refactor: eliminate old module setup [part 1]

profiles/nixos/common/default.nix

@@ -1,9 +1,12 @@
-{ lib, ... }:
+{ self, lib, ... }:
 let
   importNames = lib.swarselsystems.readNix "profiles/nixos/common";
+  profilesPath = "${self}/profiles";
 in
 {
-  imports = lib.swarselsystems.mkImports importNames "profiles/nixos/common";
+  imports = lib.swarselsystems.mkImports importNames "profiles/nixos/common" ++ [
+    "${profilesPath}/home/common/sharedsetup.nix"
+  ];
 
   nixpkgs.config.permittedInsecurePackages = [
     "jitsi-meet-1.0.8043"

profiles/nixos/common/hardware.nix

@@ -1,34 +1,47 @@
 { pkgs, config, lib, ... }:
 {
 
-  hardware = {
-    # opengl.driSupport32Bit = true is replaced with graphics.enable32Bit and hence redundant
-    graphics = {
-      enable = true;
-      enable32Bit = true;
-    };
-
-
-    trackpoint = lib.mkIf config.swarselsystems.trackpoint.isAvailable {
-      enable = true;
-      inherit (config.swarselsystems.trackpoint) device;
-    };
-
-    keyboard.qmk.enable = true;
-
-    enableAllFirmware = true;
-
-    bluetooth = lib.mkIf config.swarselsystems.hasBluetooth {
-      enable = true;
-      package = pkgs.stable.bluez;
-      powerOnBoot = true;
-      settings = {
-        General = {
-          Enable = "Source,Sink,Media,Socket";
-        };
+  options.swarselsystems = {
+    hasBluetooth = lib.mkEnableOption "bluetooth availability";
+    hasFingerprint = lib.mkEnableOption "fingerprint sensor availability";
+    trackpoint = {
+      isAvailable = lib.mkEnableOption "trackpoint availability";
+      trackpoint.device = lib.mkOption {
+        type = lib.types.str;
+        default = "";
       };
     };
   };
+  config = {
+    hardware = {
+      # opengl.driSupport32Bit = true is replaced with graphics.enable32Bit and hence redundant
+      graphics = {
+        enable = true;
+        enable32Bit = true;
+      };
 
-  services.fprintd.enable = lib.mkIf config.swarselsystems.hasFingerprint true;
+
+      trackpoint = lib.mkIf config.swarselsystems.trackpoint.isAvailable {
+        enable = true;
+        inherit (config.swarselsystems.trackpoint) device;
+      };
+
+      keyboard.qmk.enable = true;
+
+      enableAllFirmware = true;
+
+      bluetooth = lib.mkIf config.swarselsystems.hasBluetooth {
+        enable = true;
+        package = pkgs.stable.bluez;
+        powerOnBoot = true;
+        settings = {
+          General = {
+            Enable = "Source,Sink,Media,Socket";
+          };
+        };
+      };
+    };
+
+    services.fprintd.enable = lib.mkIf config.swarselsystems.hasFingerprint true;
+  };
 }

profiles/nixos/common/sharedsetup.nix

@@ -0,0 +1,26 @@
+{ lib, ... }:
+{
+  options.swarselsystems = {
+    withHomeManager = lib.mkOption {
+      type = lib.types.bool;
+      default = true;
+    };
+    isSwap = lib.mkOption {
+      type = lib.types.bool;
+      default = true;
+    };
+    swapSize = lib.mkOption {
+      type = lib.types.str;
+      default = "8G";
+    };
+    rootDisk = lib.mkOption {
+      type = lib.types.str;
+      default = "";
+    };
+    isCrypted = lib.mkEnableOption "uses full disk encryption";
+    initialSetup = lib.mkEnableOption "initial setup (no sops keys available)";
+
+    isImpermanence = lib.mkEnableOption "use impermanence on this system";
+    isSecureBoot = lib.mkEnableOption "use secure boot on this system";
+  };
+}

profiles/nixos/common/stylix.nix

@@ -8,12 +8,7 @@
     config.swarselsystems.stylix;
   home-manager.users."${config.swarselsystems.mainUser}" = {
     stylix = {
-      targets = {
-        emacs.enable = false;
-        waybar.enable = false;
-        sway.useWallpaper = false;
-        firefox.profileNames = [ "default" ];
-      };
+      targets = config.swarselsystems.stylixHomeTargets;
     };
   };
 }

profiles/nixos/server/ankisync.nix

@@ -1,5 +1,6 @@
 { lib, config, ... }:
 {
+  options.swarselsystems.server.ankisync = lib.mkEnableOption "enable ankisync on server";
   config = lib.mkIf config.swarselsystems.server.ankisync {
 
     networking.firewall.allowedTCPPorts = [ 22701 ];

profiles/nixos/server/default.nix

@@ -14,5 +14,7 @@ in
     "${profilesPath}/nixos/common/time.nix"
     "${profilesPath}/nixos/common/users.nix"
     "${profilesPath}/nixos/common/nix-ld.nix"
+    "${profilesPath}/nixos/common/sharedsetup.nix"
+    "${profilesPath}/home/common/sharedsetup.nix"
   ];
 }

profiles/nixos/server/emacs.nix

@@ -1,5 +1,6 @@
 { lib, config, ... }:
 {
+  options.swarselsystems.server.emacs = lib.mkEnableOption "enable emacs server on server";
   config = lib.mkIf config.swarselsystems.server.emacs {
 
     networking.firewall.allowedTCPPorts = [ 9812 ];

profiles/nixos/server/forgejo.nix

@@ -1,5 +1,6 @@
 { lib, config, ... }:
 {
+  options.swarselsystems.server.forgejo = lib.mkEnableOption "enable forgejo on server";
   config = lib.mkIf config.swarselsystems.server.forgejo {
 
     networking.firewall.allowedTCPPorts = [ 3000 ];

profiles/nixos/server/freshrss.nix

@@ -1,5 +1,6 @@
 { lib, config, ... }:
 {
+  options.swarselsystems.server.freshrss = lib.mkEnableOption "enable freshrss on server";
   config = lib.mkIf config.swarselsystems.server.freshrss {
 
     users.users.freshrss = {

profiles/nixos/server/immich.nix

@@ -1,5 +1,6 @@
 { lib, config, ... }:
 {
+  options.swarselsystems.server.immich = lib.mkEnableOption "enable immich on server";
   config = lib.mkIf config.swarselsystems.server.immich {
 
     users.users.immich = {

profiles/nixos/server/jellyfin.nix

@@ -1,5 +1,6 @@
 { pkgs, lib, config, ... }:
 {
+  options.swarselsystems.server.jellyfin = lib.mkEnableOption "enable jellyfin on server";
   config = lib.mkIf config.swarselsystems.server.jellyfin {
     users.users.jellyfin = {
       extraGroups = [ "video" "render" "users" ];

profiles/nixos/server/jenkins.nix

@@ -1,5 +1,6 @@
 { pkgs, lib, config, ... }:
 {
+  options.swarselsystems.server.jenkins = lib.mkEnableOption "enable jenkins on server";
   config = lib.mkIf config.swarselsystems.server.jenkins {
 
     services.jenkins = {

profiles/nixos/server/kavita.nix

@@ -1,5 +1,6 @@
 { pkgs, lib, config, ... }:
 {
+  options.swarselsystems.server.kavita = lib.mkEnableOption "enable kavita on server";
   config = lib.mkIf config.swarselsystems.server.kavita {
     environment.systemPackages = with pkgs; [
       calibre

profiles/nixos/server/matrix.nix

@@ -11,7 +11,7 @@ let
   '';
 in
 {
-
+  options.swarselsystems.server.matrix = lib.mkEnableOption "enable matrix on server";
   config = lib.mkIf config.swarselsystems.server.matrix {
     environment.systemPackages = with pkgs; [
       matrix-synapse

profiles/nixos/server/monitoring.nix

@@ -1,5 +1,6 @@
 { self, lib, config, ... }:
 {
+  options.swarselsystems.server.monitoring = lib.mkEnableOption "enable monitoring on server";
   config = lib.mkIf config.swarselsystems.server.monitoring {
 
     sops.secrets = {

profiles/nixos/server/mpd.nix

@@ -1,5 +1,6 @@
 { pkgs, lib, config, ... }:
 {
+  options.swarselsystems.server.mpd = lib.mkEnableOption "enable mpd on server";
   config = lib.mkIf config.swarselsystems.server.mpd {
     users = {
       groups = {

profiles/nixos/server/navidrome.nix

@@ -3,6 +3,7 @@ let
   secretsDirectory = builtins.toString inputs.nix-secrets;
 in
 {
+  options.swarselsystems.server.navidrome = lib.mkEnableOption "enable navidrome on server";
   config = lib.mkIf config.swarselsystems.server.navidrome {
     environment.systemPackages = with pkgs; [
       pciutils

profiles/nixos/server/nextcloud.nix

@@ -1,5 +1,6 @@
 { pkgs, lib, config, ... }:
 {
+  options.swarselsystems.server.nextcloud = lib.mkEnableOption "enable nextcloud on server";
   config = lib.mkIf config.swarselsystems.server.nextcloud {
 
     sops.secrets.nextcloudadminpass = {

profiles/nixos/server/paperless.nix

@@ -1,5 +1,6 @@
 { lib, config, ... }:
 {
+  options.swarselsystems.server.paperless = lib.mkEnableOption "enable paperless on server";
   config = lib.mkIf config.swarselsystems.server.paperless {
 
     users.users.paperless = {

profiles/nixos/server/pipewire.nix

@@ -1,6 +1,6 @@
 { lib, config, ... }:
 {
-  config = lib.mkIf (config.swarselsystems.server.mpd || config.swarselsystems.server.navidrome) {
+  config = lib.mkIf (config?swarselsystems.server.mpd || config?swarselsystems.server.navidrome) {
 
     security.rtkit.enable = true; # this is required for pipewire real-time access
 

profiles/nixos/server/restic.nix

@@ -1,5 +1,6 @@
 { lib, config, ... }:
 {
+  options.swarselsystems.server.restic = lib.mkEnableOption "enable restic backups on server";
   config = lib.mkIf config.swarselsystems.server.restic {
 
     # TODO

profiles/nixos/server/settings.nix

@@ -3,26 +3,33 @@ let
   inherit (config.swarselsystems) flakePath;
 in
 {
-  environment.shellAliases = lib.recursiveUpdate
-    {
-      npswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
-      nswitch = "sudo nixos-rebuild --flake ${flakePath}#$(hostname) switch;";
-      npiswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
-      nipswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
-      niswitch = "sudo nixos-rebuild --flake ${flakePath}#$(hostname) switch --impure;";
-    }
-    config.swarselsystems.shellAliases;
-
-  nixpkgs.config.permittedInsecurePackages = [
-    # matrix
-    "olm-3.2.16"
-    # sonarr
-    "aspnetcore-runtime-wrapped-6.0.36"
-    "aspnetcore-runtime-6.0.36"
-    "dotnet-sdk-wrapped-6.0.428"
-    "dotnet-sdk-6.0.428"
-    #
-    "SDL_ttf-2.0.11"
-  ];
+  options.swarselsystems = {
+    shellAliases = lib.mkOption {
+      type = lib.types.attrsOf lib.types.str;
+      default = { };
+    };
+  };
+  config = {
+    environment.shellAliases = lib.recursiveUpdate
+      {
+        npswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
+        nswitch = "sudo nixos-rebuild --flake ${flakePath}#$(hostname) switch;";
+        npiswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
+        nipswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
+        niswitch = "sudo nixos-rebuild --flake ${flakePath}#$(hostname) switch --impure;";
+      }
+      config.swarselsystems.shellAliases;
 
+    nixpkgs.config.permittedInsecurePackages = [
+      # matrix
+      "olm-3.2.16"
+      # sonarr
+      "aspnetcore-runtime-wrapped-6.0.36"
+      "aspnetcore-runtime-6.0.36"
+      "dotnet-sdk-wrapped-6.0.428"
+      "dotnet-sdk-6.0.428"
+      #
+      "SDL_ttf-2.0.11"
+    ];
+  };
 }

profiles/nixos/server/spotifyd.nix

@@ -1,5 +1,6 @@
 { lib, config, ... }:
 {
+  options.swarselsystems.server.spotifyd = lib.mkEnableOption "enable spotifyd on server";
   config = lib.mkIf config.swarselsystems.server.spotifyd {
     users.groups.spotifyd = {
       gid = 65136;

profiles/nixos/server/syncthing.nix

@@ -4,6 +4,7 @@ let
   workHostName = lib.swarselsystems.getSecret "${secretsDirectory}/work/worklaptop-hostname";
 in
 {
+  options.swarselsystems.server.syncthing = lib.mkEnableOption "enable syncthing on server";
   config = lib.mkIf config.swarselsystems.server.syncthing {
 
     users.users.syncthing = {

profiles/nixos/server/transmission.nix

@@ -1,5 +1,6 @@
 { pkgs, lib, config, ... }:
 {
+  options.swarselsystems.server.transmission = lib.mkEnableOption "enable transmission and friends on server";
   config = lib.mkIf config.swarselsystems.server.transmission {
 
     # this user/group section is probably unneeded