modularize system config

.gitignore

@@ -1,8 +0,0 @@
-# ---> Nix
-# Ignore build outputs from performing a nix-build or `nix build` command
-result
-result-*
-
-# Ignore automatically generated direnv output
-.direnv
-

modules/hardware/thinkpad.nix

@@ -31,8 +31,5 @@
     initrd.availableKernelModules = [ "thinkpad_acpi" ];
   };
 
-  services = {
-    fstrim.enable = true;
-    fwupd.enable = true;
-  };
+  services.fwupd.enable = true;
 }

modules/scans/thinkpad.nix

@@ -1,4 +1,3 @@
-
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.

modules/system/base.nix

@@ -1,20 +1,9 @@
 { hostname, timezone, ... }: {
   system.stateVersion = "24.11";
-  imports = [ ./apps.nix ];
-
-  nixpkgs.config.allowUnfree = true;
-  nix = {
-    settings = {
-      experimental-features = [ "nix-command" "flakes" ];
-      auto-optimise-store = true;
-    };
-    gc = {
-      automatic = true;
-      dates = "weekly";
-      options = "--delete-older-than 7d -d";
-    };
-    optimise.automatic = true;
-  };
+  imports = [
+    ./utilities.nix
+    ./nix-conf.nix
+  ];
 
   networking.hostName = "${hostname}";
   time.timeZone = timezone;

modules/system/bootloader.nix

@@ -0,0 +1,21 @@
+{ pkgs, legacy-boot, ... }: {
+  boot = {
+    plymouth.enable = true;
+    loader = {
+      efi.canTouchEfiVariables = true;
+      systemd-boot = {
+        enable = !legacy-boot;
+        configurationLimit = 3;
+        sortKey = "z-nixos";
+        editor = false;
+      };
+      grub = {
+        enable = legacy-boot;
+        device = "/dev/sda";
+        useOSProber = true;
+        default = "saved";
+        theme = "${pkgs.libsForQt5.breeze-grub}/grub/themes/breeze";
+      };
+    };
+  };
+}

modules/system/default.nix

@@ -1,148 +1,20 @@
-{ pkgs, config, swapfile, locale, legacy-boot, wol, enable-dm, zerotier, ... }: {
+{ pkgs, locale, ... }: {
   imports = [
-    ../hardware/scan.nix
-    ../rice/system.nix
     ./base.nix
+    ./network.nix
+    ./user.nix
+    ./kernel.nix
+    ./bootloader.nix
+    ./filesystem.nix
+    ./virtualization.nix
+    ./desktop.nix
+    ./programs.nix
   ];
 
-  boot = {
-    kernelModules = [ "rndis_host" "cdc_ether" ];
-    supportedFilesystems = [ "ext4" "btrfs" "vfat" "ntfs" "exfat" ];
-    plymouth.enable = true;
-    kernel.sysctl = {
-      "net.ipv4.ip_forward" = 1;
-      "net.ipv6.conf.all.forwarding" = 1;
-    };
-    loader = {
-      efi.canTouchEfiVariables = true;
-      systemd-boot = {
-        enable = !legacy-boot;
-        configurationLimit = 3;
-        sortKey = "z-nixos";
-        editor = false;
-      };
-      grub = {
-        enable = legacy-boot; #true;
-        device = "/dev/sda";
-        useOSProber = true;
-        default = "saved";
-        theme = "${pkgs.libsForQt5.breeze-grub}/grub/themes/breeze";
-      };
-    };
-    kernelParams = [
-      #"quiet"
-      "boot.shell_on_fail"
-      "loglevel=3"
-      "rd.systemd.show_status=true"
-      #"rd.udev.log_level=3"
-      "udev.log_priority=3"
-    ];
-  };
-  swapDevices = if swapfile == 0 then [] else [
-    {
-      device = "/swapfile";
-      size = swapfile;
-    }
-  ];
-
-  virtualisation = {
-    # waydroid.enable = true;
-    docker.enable = true;
-    # libvirtd = {
-    #   enable = true;
-    #   qemu = {
-    #     package = pkgs.qemu_kvm;
-    #     swtpm.enable = true;
-    #     runAsRoot = false;
-    #     ovmf = {
-    #       enable = false;
-    #       packages = [(pkgs.OVMF.override {
-    #         secureBoot = true;
-    #         tpmSupport = true;
-    #       }).fd];
-    #     };
-    #   };
-    # };
-  };
-
-  networking = {
-    networkmanager.enable = true;
-    firewall.enable = false;
-    nameservers = ["1.1.1.1" "1.0.0.1"];
-  };
-
-  hardware.graphics = {
-    enable = true;
-    extraPackages = [ pkgs.libva-vdpau-driver ];
-  };
   i18n.defaultLocale = locale;
   environment.localBinInPath = true;
 
-  systemd.services."wol" = {
-    enable = wol != "";
-    description = "Wake-on-LAN for ${wol}";
-    requires = [ "network.target" ];
-    after = [ "network.target" ];
-    serviceConfig = {
-      ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${wol} wol g";
-      Type = "oneshot";
-    };
-    wantedBy = [ # just in case 
-      "multi-user.target"
-      "sleep.target"
-      "suspend.target"
-      "hibernate.target"
-      "hybrid-sleep.target"
-      "shutdown.target"
-      "reboot.target"
-      "halt.target"
-    ];
-  };
-
-  services = {
-    displayManager.gdm.enable = enable-dm;
-    xserver = {
-      enable = true;
-      xkb = {
-        layout = "us";
-        variant = "";
-      };
-    };
-    pipewire = {
-      enable = true;
-      alsa.enable = true;
-      alsa.support32Bit = true;
-      pulse.enable = true;
-      jack.enable = true;
-    };
-    sunshine = {
-      enable = true;
-      autoStart = true;
-      capSysAdmin = true;
-      openFirewall = true;
-    };
-    avahi = {
-      enable = true;
-      nssmdns4 = true;
-    };
-    printing = {
-      enable = true;
-      drivers = with pkgs; [ hplip ];
-    };
-    zerotierone = {
-      enable = true;
-      joinNetworks = zerotier.networks;
-    };
-    cloudflare-warp.enable = true;
-    gnome.gnome-keyring.enable = true;
-    gvfs.enable = true;
-    blueman.enable = true;
-    pulseaudio.enable = false;
-    resolved.enable = true;
-  };
-
   security = {
-    rtkit.enable = true;
     sudo.configFile = ''
       Defaults insults
       Defaults passwd_tries = 5
@@ -152,18 +24,4 @@
   fonts.packages = with pkgs; [
     corefonts
   ];
-
-  programs = {
-    gdk-pixbuf.modulePackages = [ pkgs.librsvg ];
-    zsh.enable = true;
-    nix-ld.enable = true;
-    steam.enable = true;
-    appimage = {
-      enable = true;
-      binfmt = true;
-    };
-    kdeconnect = {
-      enable = true;
-    };
-  };
-}
+}

modules/system/desktop.nix

@@ -0,0 +1,30 @@
+{ pkgs, enable-dm, ... }: {
+  hardware.graphics = {
+    enable = true;
+    extraPackages = [ pkgs.libva-vdpau-driver ];
+  };
+
+  services = {
+    displayManager.gdm.enable = enable-dm;
+    xserver = {
+      enable = true;
+      xkb = {
+        layout = "us";
+        variant = "";
+      };
+    };
+    pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+      jack.enable = true;
+    };
+    gnome.gnome-keyring.enable = true;
+    gvfs.enable = true;
+    blueman.enable = true;
+    pulseaudio.enable = false;
+  };
+
+  security.rtkit.enable = true;
+}

modules/system/filesystem.nix

@@ -0,0 +1,23 @@
+{ swapfile, ... }:
+{
+  boot.supportedFilesystems = [
+    "ext4"
+    "btrfs"
+    "vfat"
+    "ntfs"
+    "exfat"
+  ];
+
+  swapDevices =
+    if swapfile == 0 then
+      [ ]
+    else
+      [
+        {
+          device = "/swapfile";
+          size = swapfile;
+        }
+      ];
+      
+  services.fstrim.enable = true;
+}

modules/system/kernel.nix

@@ -0,0 +1,12 @@
+{ ... }: {
+  boot = {
+    kernelParams = [
+      #"quiet"
+      "boot.shell_on_fail"
+      "loglevel=3"
+      "rd.systemd.show_status=true"
+      #"rd.udev.log_level=3"
+      "udev.log_priority=3"
+    ];
+  };
+}

modules/system/network.nix

@@ -0,0 +1,52 @@
+{ pkgs, wol, ... }: {
+  boot = {
+    kernelModules = [
+      "rndis_host"
+      "cdc_ether"
+    ];
+    kernel.sysctl = {
+      "net.ipv4.ip_forward" = 1;
+      "net.ipv6.conf.all.forwarding" = 1;
+    };
+  };
+
+  networking = {
+    networkmanager.enable = true;
+    firewall.enable = false;
+    nameservers = [
+      "1.1.1.1"
+      "1.0.0.1"
+    ];
+  };
+
+  systemd.services."wol" = {
+    enable = wol != "";
+    description = "Wake-on-LAN for ${wol}";
+    requires = [ "network.target" ];
+    after = [ "network.target" ];
+    serviceConfig = {
+      ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${wol} wol g";
+      Type = "oneshot";
+    };
+    wantedBy = [
+      # just in case
+      "multi-user.target"
+      "sleep.target"
+      "suspend.target"
+      "hibernate.target"
+      "hybrid-sleep.target"
+      "shutdown.target"
+      "reboot.target"
+      "halt.target"
+    ];
+  };
+
+  services = {
+    avahi = {
+      enable = true;
+      nssmdns4 = true;
+    };
+    cloudflare-warp.enable = true;
+    resolved.enable = true;
+  };
+}

modules/system/nix-conf.nix

@@ -0,0 +1,15 @@
+{ ... }: {
+  nixpkgs.config.allowUnfree = true;
+  nix = {
+    settings = {
+      experimental-features = [ "nix-command" "flakes" ];
+      auto-optimise-store = true;
+    };
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 7d -d";
+    };
+    optimise.automatic = true;
+  };
+}

modules/system/programs.nix

@@ -0,0 +1,28 @@
+{ pkgs, ... }: {
+  services = {
+    sunshine = {
+      enable = true;
+      autoStart = true;
+      capSysAdmin = true;
+      openFirewall = true;
+    };
+    printing = {
+      enable = true;
+      drivers = with pkgs; [ hplip ];
+    };
+  };
+
+  programs = {
+    gdk-pixbuf.modulePackages = [ pkgs.librsvg ];
+    zsh.enable = true;
+    nix-ld.enable = true;
+    steam.enable = true;
+    appimage = {
+      enable = true;
+      binfmt = true;
+    };
+    kdeconnect = {
+      enable = true;
+    };
+  };
+}

modules/system/virtualization.nix

@@ -0,0 +1,21 @@
+{ ... }: {
+  virtualisation = {
+    # waydroid.enable = true;
+    docker.enable = true;
+    # libvirtd = {
+    #   enable = true;
+    #   qemu = {
+    #     package = pkgs.qemu_kvm;
+    #     swtpm.enable = true;
+    #     runAsRoot = false;
+    #     ovmf = {
+    #       enable = false;
+    #       packages = [(pkgs.OVMF.override {
+    #         secureBoot = true;
+    #         tpmSupport = true;
+    #       }).fd];
+    #     };
+    #   };
+    # };
+  };
+}