chore: centralise folders

2025-12-06 09:07:21 +01:00 · 2025-07-04 00:27:16 +02:00 · 2025-07-04 00:27:16 +02:00 · 34badc91d5
commit 34badc91d5
parent 7d614f784c
152 changed files with 6292 additions and 6645 deletions
--- a/files/templates/hosts/nixos/default.nix
+++ b/files/templates/hosts/nixos/default.nix
@ -0,0 +1,61 @@
+{ self, inputs, pkgs, lib, globals, ... }:
+let
+  modulesPath = "${self}/modules";
+  sharedOptions = {
+    isBtrfs = true;
+  };
+  primaryUser = globals.user.name;
+in
+{
+
+  imports = [
+    # ---- nixos-hardware here ----
+
+    ./hardware-configuration.nix
+    ./disk-config.nix
+
+    "${modulesPath}/nixos/optional/virtualbox.nix"
+    # "${modulesPath}/nixos/optional/vmware.nix"
+    "${modulesPath}/nixos/optional/autologin.nix"
+    "${modulesPath}/nixos/optional/nswitch-rcm.nix"
+    "${modulesPath}/nixos/optional/gaming.nix"
+
+    inputs.home-manager.nixosModules.home-manager
+    {
+      home-manager.users."${primaryUser}".imports = [
+        "${modulesPath}/home/optional/gaming.nix"
+      ];
+    }
+  ];
+
+  boot = {
+    kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
+  };
+
+  networking = {
+    hostName = "TEMPLATE";
+    firewall.enable = true;
+  };
+
+  swarselsystems = lib.recursiveUpdate
+    {
+      wallpaper = self + /files/wallpaper/lenovowp.png;
+      hasBluetooth = true;
+      hasFingerprint = true;
+      isImpermanence = true;
+      isSecureBoot = true;
+      isCrypted = true;
+      isSwap = true;
+      swapSize = "32G";
+      rootDisk = "TEMPLATE";
+    }
+    sharedOptions;
+
+  home-manager.users."${primaryUser}".swarselsystems = lib.recursiveUpdate
+    {
+      isLaptop = true;
+      isNixos = true;
+      cpuCount = 16;
+    }
+    sharedOptions;
+}
--- a/files/templates/hosts/nixos/disk-config.nix
+++ b/files/templates/hosts/nixos/disk-config.nix
@ -0,0 +1,122 @@
+{ lib, pkgs, config, rootDisk, ... }:
+let
+  type = "btrfs";
+  extraArgs = [ "-L" "nixos" "-f" ]; # force overwrite
+  subvolumes = {
+    "/root" = {
+      mountpoint = "/";
+      mountOptions = [
+        "subvol=root"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/home" = lib.mkIf config.swarselsystems.isImpermanence {
+      mountpoint = "/home";
+      mountOptions = [
+        "subvol=home"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/persist" = lib.mkIf config.swarselsystems.isImpermanence {
+      mountpoint = "/persist";
+      mountOptions = [
+        "subvol=persist"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/log" = lib.mkIf config.swarselsystems.isImpermanence {
+      mountpoint = "/var/log";
+      mountOptions = [
+        "subvol=log"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/nix" = {
+      mountpoint = "/nix";
+      mountOptions = [
+        "subvol=nix"
+        "compress=zstd"
+        "noatime"
+      ];
+    };
+    "/swap" = lib.mkIf config.swarselsystems.isSwap {
+      mountpoint = "/.swapvol";
+      swap.swapfile.size = config.swarselsystems.swapSize;
+    };
+  };
+in
+{
+  disko.devices = {
+    disk = {
+      disk0 = {
+        type = "disk";
+        device = config.swarselsystems.rootDisk;
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              priority = 1;
+              name = "ESP";
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "defaults" ];
+              };
+            };
+            root = lib.mkIf (!config.swarselsystems.isCrypted) {
+              size = "100%";
+              content = {
+                inherit type subvolumes extraArgs;
+                postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
+                  MNTPOINT=$(mktemp -d)
+                  mount "/dev/disk/by-label/nixos" "$MNTPOINT" -o subvolid=5
+                  trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
+                  btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
+                '';
+              };
+            };
+            luks = lib.mkIf config.swarselsystems.isCrypted {
+              size = "100%";
+              content = {
+                type = "luks";
+                name = "cryptroot";
+                passwordFile = "/tmp/disko-password"; # this is populated by bootstrap.sh
+                settings = {
+                  allowDiscards = true;
+                  # https://github.com/hmajid2301/dotfiles/blob/a0b511c79b11d9b4afe2a5e2b7eedb2af23e288f/systems/x86_64-linux/framework/disks.nix#L36
+                  crypttabExtraOpts = [
+                    "fido2-device=auto"
+                    "token-timeout=10"
+                  ];
+                };
+                content = {
+                  inherit type subvolumes extraArgs;
+                  postCreateHook = lib.mkIf config.swarselsystems.isImpermanence ''
+                    MNTPOINT=$(mktemp -d)
+                    mount "/dev/mapper/cryptroot" "$MNTPOINT" -o subvolid=5
+                    trap 'umount $MNTPOINT; rm -rf $MNTPOINT' EXIT
+                    btrfs subvolume snapshot -r $MNTPOINT/root $MNTPOINT/root-blank
+                  '';
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+
+  fileSystems."/persist".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
+  fileSystems."/home".neededForBoot = lib.mkIf config.swarselsystems.isImpermanence true;
+
+  environment.systemPackages = [
+    pkgs.yubikey-manager
+  ];
+}