refactor

system-modules/base-packages.nix

@@ -0,0 +1,19 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; ([
+    git
+    git-crypt
+    lazygit # home-manager module is bugged
+    wget
+    curlHTTP3
+    zip
+    unzip
+    p7zip
+    unar
+    vim
+    htop
+    openssl
+    dmidecode
+    file
+  ]);
+
+}

system-modules/bluetooth.nix

@@ -0,0 +1,10 @@
+{ pkgs, ... }@all: with all; {
+  hardware.bluetooth = {
+    enable = true;
+    powerOnBoot = true;  
+    package = pkgs.bluez5-experimental;
+    settings.Policy.AutoEnable = "true";
+    settings.General.Enable = "Source,Sink,Media,Socket";
+   };
+  services.blueman.enable = true;
+}

system-modules/boot.nix

@@ -7,70 +7,64 @@ let
     rev = "0.5.0";
     hash = "sha256-e+55NYsSsWY6GPbYUtdVEB9krueuCAWT3Ce/Ghops1g=";
    });
-in 
-{
+  device-boot = if hyper.host == "NxNORTH" then {
+    kernelPackages = pkgs.linuxPackages_zen;
+    environment.systemPackages = with pkgs; [ sbctl ];
+    lanzaboote = {
+      enable = true;
+      pkiBundle = "/var/lib/sbctl";
+    };
+    loader.systemd-boot = {
+      enable = false; # let lanzaboote install systemd-boot
+      consoleMode = "max";
+      configurationLimit = 10;
+    };
+  } else if hyper.host == "NxXPS" then {
+    kernelPackages = pkgs.linuxPackages_latest;
+    extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
+    kernelModules = [ "v4l2loopback" ];
+    extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS VCam" exclusive_caps=1'';
+    loader = {
+      efi.canTouchEfiVariables = true;
+      grub = {
+        enable = true;
+        configurationLimit = 30;
+        device = "nodev";
+        # useOSProber = true;
+        efiSupport = true;
+        theme = grub-theme-ascii-diana;
+        font = "${grub-theme-ascii-diana}/unicode.pf2";
+        fontSize = 50;
+        extraEntries = ''
+          menuentry 'Windows 11' --class windows --class os $menuentry_id_option 'osprober-efi-0A97-7A2D' {
+            insmod part_gpt
+            insmod fat
+            search --no-floppy --fs-uuid --set=root 0A97-7A2D
+            chainloader /EFI/Microsoft/Boot/bootmgfw.efi
+          }
+        '';
+      };
+    };
+  } else if hyper.host == "NxACE" then {
+    kernelPackages = pkgs.linuxPackages_6_12;
+    loader = {
+      efi.canTouchEfiVariables = true;
+      grub = {
+        enable = true;
+        device = "nodev";
+        devices = [];
+        efiSupport = true;
+      };
+    };
+  } else assert 1 == "Unknown host"; {};
+in {
   imports = if hyper.host == "NxNORTH" then [
     inputs.lanzaboote.nixosModules.lanzaboote
   ] else [];
- config = if hyper.host == "NxNORTH" then {
-    # I have to boot with secureboot becasue of the chinese spyware called Vanguard
-      
-    environment.systemPackages = with pkgs; [ sbctl ];
-    boot = {
-      lanzaboote = {
-        enable = true;
-        pkiBundle = "/var/lib/sbctl";
-      };
-      loader.systemd-boot = {
-        enable = false; # let lanzaboote install systemd-boot
-        consoleMode = "max";
-        configurationLimit = 10;
-      };
-      kernelPackages = pkgs.linuxPackages_zen;
-      extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
-      kernelModules = [ "v4l2loopback" ];
-      extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1'';
-    };
-    security.polkit.enable = true;
-  } else if hyper.host == "NxXPS" then {
-    boot = {
-      loader = {
-        efi.canTouchEfiVariables = true;
-        grub = {
-          enable = true;
-          configurationLimit = 30;
-          device = "nodev";
-          # useOSProber = true;
-          efiSupport = true;
-          theme = grub-theme-ascii-diana;
-          font = "${grub-theme-ascii-diana}/unicode.pf2";
-          fontSize = 50;
-          extraEntries = ''
-            menuentry 'Windows 11' --class windows --class os $menuentry_id_option 'osprober-efi-0A97-7A2D' {
-              insmod part_gpt
-              insmod fat
-              search --no-floppy --fs-uuid --set=root 0A97-7A2D
-              chainloader /EFI/Microsoft/Boot/bootmgfw.efi
-            }
-          '';
-        };
-      };
-      kernelPackages = pkgs.linuxPackages_latest;
-      extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
-      kernelModules = [ "v4l2loopback" ];
-      extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS VCam" exclusive_caps=1'';
-    };
-  } else { # NxACE
-    boot = {
-      loader = {
-        efi.canTouchEfiVariables = true;
-        grub = {
-          enable = true;
-          device = "nodev";
-          efiSupport = true;
-        };
-      };
-      kernelPackages = pkgs.linuxPackages_6_12;
-    };
-  };
+  config.boot = {
+    extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
+    kernelModules = [ "v4l2loopback" ];
+    extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1'';
+    tmp.useTmpfs = false; 
+  } // device-boot;
 }

system-modules/cache.nix

@@ -0,0 +1,11 @@
+{ ... }: {
+  nix.settings = {
+    substitute = true;
+    substituters = [
+      "https://yazi.cachix.org"
+    ];
+    trusted-public-keys = [
+      "yazi.cachix.org-1:Dcdz63NZKfvUCbDGngQDAZq6kOroIrFoyO064uvLh8k="
+    ];
+  };
+}

system-modules/calendar/publish.nix

@@ -1,9 +1,7 @@
-{ pkgs, ... }@all: with all;
-let 
+{ pkgs, hyper, ... }@all: with all; let 
   radicale-root = "/var/lib/radicale";
   web-root = "/var/nginx/webroot";
-in
-{
+in {
   systemd.timers."nx_cal_publish" = {
     enable = true;
     wantedBy = [ "timers.target" ];

system-modules/editor.nix

@@ -0,0 +1,12 @@
+{ pkgs, ... }: {
+  environment = {
+    variables = {
+      EDITOR = "hx";
+      VISUAL = "hx";  
+    };
+    systemPackages = with pkgs; [
+      helix
+      vim
+    ];
+  };
+}

system-modules/gui.nix

@@ -0,0 +1,7 @@
+{ ... }: {
+  programs.hyprland = {
+    enable = true;
+    xwayland.enable = true;
+  };
+  services.xserver.enable = true;
+}

system-modules/input.nix

@@ -0,0 +1,11 @@
+{ ... }: {
+  services = {
+    xserver.xkb = {
+      layout = "de";
+      options = "eurosign:e,caps:escape";
+    };
+    libinput.enable = true;
+  };
+  hardware.uinput.enable = true;
+}
+

system-modules/nx2site/nextcloud.nix

@@ -1,4 +1,4 @@
-{ config, hyper, ... }:
+{ pkgs, ...}@all: with all;
 {
   sops.secrets = { 
     "nx2site/nextcloud/admin-pass" = { owner = "nextcloud"; };
@@ -9,6 +9,7 @@
   services = {
     nextcloud = {
       enable = true;
+      package = pkgs.nextcloud;
       hostName = "nc.${hyper.domain}";
       https = true;
       configureRedis = true;

system-modules/nx2site/proxy.nix

@@ -1,4 +1,4 @@
-{ config, hyper, pkgs, ... }:
+{ pkgs, ...}@all: with all;
 {
   sops.secrets = {
     "nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; };

system-modules/nx2site/radicale.nix

@@ -1,4 +1,4 @@
-{ config, hyper, ... }:
+{ pkgs, ...}@all: with all;
 {
   sops.secrets = { 
     "nx2site/radicale/htpasswd" = {
@@ -10,6 +10,7 @@
     radicale = {
       # is run by user radicale
       enable = true;
+      package = pkgs.radicale;
       settings = {
         server.hosts = let 
           port = builtins.toString 5232;

system-modules/printing.nix

@@ -0,0 +1,3 @@
+{ ... }: {
+  services.printing.enable = true; # CUPS
+}

system-modules/security.nix

@@ -0,0 +1,6 @@
+{ ... }: {
+  security = {
+    polkit.enable = true;
+    rtkit.enable = true;
+  };
+}

system-modules/terminal.nix

@@ -0,0 +1,7 @@
+{ pkgs, ... }@all: with all; {
+  i18n.defaultLocale = "en_US.UTF-8";
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "de";
+  };
+}

system-modules/tz.nix

@@ -0,0 +1,4 @@
+{ ... }: {
+  time.timeZone = "Europe/Berlin";
+}
+