardware-configuration.nix
+    ./homeserver/packages.nix
+    ./homeserver/programs.nix
+    ./homeserver/services.nix
     ./homeserver/filesystems.nix
     ./homeserver/firewall.nix
+    ./homeserver/virtualisation.nix
+    ./homeserver/environment.nix
   ];
 
   # Allow unfree packages
@@ -59,34 +64,6 @@
     '';
   };
 
-  environment.etc =
-    lib.mapAttrs'
-    (name: value: {
-      name = "nix/path/${name}";
-      value.source = value.flake;
-    })
-    config.nix.registry
-    // {
-      "justfile" = {
-        text = ''
-          default:
-              @just -g --list
-
-          update-root:
-              if `/usr/bin/env grep -Rq "nixos" /etc/*-release`; then \
-                  nixos-rebuild switch --flake /home/cianh/.config/nix/#$HOSTNAME; \
-              fi
-        '';
-        mode = "0644";
-      };
-      "root_gitconfig" = {
-        text = ''
-          [safe]
-              directory = /home/cianh/.config/nix
-        '';
-      };
-    };
-
   system.activationScripts.linkRootJustfile = {
     text = ''
       ln -sf /etc/justfile /root/.justfile
@@ -120,71 +97,6 @@
     };
   };
 
-  # $ nix search wget
-  environment.systemPackages = [
-    pkgs.pinentry-tty
-  ];
-
-  # Enable the OpenSSH daemon and other remote tools.
-  services.openssh = {
-    enable = true;
-    settings = {
-      PasswordAuthentication = false;
-      KbdInteractiveAuthentication = false;
-    };
-    extraConfig = "UsePAM yes";
-  };
-  # Modify the SSH service to prioritise because server is headless
-  systemd.services.sshd = {
-    requires = []; # Remove any non-essential dependencies
-    after = ["network.target"]; # Only need to wait for networking (obviously)
-    serviceConfig = {
-      # If SSH dies, we want to restart it asap
-      Restart = "always";
-      RestartSec = "3";
-      StartLimitIntervalSec = "0";
-      # The CPU should never be too busy to respond to SSH
-      CPUSchedulingPolicy = "rr";
-      CPUSchedulingPriority = "99";
-      IOSchedulingClass = "realtime";
-      IOSchedulingPriority = "0";
-      # Finally, if the system hits an OOM, for the love of god dont kill SSH until last
-      OOMScoreAdjust = "-1000";
-    };
-  };
-
-  # Add custom services
-  systemd.services.pueued = {
-    enable = true;
-    description = "Pueue Daemon - CLI process scheduler and manager";
-    wantedBy = ["default.target"];
-    serviceConfig = {
-      Restart = "no";
-      ExecStart = "${pkgs.pueue.outPath}/bin/pueued -vv";
-    };
-  };
-
-  # Enable GPG signing
-  services.pcscd.enable = true;
-  programs.gnupg.agent = {
-    enable = true;
-    pinentryPackage = pkgs.pinentry-tty;
-    enableSSHSupport = true;
-  };
-
-  virtualisation = {
-    containers.enable = true;
-
-    podman = {
-      enable = true;
-      # Create a `docker` alias for podman, to use it as a drop-in replacement
-      dockerCompat = true;
-      dockerSocket.enable = true;
-      # Required for containers under podman-compose to be able to talk to each other.
-      defaultNetwork.settings.dns_enabled = true;
-    };
-  };
-
   system = {
     stateVersion = "24.11"; # Did you read the comment?
     autoUpgrade.enable = true;

nixos/homeserver/environment.nix

@@ -0,0 +1,39 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  environment.etc =
+    lib.mapAttrs'
+    (name: value: {
+      name = "nix/path/${name}";
+      value.source = value.flake;
+    })
+    config.nix.registry
+    // {
+      "justfile" = {
+        text = ''
+          default:
+              @just -g --list
+
+          update-root:
+              if `/usr/bin/env grep -Rq "nixos" /etc/*-release`; then \
+                  nixos-rebuild switch --flake /home/cianh/.config/nix/#$HOSTNAME; \
+              fi
+        '';
+        mode = "0644";
+      };
+      "root_gitconfig" = {
+        text = ''
+          [safe]
+              directory = /home/cianh/.config/nix
+        '';
+      };
+    };
+  environment.systemPackages = [
+    pkgs.pinentry-tty
+  ];
+}

nixos/homeserver/packages.nix

@@ -0,0 +1,9 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+}

nixos/homeserver/programs.nix

@@ -0,0 +1,14 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  programs.gnupg.agent = {
+    enable = true;
+    pinentryPackage = pkgs.pinentry-tty;
+    enableSSHSupport = true;
+  };
+}

nixos/homeserver/services.nix

@@ -0,0 +1,51 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  services = {
+    # Enable the OpenSSH daemon and other remote tools.
+    openssh = {
+      enable = true;
+      settings = {
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+      };
+      extraConfig = "UsePAM yes";
+      # Enable GPG signing
+      pcscd.enable = true;
+    };
+  };
+  # Modify the SSH service to prioritise because server is headless
+  systemd.services.sshd = {
+    requires = []; # Remove any non-essential dependencies
+    after = ["network.target"]; # Only need to wait for networking (obviously)
+    serviceConfig = {
+      # If SSH dies, we want to restart it asap
+      Restart = "always";
+      RestartSec = "3";
+      StartLimitIntervalSec = "0";
+      # The CPU should never be too busy to respond to SSH
+      CPUSchedulingPolicy = "rr";
+      CPUSchedulingPriority = "99";
+      IOSchedulingClass = "realtime";
+      IOSchedulingPriority = "0";
+      # Finally, if the system hits an OOM, for the love of god dont kill SSH until last
+      OOMScoreAdjust = "-1000";
+    };
+  };
+
+  # Add custom services
+  systemd.services.pueued = {
+    enable = true;
+    description = "Pueue Daemon - CLI process scheduler and manager";
+    wantedBy = ["default.target"];
+    serviceConfig = {
+      Restart = "no";
+      ExecStart = "${pkgs.pueue.outPath}/bin/pueued -vv";
+    };
+  };
+}

nixos/homeserver/virtualisation.nix

@@ -0,0 +1,21 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  virtualisation = {
+    containers.enable = true;
+
+    podman = {
+      enable = true;
+      # Create a `docker` alias for podman, to use it as a drop-in replacement
+      dockerCompat = true;
+      dockerSocket.enable = true;
+      # Required for containers under podman-compose to be able to talk to each other.
+      defaultNetwork.settings.dns_enabled = true;
+    };
+  };
+}

nixos/worklaptop.nix

@@ -9,6 +9,11 @@
   imports = [
     ./core.nix
     ./worklaptop/hardware-configuration.nix
+    ./worklaptop/packages.nix
+    ./worklaptop/programs.nix
+    ./worklaptop/services.nix
+    ./worklaptop/virtualisation.nix
+    ./worklaptop/environment.nix
     ./worklaptop/theming.nix
   ];
 
@@ -47,11 +52,6 @@
     };
   };
   hardware.nvidia-container-toolkit.enable = true;
-  environment.sessionVariables = {
-    LIBVA_DRIVER_NAME = "iHD";
-    NIXOS_OZONE_WL = "1";
-    ELECTRON_OZONE_PLATFORM_HINT = "wayland";
-  };
 
   # Bootloader.
   boot = {
@@ -109,47 +109,11 @@
     '';
   };
 
-  environment.etc =
-    lib.mapAttrs'
-    (name: value: {
-      name = "nix/path/${name}";
-      value.source = value.flake;
-    })
-    config.nix.registry;
-
-  # Load nvidia driver for Xorg and Wayland
-  services = {
-    xserver = {
-      videoDrivers = ["nvidia"]; # or "nvidiaLegacy470 etc.
-      enable = true;
-      displayManager.gdm.enable = true;
-      desktopManager.gnome.enable = false;
-      xkb = {
-        layout = "ie";
-        variant = "";
-      };
-    };
-  };
-
   # Configure console keymap
   console.keyMap = "ie";
 
-  # Enable CUPS to print documents.
-  # services.printing.enable = true;
-
-  # Enable sound with pipewire.
   hardware.pulseaudio.enable = false;
   security.rtkit.enable = true;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-
-    # use the example session manager (no others are packaged yet so this is enabled by default,
-    # no need to redefine it in your config for now)
-    #media-session.enable = true;
-  };
 
   users.users.cianh = {
     isNormalUser = true;
@@ -172,67 +136,7 @@
     chmod 0444 /var/lib/AccountsService/icons/cianh
   '';
 
-  # $ nix search wget
-  environment.systemPackages = [
-    pkgs.flatpak
-    pkgs.gdm
-    pkgs.grub2_efi
-    pkgs.hyprland
-    pkgs.hyprlock
-    pkgs.hyprpaper
-    pkgs.hyprpicker
-    pkgs.hyprshot
-    pkgs.mosh
-    pkgs.nix-ld
-    pkgs.nmap
-    pkgs.nodejs
-    pkgs.phinger-cursors
-    pkgs.pinentry-gnome3
-    pkgs.qmk
-    pkgs.qmk-udev-rules
-    pkgs.qmk_hid
-    pkgs.seahorse
-    pkgs.sway # More stable, backup DE
-    pkgs.wayland
-    pkgs.wayland-utils
-    pkgs.xdg-desktop-portal-gtk
-    pkgs.xdg-desktop-portal-hyprland
-    pkgs.xdg-desktop-portal-wlr
-    pkgs.xdg-desktop-portal-xapp
-    pkgs.xfce.thunar
-    pkgs.xfce.tumbler
-    unstablePkgs.ghostty
-    unstablePkgs.libnotify
-    unstablePkgs.ruff
-    unstablePkgs.swaynotificationcenter
-    unstablePkgs.uv
-    unstablePkgs.waybar
-    unstablePkgs.wofi
-  ];
-
   hardware.keyboard.qmk.enable = true;
-
-  # Activate DEs
-  programs.hyprland = {
-    enable = true;
-    xwayland.enable = true;
-  };
-  programs.sway = {
-    enable = true;
-    extraOptions = ["--unsupported-gpu"];
-  };
-  programs.waybar.enable = true;
-
-  # Enable my preferred DE utilities
-  programs.thunar.enable = true;
-  programs.thunar.plugins = [
-    pkgs.xfce.thunar-volman
-    pkgs.xfce.thunar-archive-plugin
-    pkgs.xfce.thunar-media-tags-plugin
-  ];
-  services.gvfs.enable = true;
-  services.tumbler.enable = true;
-  programs.xfconf.enable = true;
   xdg.portal = {
     enable = true;
     wlr.enable = true;
@@ -242,86 +146,6 @@
     ];
   };
 
-  # Disable automatically activated programs i dont want
-  programs.foot.enable = false;
-
-  # Lets also activate some handy devenv tools
-  programs.direnv.enable = true;
-  programs.direnv.nix-direnv.enable = true;
-  programs.nix-ld = {
-    enable = true;
-    libraries = [
-      pkgs.acl
-      pkgs.alsa-lib
-      pkgs.at-spi2-core
-      pkgs.attr
-      pkgs.bzip2
-      pkgs.curl
-      pkgs.dbus
-      pkgs.expat
-      pkgs.glib
-      pkgs.libsodium
-      pkgs.libssh
-      pkgs.libxml2
-      pkgs.nspr
-      pkgs.nss
-      pkgs.openssl
-      pkgs.pango
-      pkgs.stdenv.cc
-      pkgs.systemd
-      pkgs.util-linux
-      pkgs.vulkan-loader
-      pkgs.xz
-      pkgs.zlib
-      pkgs.zstd
-    ];
-  };
-
-  # Enable flatpaks
-  services.flatpak.enable = true;
-
-  # Enable the OpenSSH daemon and other remote tools.
-  services.openssh.enable = true;
-  programs.mosh.enable = true;
-
-  # Add custom services
-  systemd.services.pueued = {
-    enable = true;
-    description = "Pueue Daemon - CLI process scheduler and manager";
-    wantedBy = ["default.target"];
-    serviceConfig = {
-      Restart = "no";
-      ExecStart = "${pkgs.pueue.outPath}/bin/pueued -vv";
-    };
-  };
-
-  # Enable GPG signing
-  services.gnome.gnome-keyring.enable = true;
-  programs.seahorse.enable = true; # enable the graphical frontend
-  security.pam.services.gdm.enableGnomeKeyring = true; # load gnome-keyring at startup
-  services.pcscd.enable = true;
-  programs.gnupg.agent = {
-    enable = true;
-    pinentryPackage = pkgs.pinentry-gnome3;
-    enableSSHSupport = true;
-  };
-
-  virtualisation = {
-    containers.enable = true;
-
-    podman = {
-      enable = true;
-      # Create a `docker` alias for podman, to use it as a drop-in replacement
-      dockerCompat = true;
-      dockerSocket.enable = true;
-      # Required for containers under podman-compose to be able to talk to each other.
-      defaultNetwork.settings.dns_enabled = true;
-    };
-
-    libvirtd.enable = true;
-  };
-  programs.virt-manager.enable = true;
-
   system = {
     stateVersion = "23.11"; # Did you read the comment?
     autoUpgrade.enable = true;

nixos/worklaptop/environment.nix

@@ -0,0 +1,23 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  environment = {
+    sessionVariables = {
+      LIBVA_DRIVER_NAME = "iHD";
+      NIXOS_OZONE_WL = "1";
+      ELECTRON_OZONE_PLATFORM_HINT = "wayland";
+    };
+    etc =
+      lib.mapAttrs'
+      (name: value: {
+        name = "nix/path/${name}";
+        value.source = value.flake;
+      })
+      config.nix.registry;
+  };
+}

nixos/worklaptop/packages.nix

@@ -0,0 +1,45 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  environment.systemPackages = [
+    pkgs.flatpak
+    pkgs.gdm
+    pkgs.grub2_efi
+    pkgs.hyprland
+    pkgs.hyprlock
+    pkgs.hyprpaper
+    pkgs.hyprpicker
+    pkgs.hyprshot
+    pkgs.mosh
+    pkgs.nix-ld
+    pkgs.nmap
+    pkgs.nodejs
+    pkgs.phinger-cursors
+    pkgs.pinentry-gnome3
+    pkgs.qmk
+    pkgs.qmk-udev-rules
+    pkgs.qmk_hid
+    pkgs.seahorse
+    pkgs.sway # More stable, backup DE
+    pkgs.wayland
+    pkgs.wayland-utils
+    pkgs.xdg-desktop-portal-gtk
+    pkgs.xdg-desktop-portal-hyprland
+    pkgs.xdg-desktop-portal-wlr
+    pkgs.xdg-desktop-portal-xapp
+    pkgs.xfce.thunar
+    pkgs.xfce.tumbler
+    unstablePkgs.ghostty
+    unstablePkgs.libnotify
+    unstablePkgs.ruff
+    unstablePkgs.swaynotificationcenter
+    unstablePkgs.uv
+    unstablePkgs.waybar
+    unstablePkgs.wofi
+  ];
+}

nixos/worklaptop/programs.nix

@@ -0,0 +1,73 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  # Activate DEs
+  programs.hyprland = {
+    enable = true;
+    xwayland.enable = true;
+  };
+  programs.sway = {
+    enable = true;
+    extraOptions = ["--unsupported-gpu"];
+  };
+  programs.waybar.enable = true;
+
+  # Enable my preferred DE utilities
+  programs.thunar.enable = true;
+  programs.thunar.plugins = [
+    pkgs.xfce.thunar-volman
+    pkgs.xfce.thunar-archive-plugin
+    pkgs.xfce.thunar-media-tags-plugin
+  ];
+  programs.xfconf.enable = true;
+
+  # Disable automatically activated programs i dont want
+  programs.foot.enable = false;
+
+  # Lets also activate some handy devenv tools
+  programs.direnv.enable = true;
+  programs.direnv.nix-direnv.enable = true;
+  programs.nix-ld = {
+    enable = true;
+    libraries = [
+      pkgs.acl
+      pkgs.alsa-lib
+      pkgs.at-spi2-core
+      pkgs.attr
+      pkgs.bzip2
+      pkgs.curl
+      pkgs.dbus
+      pkgs.expat
+      pkgs.glib
+      pkgs.libsodium
+      pkgs.libssh
+      pkgs.libxml2
+      pkgs.nspr
+      pkgs.nss
+      pkgs.openssl
+      pkgs.pango
+      pkgs.stdenv.cc
+      pkgs.systemd
+      pkgs.util-linux
+      pkgs.vulkan-loader
+      pkgs.xz
+      pkgs.zlib
+      pkgs.zstd
+    ];
+  };
+
+  programs.mosh.enable = true;
+
+  programs.seahorse.enable = true; # enable the graphical frontend
+  programs.gnupg.agent = {
+    enable = true;
+    pinentryPackage = pkgs.pinentry-gnome3;
+    enableSSHSupport = true;
+  };
+  programs.virt-manager.enable = true;
+}

nixos/worklaptop/services.nix

@@ -0,0 +1,53 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  services = {
+    xserver = {
+      videoDrivers = ["nvidia"]; # or "nvidiaLegacy470 etc.
+      enable = true;
+      displayManager.gdm.enable = true;
+      desktopManager.gnome.enable = false;
+      xkb = {
+        layout = "ie";
+        variant = "";
+      };
+    };
+    pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+    };
+
+    gvfs.enable = true;
+    tumbler.enable = true;
+
+    # Enable flatpaks
+    flatpak.enable = true;
+
+    # Enable the OpenSSH daemon and other remote tools.
+    openssh.enable = true;
+
+    gnome.gnome-keyring.enable = true;
+    pcscd.enable = true;
+  };
+
+  # Add custom services
+  systemd.services.pueued = {
+    enable = true;
+    description = "Pueue Daemon - CLI process scheduler and manager";
+    wantedBy = ["default.target"];
+    serviceConfig = {
+      Restart = "no";
+      ExecStart = "${pkgs.pueue.outPath}/bin/pueued -vv";
+    };
+  };
+
+  # Enable GPG signing
+  security.pam.services.gdm.enableGnomeKeyring = true; # load gnome-keyring at startup
+}

nixos/worklaptop/virtualisation.nix

@@ -0,0 +1,23 @@
+{
+  inputs,
+  lib,
+  config,
+  pkgs,
+  unstablePkgs,
+  ...
+}: {
+  virtualisation = {
+    containers.enable = true;
+
+    podman = {
+      enable = true;
+      # Create a `docker` alias for podman, to use it as a drop-in replacement
+      dockerCompat = true;
+      dockerSocket.enable = true;
+      # Required for containers under podman-compose to be able to talk to each other.
+      defaultNetwork.settings.dns_enabled = true;
+    };
+
+    libvirtd.enable = true;
+  };
+}