wip: migrate client modules

profiles-clone/nixos/default.nix

@@ -0,0 +1,7 @@
+{ lib, ... }:
+let
+  profileNames = lib.swarselsystems.readNix "profiles-clone/nixos";
+in
+{
+  imports = lib.swarselsystems.mkImports profileNames "profiles-clone/nixos";
+}

profiles-clone/nixos/hotel/default.nix

@@ -0,0 +1,12 @@
+{ lib, config, ... }:
+{
+  options.swarselprofiles.hotel = lib.mkEnableOption "is this a hotel host";
+  config = lib.mkIf config.swarselprofiles.hotel {
+    swarselprofiles.personal = true;
+    swarselmodules = {
+      yubikey = false;
+    };
+
+  };
+
+}

profiles-clone/nixos/localserver/default.nix

@@ -0,0 +1,29 @@
+{ lib, config, ... }:
+{
+  options.swarselprofiles.server = lib.mkEnableOption "is this a server";
+  config = lib.mkIf config.swarselprofiles.server {
+    swarselmodules = {
+      general = lib.mkDefault true;
+      lanzaboote = lib.mkDefault true;
+      home-manager = lib.mkDefault true;
+      xserver = lib.mkDefault true;
+      time = lib.mkDefault true;
+      impermanence = lib.mkDefault true;
+      btrfs = lib.mkDefault true;
+      sops = lib.mkDefault true;
+      boot = lib.mkDefault true;
+      nftables = lib.mkDefault true;
+      server = {
+        general = lib.mkDefault true;
+        ids = lib.mkDefault true;
+        network = lib.mkDefault true;
+        diskEncryption = lib.mkDefault true;
+        packages = lib.mkDefault true;
+        ssh = lib.mkDefault true;
+        attic-setup = lib.mkDefault true;
+        dns-hostrecord = lib.mkDefault true;
+      };
+    };
+  };
+
+}

profiles-clone/nixos/microvm/default.nix

@@ -0,0 +1,29 @@
+{ lib, config, ... }:
+{
+  options.swarselprofiles.microvm = lib.mkEnableOption "is this a server";
+  config = lib.mkIf config.swarselprofiles.microvm {
+    swarselsystems = {
+      isLinux = true;
+      isNixos = true;
+    };
+    swarselmodules = {
+      general = lib.mkDefault true;
+      xserver = lib.mkDefault true;
+      time = lib.mkDefault true;
+      impermanence = lib.mkDefault true;
+      btrfs = lib.mkDefault true;
+      sops = lib.mkDefault true;
+      nftables = lib.mkDefault true;
+      server = {
+        general = lib.mkDefault true;
+        ids = lib.mkDefault true;
+        packages = lib.mkDefault true;
+        ssh = lib.mkDefault true;
+        wireguard = lib.mkDefault true;
+        dns-home = lib.mkDefault true;
+        opkssh = true;
+      };
+    };
+  };
+
+}

profiles-clone/nixos/minimal/default.nix

@@ -0,0 +1,29 @@
+{ lib, config, ... }:
+{
+  options.swarselprofiles.minimal = lib.mkEnableOption "declare this a minimal host";
+  config = lib.mkIf config.swarselprofiles.minimal {
+    swarselmodules = {
+      general = lib.mkDefault true;
+      home-manager = lib.mkDefault true;
+      xserver = lib.mkDefault true;
+      lanzaboote = lib.mkDefault true;
+      time = lib.mkDefault true;
+      impermanence = lib.mkDefault true;
+      security = lib.mkDefault true;
+      sops = lib.mkDefault true;
+      zsh = lib.mkDefault true;
+      yubikey = lib.mkDefault true;
+      autologin = lib.mkDefault true;
+      boot = lib.mkDefault true;
+      btrfs = lib.mkDefault true;
+      nftables = lib.mkDefault true;
+
+      server = {
+        ssh = lib.mkDefault true;
+        diskEncryption = lib.mkDefault true;
+      };
+    };
+
+  };
+
+}

profiles-clone/nixos/personal/default.nix

@@ -0,0 +1,63 @@
+{ lib, config, ... }:
+{
+  options.swarselprofiles.personal = lib.mkEnableOption "is this a personal host";
+  config = lib.mkIf config.swarselprofiles.personal {
+    swarselmodules = {
+      # keyd = lib.mkDefault true;
+      appimage = lib.mkDefault true;
+      autologin = lib.mkDefault true;
+      blueman = lib.mkDefault true;
+      boot = lib.mkDefault true;
+      btrfs = lib.mkDefault true;
+      distrobox = lib.mkDefault true;
+      env = lib.mkDefault true;
+      firezone-client = lib.mkDefault true;
+      general = lib.mkDefault true;
+      gnome-keyring = lib.mkDefault true;
+      gvfs = lib.mkDefault true;
+      hardware = lib.mkDefault true;
+      home-manager = lib.mkDefault true;
+      impermanence = lib.mkDefault true;
+      interceptionTools = lib.mkDefault true;
+      keyboards = lib.mkDefault true;
+      lanzaboote = lib.mkDefault true;
+      ledger = lib.mkDefault true;
+      lid = lib.mkDefault true;
+      login = lib.mkDefault true;
+      lowBattery = lib.mkDefault false;
+      nautilus = lib.mkDefault true;
+      network = lib.mkDefault true;
+      networkDevices = lib.mkDefault true;
+      nftables = lib.mkDefault true;
+      nix-ld = lib.mkDefault true;
+      nvd = lib.mkDefault true;
+      packages = lib.mkDefault true;
+      pipewire = lib.mkDefault true;
+      ppd = lib.mkDefault true;
+      programs = lib.mkDefault true;
+      pulseaudio = lib.mkDefault true;
+      remotebuild = lib.mkDefault true;
+      security = lib.mkDefault true;
+      sops = lib.mkDefault true;
+      stylix = lib.mkDefault true;
+      sway = lib.mkDefault false; # niri
+      swayosd = lib.mkDefault false; # niri
+      syncthing = lib.mkDefault true;
+      systemdTimeout = lib.mkDefault true;
+      time = lib.mkDefault true;
+      uwsm = lib.mkDefault true;
+      xdg-portal = lib.mkDefault true;
+      xserver = lib.mkDefault true;
+      yubikey = lib.mkDefault true;
+      zsh = lib.mkDefault true;
+
+    };
+    home-manager.users."${config.swarselsystems.mainUser}" = {
+      swarselprofiles = {
+        personal = lib.mkDefault true;
+      };
+    };
+
+  };
+
+}

profiles-clone/nixos/router/default.nix

@@ -0,0 +1,14 @@
+{ lib, config, ... }:
+{
+  options.swarselprofiles.router = lib.mkEnableOption "enable the router profile";
+  config = lib.mkIf config.swarselprofiles.router {
+    swarselmodules = {
+      nftables = lib.mkDefault true;
+      server = {
+        router = lib.mkDefault true;
+        kea = lib.mkDefault true;
+      };
+    };
+  };
+
+}