reworked file layout

reworked impermanence

README.md

@@ -3,11 +3,6 @@
 ## Structure
 
 - `hosts/` contain nixos configuration for hosts
-    - `common/` shared configuration modules
-        - `core/` base configuration shared on all machines
-        - `dev/` configuration enabling dev environment
-        - `graphical/` configuration for graphical environments
-        - `hardware/` configuration for hardware components
     - `<hostname>/` configuration for hosts
         - `default.nix` Toplevel system definition
         - `fs.nix` file system definiton
@@ -15,8 +10,13 @@
         - `secrets/` secrets local to this hosts
             - `secrets.nix.age` local secrets usable on deploy
             - `host.pub` host public key, needed for rekeying agenix secrets
-- `modules/` extra nixos modules
+- `modules/` extra nixos modules and shared configurations
     - `secrets.nix` module to enable deploy-time secrets
+    - `config/` base configuration used on all machines
+    - `dev/` configuration options enabling developer environment
+    - `graphical/` configuration for graphical environments
+    - `hardware/` configuration for hardware components
+    - `impermanence/` impermanence modules for hosts
 - `nix/` additional nix functions
     - `checks.nix` pre-commit checks
     - `colmena.nix` Setup for using colmena to deploy
@@ -34,7 +34,6 @@
         - `graphical/` configuration for graphical programs
         - `programs/` configuration for miscellaneous programs
         - `shells/` configuration for shells
-        - `impermanence.nix` hm-impermanence setup for users
         - `default.nix` minimal setup for all users
         - `interactive.nix` minimal setup for interactive users on a command line
         - `graphical.nix` configuration for users utilizing a graphical interface

flake.nix

@@ -116,7 +116,7 @@
         inherit pkgs;
         modules = [
           ./nix/installer-configuration.nix
-          ./hosts/common/core/ssh.nix
+          ./modules/os-conf/core/ssh.nix
           {system.stateVersion = stateVersion;}
         ];
         format =

hosts/desktopnix/default.nix

@@ -5,19 +5,18 @@
     inputs.nixos-hardware.nixosModules.common-pc-hdd
     inputs.nixos-hardware.nixosModules.common-pc-ssd
 
-    ../common/core
-    ../common/dev
+    ../../modules/config
+    ../../modules/dev
 
-    ../common/graphical/fonts.nix
-    ../common/graphical/steam.nix
+    ../../modules/impermanence
 
-    ../common/hardware/bluetooth.nix
-    ../common/hardware/intel.nix
-    ../common/hardware/nvidia.nix
-    ../common/hardware/physical.nix
-    ../common/hardware/pipewire.nix
-    ../common/hardware/yubikey.nix
-    ../common/hardware/zfs.nix
+    ../../modules/hardware/bluetooth.nix
+    ../../modules/hardware/intel.nix
+    ../../modules/hardware/nvidia.nix
+    ../../modules/hardware/physical.nix
+    ../../modules/hardware/pipewire.nix
+    ../../modules/hardware/yubikey.nix
+    ../../modules/hardware/zfs.nix
 
     ./net.nix
     ./fs.nix

hosts/patricknix/default.nix

@@ -5,22 +5,21 @@
     inputs.nixos-hardware.nixosModules.common-pc-laptop
     inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd
 
-    ../common/core
-    ../common/dev
+    ../../modules/config
+    ../../modules/dev
 
-    ../common/graphical/fonts.nix
-    ../common/graphical/steam.nix
+    ../../modules/impermanence
 
-    ../common/hardware/bluetooth.nix
-    ../common/hardware/intel.nix
-    ../common/hardware/laptop.nix
-    ../common/hardware/physical.nix
-    ../common/hardware/pipewire.nix
-    ../common/hardware/yubikey.nix
-    ../common/hardware/zfs.nix
+    ../../modules/hardware/bluetooth.nix
+    ../../modules/hardware/laptop.nix
+    ../../modules/hardware/intel.nix
+    ../../modules/hardware/nvidia.nix
+    ../../modules/hardware/physical.nix
+    ../../modules/hardware/pipewire.nix
+    ../../modules/hardware/yubikey.nix
+    ../../modules/hardware/zfs.nix
 
-    ../common/hardware/nvidia.nix
-    ../common/hardware/prime-offload.nix
+    ../../modules/hardware/prime-offload.nix
 
     ./net.nix
     ./fs.nix

hosts/testienix/default.nix

@@ -4,11 +4,11 @@
     inputs.nixos-hardware.nixosModules.common-pc-ssd
 
     # TODO: sollte entfernt werden für server
-    ../common/core
+    ../../modules/config
 
-    ../common/hardware/intel.nix
-    ../common/hardware/physical.nix
-    ../common/hardware/zfs.nix
+    ../../modules/hardware/intel.nix
+    ../../modules/hardware/physical.nix
+    ../../modules/hardware/zfs.nix
 
     ./net.nix
     ./fs.nix

modules/config/default.nix

@@ -1,8 +1,8 @@
 {inputs, ...}: {
   imports = [
     ./efi.nix
+    ./fonts.nix
     ./home-manager.nix
-    ./impermanence.nix
     ./inputrc.nix
     ./issue.nix
     ./net.nix
@@ -11,10 +11,10 @@
     ./system.nix
     ./xdg.nix
 
-    ../../../users/root
+    ../../users/root
 
-    ../../../modules/secrets.nix
-    ../../../modules/meta.nix
+    ../secrets.nix
+    ../meta.nix
 
     inputs.home-manager.nixosModules.default
     inputs.impermanence.nixosModules.impermanence

modules/config/home-manager.nix

@@ -1,10 +1,4 @@
-{
-  stateVersion,
-  config,
-  inputs,
-  pkgs,
-  ...
-}: {
+{stateVersion, ...}: {
   home-manager = {
     useGlobalPkgs = true;
     useUserPackages = true;
@@ -13,11 +7,7 @@
       {
         home.stateVersion = stateVersion;
       }
-      inputs.impermanence.nixosModules.home-manager.impermanence
     ];
-    extraSpecialArgs = {
-      nixosConfig = config;
-    };
   };
   # HM zsh needs this or else the startup order is fucked
   # and env variables will be loaded incorrectly

modules/config/system.nix

@@ -61,7 +61,7 @@
     local = config.node.secretsDir + "/secrets.nix.age";
   in
     {
-      global = ../../../secrets/secrets.nix.age;
+      global = ../../secrets/secrets.nix.age;
     }
     // lib.optionalAttrs (config.node.name != null && lib.pathExists local) {inherit local;};
 }

modules/graphical/fonts.nix

@@ -0,0 +1,52 @@
+{pkgs, ...}: {
+  fonts = {
+    enableGhostscriptFonts = false;
+    fontDir.enable = false;
+    fontconfig = {
+      defaultFonts = {
+        sansSerif = ["IBM Plex Sans"];
+        serif = ["IBM Plex Sans"];
+        monospace = ["FiraCode Nerd Font"];
+        emoji = ["Noto Color Emoji"];
+      };
+      localConf = ''
+        <?xml version="1.0"?>
+        <!DOCTYPE fontconfig SYSTEM "fonts.dtd">
+        <fontconfig>
+            <alias binding="weak">
+                <family>monospace</family>
+                <prefer>
+                    <family>emoji</family>
+                </prefer>
+            </alias>
+            <alias binding="weak">
+                <family>sans-serif</family>
+                <prefer>
+                    <family>emoji</family>
+                </prefer>
+            </alias>
+            <alias binding="weak">
+                <family>serif</family>
+                <prefer>
+                    <family>emoji</family>
+                </prefer>
+            </alias>
+        </fontconfig>
+      '';
+    };
+    packages = with pkgs; [
+      (nerdfonts.override {fonts = ["FiraCode"];})
+      ibm-plex
+      dejavu_fonts
+      unifont
+      freefont_ttf
+      gyre-fonts # TrueType substitutes for standard PostScript fonts
+      liberation_ttf
+      noto-fonts
+      noto-fonts-cjk-sans
+      noto-fonts-cjk-serif
+      noto-fonts-emoji
+      noto-fonts-extra
+    ];
+  };
+}

modules/impermanence/users.nix

@@ -0,0 +1,45 @@
+userName: {
+  config,
+  lib,
+  ...
+}: {
+  environment.persistence."/state" = {
+    users.${userName} = let
+      hmConfig = config.home-manager.users.${userName};
+    in {
+      files = [
+        ".ssh/known_hosts"
+      ];
+      directories = with lib.lists;
+        []
+        ++
+        # firefox cannot be a symlink as home manager refuses put files outside your $HOME
+        optionals hmConfig.programs.firefox.enable [
+          ".mozilla"
+        ]
+        ++ optionals hmConfig.programs.atuin.enable [
+          ".local/share/atuin"
+        ]
+        ++ optionals hmConfig.programs.direnv.enable [
+          ".local/share/direnv"
+        ]
+        ++ optionals hmConfig.programs.neovim.enable [
+          ".local/share/nvim"
+          ".local/state/nvim"
+          ".cache/nvim"
+        ]
+        # root should never use interactive programs
+        ++ optionals config.services.pipewire.enable [
+          # persist sound config
+          ".local/state/wireplumber"
+        ]
+        # Folders for steam
+        ++ optionals config.programs.steam.enable
+        [
+          ".local/share/Steam"
+          ".steam"
+          ".local/share//Daedalic Entertainment GmbH/"
+        ];
+    };
+  };
+}

modules/secrets.nix

@@ -1,6 +1,5 @@
 {
   lib,
-  pkgs,
   inputs,
   config,
   ...
@@ -14,7 +13,6 @@
     types
     mkOption
     mdDoc
-    mkIf
     literalExpression
     ;
   # If the given expression is a bare set, it will be wrapped in a function,

users/common/default.nix

@@ -4,8 +4,6 @@
     ./shells/zsh
 
     ./programs/gpg
-
-    ./impermanence.nix
   ];
 
   home.packages = with pkgs; [

users/common/impermanence.nix

@@ -1,50 +0,0 @@
-{
-  pkgs,
-  config,
-  lib,
-  nixosConfig,
-  ...
-}: {
-  home.persistence."/state/${config.home.homeDirectory}" = with lib.lists; {
-    allowOther = true;
-    files = [
-      ".ssh/known_hosts"
-    ];
-    directories =
-      # firefox cannot be a symlink as home manager refuses put files outside your $HOME
-      optionals config.programs.firefox.enable [
-        ".mozilla"
-      ]
-      ++ pkgs.lib.impermanence.makeSymlinks (
-        optionals config.programs.atuin.enable [
-          ".local/share/atuin"
-        ]
-        ++ optionals config.programs.direnv.enable [
-          ".local/share/direnv"
-        ]
-        ++ optionals config.programs.neovim.enable [
-          ".local/share/nvim"
-          ".local/state/nvim"
-          ".cache/nvim"
-        ]
-        ++ optionals (builtins.elem pkgs.heroic config.home.packages) [
-          ".config/heroic"
-          "Games/Heroic"
-        ]
-        # root should never use interactive programs
-        ++ optionals nixosConfig.users.users.${config.home.username}.isNormalUser (
-          optionals nixosConfig.services.pipewire.enable [
-            # persist sound config
-            ".local/state/wireplumber"
-          ]
-          # Folders for steam
-          ++ optionals nixosConfig.programs.steam.enable
-          [
-            ".local/share/Steam"
-            ".steam"
-            ".local/share//Daedalic Entertainment GmbH/"
-          ]
-        )
-      );
-  };
-}

users/patrick/default.nix

@@ -5,7 +5,10 @@
 }: {
   # enable nixos wide wayland config
   imports = [
-    ../../hosts/common/graphical/wayland.nix
+    ../../modules/graphical/wayland.nix
+    ../../modules/graphical/steam.nix
+    (import ../../modules/impermanence/users.nix "patrick")
+    ./impermanence.nix
   ];
 
   users.users.patrick = {
@@ -28,7 +31,6 @@
     imports = [
       ./patrick.nix
       ./ssh.nix
-      ./impermanence.nix
       ../common
       ../common/interactive.nix
       ../common/graphical

users/patrick/impermanence.nix

@@ -1,17 +1,12 @@
 {
-  config,
-  pkgs,
-  ...
-}: {
-  home = {
-    persistence."/state/${config.home.homeDirectory}" = {
-      allowOther = true;
-      directories = pkgs.lib.impermanence.makeSymlinks [
+  environment = {
+    persistence."/state".users.patrick = {
+      directories = [
         "repos"
         "Downloads"
 
         # For nextcloud client install
-        "./Nextcloud"
+        "Nextcloud"
         ".config/Nextcloud"
 
         # for electron signal app state

users/patrick/patrick.nix

@@ -2,7 +2,6 @@
   home = {
     packages = with pkgs; [
       nextcloud-client
-      heroic
       discord
     ];
   };

users/patrick/ssh.nix

@@ -35,19 +35,6 @@
         inherit identityFile;
       };
 
-      "WSALVM" = {
-        hostname = "172.10.8.156";
-        user = "root";
-        inherit identityFile;
-      };
-
-      "CompConst" = {
-        hostname = "cp-service.kaist.ac.kr";
-        user = "s20236085";
-        port = 13001;
-        inherit identityFile;
-      };
-
       "valhalla" = {
         hostname = "valhalla.fs.tum.de";
         user = "grossmann";