Add base systems

Defelo · Defelo · commit 8073f199485f · 2023-11-09T15:01:00.000+01:00
diff --git a/flake.nix b/flake.nix
@@ -69,11 +69,19 @@
         });
     mkNixOSConfig = host: import ./system (inputs // {conf = importHostConf host;});
   in {
-    nixosConfigurations = builtins.listToAttrs (map (host: {
-        name = host;
-        value = mkNixOSConfig host;
-      })
-      hosts);
+    nixosConfigurations = builtins.listToAttrs (lib.flatten (map (host: let
+        config = mkNixOSConfig host;
+      in [
+        {
+          name = host;
+          value = config.full;
+        }
+        {
+          name = "${host}-base";
+          value = config.base;
+        }
+      ])
+      hosts));
     packages = eachDefaultSystem (
       system: let
         pkgs = import nixpkgs {inherit system;};
diff --git a/system/base.nix b/system/base.nix
@@ -0,0 +1,9 @@
+{pkgs, ...}: {
+  users.mutableUsers = false;
+  users.users.root.password = "nixos";
+
+  environment.systemPackages = with pkgs; [
+    vim
+    git
+  ];
+}
diff --git a/system/common.nix b/system/common.nix
@@ -1,4 +1,5 @@
 {
+  conf,
   nixpkgs,
   pkgs,
   ...
@@ -12,14 +13,16 @@
     ${pkgs.buildPackages.ckbcomp}/bin/ckbcomp -layout de -option ctrl:swapcaps -variant nodeadkeys > $out
   '';
 
+  networking.hostName = conf.hostname;
+  networking.networkmanager = {
+    enable = true;
+    wifi.macAddress = "random";
+    ethernet.macAddress = "random";
+  };
+
   programs.zsh.enable = true;
   users.defaultUserShell = pkgs.zsh;
 
-  environment.variables = {
-    EDITOR = "hx";
-    VISUAL = "hx";
-  };
-
   environment.systemPackages = with pkgs; [
     age
     comma
diff --git a/system/default.nix b/system/default.nix
@@ -19,8 +19,21 @@
     }) (filterAttrs (k: _: hasPrefix "nixpkgs-" k) inputs);
 
   specialArgs = inputs // extra-pkgs;
-in
-  nixpkgs.lib.nixosSystem rec {
+in {
+  base = nixpkgs.lib.nixosSystem {
+    inherit system pkgs specialArgs;
+    modules = [
+      ./common.nix
+      conf.extraConfig
+      conf.hardware-configuration
+
+      ./base.nix
+      ./boot.nix
+      ./filesystems.nix
+    ];
+  };
+
+  full = nixpkgs.lib.nixosSystem {
     inherit system pkgs specialArgs;
     modules = [
       ./common.nix
@@ -33,6 +46,7 @@ in
       ./boot.nix
       ./borg.nix
       ./emulation.nix
+      ./env.nix
       ./filesystems.nix
       ./fonts.nix
       ./geoclue2.nix
@@ -58,4 +72,5 @@ in
         };
       }
     ];
-  }
+  };
+}
diff --git a/system/env.nix b/system/env.nix
@@ -0,0 +1,6 @@
+{
+  environment.variables = {
+    EDITOR = "hx";
+    VISUAL = "hx";
+  };
+}
diff --git a/system/networking.nix b/system/networking.nix
@@ -3,35 +3,28 @@
   pkgs,
   ...
 }: {
-  networking.hostName = conf.hostname;
+  networking.networkmanager.dispatcherScripts = [
+    {
+      type = "basic";
+      source = let
+        inherit (conf.networking) vpn;
+        wifi.trusted = builtins.toFile "wifi-trusted" (builtins.foldl' (acc: x: "${acc}${x}\n") "" conf.networking.wifi.trusted);
+      in
+        pkgs.writeText "trusted-networks" ''
+          export PATH=${pkgs.lib.makeBinPath (with pkgs; [coreutils gnugrep networkmanager])}
 
-  networking.networkmanager = {
-    enable = true;
-    wifi.macAddress = "random";
-    ethernet.macAddress = "random";
-    dispatcherScripts = [
-      {
-        type = "basic";
-        source = let
-          inherit (conf.networking) vpn;
-          wifi.trusted = builtins.toFile "wifi-trusted" (builtins.foldl' (acc: x: "${acc}${x}\n") "" conf.networking.wifi.trusted);
-        in
-          pkgs.writeText "trusted-networks" ''
-            export PATH=${pkgs.lib.makeBinPath (with pkgs; [coreutils gnugrep networkmanager])}
-
-            if [[ -z "$1" ]] || [[ "$1" = "vpn" ]]; then
-              exit
-            fi
+          if [[ -z "$1" ]] || [[ "$1" = "vpn" ]]; then
+            exit
+          fi
 
-            if nmcli --fields=UUID c s --active | tail +2 | cut -d' ' -f1 | sort | comm -12 - <(sort ${wifi.trusted}) | grep -q .; then
-              nmcli c up "${vpn.default}" &
-            else
-              nmcli c up "${vpn.full}" &
-            fi
-          '';
-      }
-    ];
-  };
+          if nmcli --fields=UUID c s --active | tail +2 | cut -d' ' -f1 | sort | comm -12 - <(sort ${wifi.trusted}) | grep -q .; then
+            nmcli c up "${vpn.default}" &
+          else
+            nmcli c up "${vpn.full}" &
+          fi
+        '';
+    }
+  ];
 
   networking.firewall = {
     enable = true;
