refactor: move folders to modules

modules/core/default.nix

@@ -0,0 +1,84 @@
+{
+  lib,
+  pkgs,
+  ...
+}: let
+  dummyConfig = pkgs.writeText "configuration.nix" ''
+    assert builtins.trace "This is a dummy config, use deploy-rs!" false;
+    { }
+  '';
+in {
+  imports = [
+    ./inputrc.nix
+    ./issue.nix
+    ./nix.nix
+    ./resolved.nix
+    ./ssh.nix
+    ./tmux.nix
+    ./xdg.nix
+  ];
+
+  boot.kernelParams = ["log_buf_len=10M"];
+  environment.etc."nixos/configuration.nix".source = dummyConfig;
+
+  # Disable unnecessary stuff from the nixos defaults.
+  services.udisks2.enable = false;
+  security.sudo.enable = false;
+
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    verbose = true;
+  };
+
+  time.timeZone = lib.mkDefault "Europe/Berlin";
+  i18n.defaultLocale = "C.UTF-8";
+
+  networking = {
+    useDHCP = lib.mkForce false;
+    useNetworkd = true;
+    wireguard.enable = true;
+    dhcpcd.enable = false;
+    firewall.enable = false;
+  };
+
+  nix.nixPath = [
+    "nixos-config=${dummyConfig}"
+    "nixpkgs=/run/current-system/nixpkgs"
+    "nixpkgs-overlays=/run/current-system/overlays"
+  ];
+
+  nixpkgs.config.allowUnfree = true;
+
+  programs = {
+    git = {
+      enable = true;
+      config = {
+        init.defaultBranch = "main";
+        pull.rebase = true;
+      };
+    };
+    neovim = {
+      enable = true;
+      viAlias = true;
+      vimAlias = true;
+      defaultEditor = true;
+    };
+  };
+
+  system = {
+    extraSystemBuilderCmds = ''
+      ln -sv ${pkgs.path} $out/nixpkgs
+      ln -sv ${../nix/overlays} $out/overlays
+    '';
+
+    stateVersion = "22.11";
+  };
+
+  systemd = {
+    enableUnifiedCgroupHierarchy = true;
+    network.wait-online.anyInterface = true;
+  };
+
+  users.mutableUsers = false;
+}

modules/core/inputrc.nix

@@ -0,0 +1,110 @@
+{
+  environment.etc."inputrc".text = ''
+    # /etc/inputrc: initialization file for readline
+    #
+    # For more information on how this file works, please see the
+    # INITIALIZATION FILE section of the readline(3) man page
+    #
+    # Quick dirty little note:
+    #  To get the key sequence for binding, you can abuse bash.
+    #  While running bash, hit CTRL+V, and then type the key sequence.
+    #  So, typing 'ALT + left arrow' in Konsole gets you back:
+    #    ^[[1;3D
+    #  The readline entry to make this skip back a word will then be:
+    #    "\e[1;3D" backward-word
+    #
+    # Customization note:
+    #  You don't need to put all your changes in this file.  You can create
+    #  ~/.inputrc which starts off with the line:
+    #    $include /etc/inputrc
+    #  Then put all your own stuff after that.
+    #
+
+    # do not bell on tab-completion
+    set bell-style none
+
+    set history-size -1
+
+    set meta-flag on
+    set input-meta on
+    set convert-meta off
+    set output-meta on
+
+    # dont output everything on first line
+    set horizontal-scroll-mode off
+
+
+    # append slash to completed directories & symlinked directories
+    set mark-directories on
+    set mark-symlinked-directories on
+
+    # dont expand ~ in tab completion
+    set expand-tilde off
+
+    # instead of ringing bell, show list of ambigious completions directly, also show up to 300 items before asking
+    set show-all-if-ambiguous on
+    set completion-query-items 300
+
+
+    $if mode=emacs
+
+    # for linux console and RH/Debian xterm
+    # allow the use of the Home/End keys
+    "\e[1~": beginning-of-line
+    "\e[4~": end-of-line
+    # map "page up" and "page down" to search history based on current cmdline
+    "\e[5~": history-search-backward
+    "\e[6~": history-search-forward
+    # allow the use of the Delete/Insert keys
+    "\e[3~": delete-char
+    "\e[2~": quoted-insert
+
+    # gnome / others (escape + arrow key)
+    "\e[5C": forward-word
+    "\e[5D": backward-word
+    # konsole / xterm / rxvt (escape + arrow key)
+    "\e\e[C": forward-word
+    "\e\e[D": backward-word
+    # gnome / konsole / others (control + arrow key)
+    "\e[1;5C": forward-word
+    "\e[1;5D": backward-word
+    # aterm / eterm (control + arrow key)
+    "\eOc": forward-word
+    "\eOd": backward-word
+
+    # konsole (alt + arrow key)
+    "\e[1;3C": forward-word
+    "\e[1;3D": backward-word
+
+    # Chromebooks remap alt + backspace so provide alternative (alt + k)
+    "\ek": backward-kill-word
+
+    $if term=rxvt
+    "\e[8~": end-of-line
+
+    "\e[3^": kill-line
+    "\e[3@": backward-kill-line
+    $endif
+
+    # for non RH/Debian xterm, can't hurt for RH/Debian xterm
+    "\eOH": beginning-of-line
+    "\eOF": end-of-line
+
+    # for freebsd console
+    "\e[H": beginning-of-line
+    "\e[F": end-of-line
+
+    # fix Home and End for German users
+    "\e[7~": beginning-of-line
+    "\e[8~": end-of-line
+
+    # ctrl [+ shift] + del = kill line [backward]
+    "\e[3;5~": kill-line
+    "\e[3;6~": backward-kill-line
+    $endif
+
+    # Up and Down should search history based on current cmdline
+    "\e[A": history-search-backward
+    "\e[B": history-search-forward
+  '';
+}

modules/core/issue.nix

@@ -0,0 +1,9 @@
+let
+  issue_text = ''
+    \d  \t
+    This is \e{cyan}\n\e{reset} [\e{lightblue}\l\e{reset}] (\s \m \r)
+  '';
+in {
+  environment.etc."issue".text = issue_text;
+  environment.etc."issue.logo".text = issue_text;
+}

modules/core/nix.nix

@@ -0,0 +1,30 @@
+{
+  nix = {
+    settings = {
+      auto-optimise-store = true;
+      allowed-users = ["@wheel"];
+      trusted-users = ["root" "@wheel"];
+      system-features = ["recursive-nix"];
+      substituters = [
+        "https://nix-config.cachix.org"
+        "https://nix-community.cachix.org"
+      ];
+      trusted-public-keys = [
+        "nix-config.cachix.org-1:Vd6raEuldeIZpttVQfrUbLvXJHzzzkS0pezXCVVjDG4="
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      ];
+      cores = 0;
+      max-jobs = "auto";
+    };
+    daemonCPUSchedPolicy = "batch";
+    daemonIOSchedPriority = 5;
+    distributedBuilds = true;
+    extraOptions = ''
+      builders-use-substitutes = true
+      experimental-features = nix-command flakes recursive-nix
+      flake-registry = /etc/nix/registry.json
+    '';
+    optimise.automatic = true;
+    gc.automatic = true;
+  };
+}

modules/core/resolved.nix

@@ -0,0 +1,30 @@
+{lib, ...}: {
+  networking = {
+    firewall = {
+      allowedTCPPorts = [5355];
+      allowedUDPPorts = [5353 5355];
+    };
+    networkmanager.dns = "systemd-resolved";
+  };
+
+  services.resolved = {
+    enable = true;
+    dnssec = "allow-downgrade";
+    fallbackDns = [
+      "1.1.1.1"
+      "2606:4700:4700::1111"
+      "8.8.8.8"
+      "2001:4860:4860::8844"
+    ];
+    llmnr = "true";
+    extraConfig = ''
+      Domains=~.
+      MulticastDNS=true
+    '';
+  };
+
+  system.nssDatabases.hosts = lib.mkMerge [
+    (lib.mkBefore ["mdns_minimal [NOTFOUND=return]"])
+    (lib.mkAfter ["mdns"])
+  ];
+}

modules/core/ssh.nix

@@ -0,0 +1,15 @@
+{
+  services.sshd.enable = true;
+  services.openssh = {
+    enable = true;
+    passwordAuthentication = false;
+    kbdInteractiveAuthentication = false;
+    permitRootLogin = "yes";
+    hostKeys = [
+      {
+        path = "/etc/ssh/ssh_host_ed25519_key";
+        type = "ed25519";
+      }
+    ];
+  };
+}

modules/core/tmux.nix

@@ -0,0 +1,14 @@
+{
+  programs.tmux = {
+    enable = true;
+    aggressiveResize = true;
+    clock24 = true;
+    escapeTime = 0;
+    historyLimit = 10000;
+    # breaks tmate
+    newSession = false;
+    secureSocket = false;
+    shortcut = "g";
+    terminal = "tmux-256color";
+  };
+}

modules/core/xdg.nix

@@ -0,0 +1,12 @@
+{
+  environment.etc."xdg/user-dirs.defaults".text = ''
+    DESKTOP=tmp
+    DOWNLOAD=download
+    TEMPLATES=tmp
+    PUBLICSHARE=opt
+    DOCUMENTS=documents
+    MUSIC=music
+    PICTURES=pictures
+    VIDEOS=tmp
+  '';
+}

modules/dev/default.nix

@@ -0,0 +1,5 @@
+{
+  imports = [./documentation.nix];
+
+  environment.enableDebugInfo = true;
+}

modules/dev/documentation.nix

@@ -0,0 +1,12 @@
+{
+  lib,
+  pkgs,
+  ...
+}: {
+  environment.systemPackages = with pkgs; [man-pages];
+  documentation = {
+    dev.enable = true;
+    man.enable = true;
+    info.enable = lib.mkForce false;
+  };
+}

modules/dev/virt-manager.nix

@@ -0,0 +1,18 @@
+{pkgs, ...}: {
+  environment.systemPackages = with pkgs; [virt-manager spice-gtk swtpm];
+  security.polkit.enable = true;
+  virtualisation = {
+    libvirtd = {
+      enable = true;
+      qemu = {
+        package = pkgs.qemu_kvm;
+        ovmf = {
+          enable = true;
+          packages = with pkgs; [OVMFFull.fd];
+        };
+        swtpm.enable = true;
+      };
+    };
+    spiceUSBRedirection.enable = true;
+  };
+}

modules/graphical/default.nix

@@ -0,0 +1,11 @@
+{pkgs, ...}: {
+  imports = [
+    ./fonts.nix
+  ];
+
+  xdg.portal = {
+    enable = true;
+    wlr.enable = true;
+    extraPortals = with pkgs; [xdg-desktop-portal-gtk];
+  };
+}

modules/graphical/fonts.nix

@@ -0,0 +1,50 @@
+{pkgs, ...}: {
+  fonts = {
+    enableDefaultFonts = false;
+    enableGhostscriptFonts = false;
+    fontDir.enable = false;
+    fontconfig = {
+      defaultFonts = {
+        sansSerif = ["IBM Plex Sans"];
+        serif = ["IBM Plex Sans"];
+        monospace = ["Hack Nerd Font"];
+        emoji = ["Noto Color Emoji"];
+      };
+      localConf = ''
+        <?xml version="1.0"?>
+        <!DOCTYPE fontconfig SYSTEM "fonts.dtd">
+        <fontconfig>
+            <alias binding="weak">
+                <family>monospace</family>
+                <prefer>
+                    <family>emoji</family>
+                </prefer>
+            </alias>
+            <alias binding="weak">
+                <family>sans-serif</family>
+                <prefer>
+                    <family>emoji</family>
+                </prefer>
+            </alias>
+            <alias binding="weak">
+                <family>serif</family>
+                <prefer>
+                    <family>emoji</family>
+                </prefer>
+            </alias>
+        </fontconfig>
+      '';
+    };
+    fonts = with pkgs; [
+      (nerdfonts.override {fonts = ["Hack"];})
+      ibm-plex
+      dejavu_fonts
+      unifont
+      noto-fonts
+      noto-fonts-cjk-sans
+      noto-fonts-cjk-serif
+      noto-fonts-emoji
+      noto-fonts-extra
+    ];
+  };
+}