nix: clean up infra

flake.lock

@@ -20,6 +20,26 @@
         "type": "github"
       }
     },
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1720470846,
+        "narHash": "sha256-7ftA4Bv5KfH4QdTRxqe8/Hz2YTKo+7IQ9n7vbNWgv28=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "2fb5c1e0a17bc6059fa09dc411a43d75f35bb192",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
     "nixlib": {
       "locked": {
         "lastModified": 1719708727,
@@ -58,11 +78,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1720031269,
-        "narHash": "sha256-rwz8NJZV+387rnWpTYcXaRNvzUSnnF9aHONoJIYmiUQ=",
+        "lastModified": 1720418205,
+        "narHash": "sha256-cPJoFPXU44GlhWg4pUk9oUPqurPlCFZ11ZQPk21GTPU=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "9f4128e00b0ae8ec65918efeba59db998750ead6",
+        "rev": "655a58a72a6601292512670343087c2d75d859c1",
         "type": "github"
       },
       "original": {
@@ -75,6 +95,7 @@
     "root": {
       "inputs": {
         "disko": "disko",
+        "home-manager": "home-manager",
         "nixos-generators": "nixos-generators",
         "nixpkgs": "nixpkgs",
         "srvos": "srvos"

flake.nix

@@ -15,24 +15,36 @@
       url = "github:nix-community/srvos";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    home-manager = {
+      url = "github:nix-community/home-manager";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
   outputs = inputs@{ self, nixpkgs, ... }: {
+    # System
     nixosConfigurations = {
-      main = nixpkgs.lib.nixosSystem rec {
-        system = "x86_64-linux";
+      alisa = nixpkgs.lib.nixosSystem {
+        system = "aarch64-linux";
         specialArgs = inputs;
         modules = [
-          ./nix/infra.nix
-          #inputs.srvos.nixosModules.server
-          inputs.nixos-generators.nixosModules.all-formats
+          ./nix/infra
         ];
       };
     };
+
+    # Formatter
+    formatter = nixpkgs.lib.attrsets.genAttrs nixpkgs.lib.systems.flakeExposed (system:
+      nixpkgs.legacyPackages.${system}.nixfmt-rfc-style
+    );
+
+    # Packages
     legacyPackages = nixpkgs.lib.attrsets.genAttrs nixpkgs.lib.systems.flakeExposed (system: import ./nix {
       inherit system inputs;
       pkgs = nixpkgs.legacyPackages.${system};
     });
+
+    # Shell
     devShells = nixpkgs.lib.attrsets.genAttrs nixpkgs.lib.systems.flakeExposed (system: {
       default = import ./shell.nix {
         inherit system inputs;

nix/default.nix

@@ -1,8 +1,11 @@
-{ system, pkgs, inputs }:
+{
+  system,
+  pkgs,
+  inputs,
+}:
 
 {
-  native = pkgs.callPackage ./native.nix {};
-  backend = pkgs.callPackage ./backend.nix {};
-  web = pkgs.callPackage ./web.nix {};
-  docker = inputs.self.nixosConfigurations.main.config.formats.docker;
+  native = pkgs.callPackage ./native.nix { };
+  backend = pkgs.callPackage ./backend.nix { };
+  web = pkgs.callPackage ./web.nix { };
 }

nix/infra.nix

@@ -1,114 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  self,
-  ...
-}:
-
-{
-  system.stateVersion = "24.11";
-  nixpkgs.hostPlatform = {
-    system = "x86_64-linux";
-    config = "x86_64-unknown-linux-gnu";
-  };
-  networking.hostName = "Main";
-  time.timeZone = "Europe/Berlin";
-
-  xdg = {
-    mime.enable = true;
-    autostart.enable = true;
-  };
-
-  i18n = {
-    defaultLocale = "en_NZ.UTF-8";
-    extraLocaleSettings = {
-      LC_ADDRESS = "de_DE.UTF-8";
-      LC_IDENTIFICATION = "de_DE.UTF-8";
-      LC_MEASUREMENT = "de_DE.UTF-8";
-      LC_MONETARY = "de_DE.UTF-8";
-      LC_NAME = "de_DE.UTF-8";
-      LC_NUMERIC = "de_DE.UTF-8";
-      LC_PAPER = "de_DE.UTF-8";
-      LC_TELEPHONE = "de_DE.UTF-8";
-      LC_TIME = "de_DE.UTF-8";
-      LC_CTYPE = "de_DE.UTF-8";
-      LC_COLLATE = "de_DE.UTF-8";
-      LC_MESSAGES = "en_NZ.UTF-8";
-    };
-  };
-
-  environment.variables = {
-    LOG_ICONS = "true";
-  };
-
-  services.openssh = {
-    enable = true;
-    banner = "Hackers are in Your System!!!\n";
-    settings = {
-      PasswordAuthentication = false;
-      PermitRootLogin = "prohibit-password";
-    };
-  };
-
-  fonts.fontDir.enable = true;
-
-  networking.firewall.enable = lib.mkForce false;
-
-  nix = {
-    settings = {
-      substituters = lib.mkForce [
-        "https://cache.nixos.org"
-        "https://nix-community.cachix.org"
-      ];
-      trusted-public-keys = lib.mkForce [
-        "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
-        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
-      ];
-      trusted-users = [ "root" ];
-      sandbox = true;
-      require-sigs = true;
-      max-jobs = "auto";
-      auto-optimise-store = true;
-      allowed-users = [ "*" ];
-      experimental-features = [
-        "nix-command"
-        "flakes"
-      ];
-      warn-dirty = true;
-      use-xdg-base-directories = true;
-      keep-going = true;
-      builders-use-substitutes = true;
-    };
-    distributedBuilds = true;
-    package = pkgs.lix;
-    registry = lib.mkForce ((lib.mapAttrs (_: flake: { inherit flake; })) ((lib.filterAttrs (_: lib.isType "flake")) self.inputs) // {
-      self.flake = self;
-    });
-    nixPath = lib.mkForce [ "/etc/nix/path" ];
-  };
-
-  nixpkgs = {
-    config ={
-      allowUnfree = true;
-    };
-  };
-
-  environment.etc = lib.mapAttrs' (name: value: { name = "nix/path/${name}"; value.source = value.flake; }) config.nix.registry;
-
-  services.postgresql.enable = true;
-
-  users.users.master = {
-    isNormalUser = true;
-    shell = pkgs.nushell;
-    hashedPassword = "$2b$05$q5oW9Q25AjVAic1KY1xrIOZ6cyuleRxbsuMlW998lzOk6Us8Rplnq";
-    extraGroups = [ "wheel" ];
-    uid = 1000;
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB8oyMpS2hK3gQXyHIIVS6oilgMpemLmfhKKJ6RBMwUh johannes@joens.email"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3pKtvhOOjG1pGJq7cVHS5uWy5IP8y1Ra/ENpmJcqOe root@zap"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFEcNAVRN66mfKmaCpxs++0094Eh4mqXkUwDPZPkIIBB johannes@joens.email"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFZDUoC+1lNR2JTY1Q+vhXpuLmKMdVl2OMFLVbQ3cGkw jopejoe1@kuraokami"
-    ];
-  };
-}

nix/infra/default.nix

@@ -0,0 +1,29 @@
+{ pkgs, self, ... }:
+
+{
+  imports = [
+    # Externel Modules
+    self.inputs.srvos.nixosModules.hardware-hetzner-cloud-arm
+    self.inputs.srvos.nixosModules.mixins-nginx
+    self.inputs.srvos.nixosModules.mixins-cloud-init
+    self.inputs.nixos-generators.nixosModules.all-formats
+    self.inputs.home-manager.nixosModules.home-manager
+    self.inputs.disko.nixosModules.disko
+
+    # Local Modueles
+    ./nix.nix
+    ./system.nix
+    ./disk.nix
+    ./users
+  ];
+
+  services.openssh = {
+    enable = true;
+    banner = "Hackers are in Your System!!!\n";
+    settings = {
+      PasswordAuthentication = false;
+      PermitRootLogin = "prohibit-password";
+    };
+  };
+  systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f8:c2c:3900::/64";
+}

nix/infra/disk.nix

@@ -0,0 +1,38 @@
+{ ... }:
+
+{
+  disko.devices = {
+    disk = {
+      main = {
+        type = "disk";
+        device = "/dev/sda";
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02";
+            };
+            ESP = {
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}

nix/infra/nix.nix

@@ -0,0 +1,33 @@
+{ lib, pkgs, ... }:
+
+{
+  nix = {
+    settings = {
+      substituters = [ "https://nix-community.cachix.org" ];
+      trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
+      trusted-users = [ "root" ];
+      sandbox = true;
+      require-sigs = true;
+      max-jobs = "auto";
+      auto-optimise-store = true;
+      allowed-users = [ "*" ];
+      experimental-features = [
+        "nix-command"
+        "flakes"
+      ];
+      warn-dirty = true;
+      use-xdg-base-directories = true;
+      keep-going = true;
+      builders-use-substitutes = true;
+    };
+    distributedBuilds = true;
+    package = pkgs.lix;
+    nixPath = lib.mkForce [ "/etc/nix/path" ];
+  };
+
+  nixpkgs = {
+    config = {
+      allowUnfree = true;
+    };
+  };
+}

nix/infra/system.nix

@@ -0,0 +1,37 @@
+{ ... }:
+
+{
+  system.stateVersion = "24.11";
+
+  nixpkgs.hostPlatform = {
+    system = "aarch64-linux";
+    config = "aarch64-unknown-linux-gnu";
+  };
+
+  networking.hostName = "alisa";
+  time.timeZone = "Europe/Berlin";
+
+  i18n = {
+    defaultLocale = "en_NZ.UTF-8";
+    extraLocaleSettings = {
+      LC_ADDRESS = "de_DE.UTF-8";
+      LC_IDENTIFICATION = "de_DE.UTF-8";
+      LC_MEASUREMENT = "de_DE.UTF-8";
+      LC_MONETARY = "de_DE.UTF-8";
+      LC_NAME = "de_DE.UTF-8";
+      LC_NUMERIC = "de_DE.UTF-8";
+      LC_PAPER = "de_DE.UTF-8";
+      LC_TELEPHONE = "de_DE.UTF-8";
+      LC_TIME = "de_DE.UTF-8";
+      LC_CTYPE = "de_DE.UTF-8";
+      LC_COLLATE = "de_DE.UTF-8";
+      LC_MESSAGES = "en_NZ.UTF-8";
+    };
+  };
+
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    backupFileExtension = "backup";
+  };
+}

nix/infra/users/default.nix

@@ -0,0 +1,5 @@
+{ ... }:
+
+{
+  imports = [ ./jopejoe1.nix ];
+}

nix/infra/users/jopejoe1.nix

@@ -0,0 +1,96 @@
+{ pkgs, config, ... }:
+
+let
+  home = config.home-manager.users.jopejoe1;
+  user = config.users.users.jopejoe1;
+in
+{
+  users.users = {
+    jopejoe1 = {
+      isNormalUser = true;
+      shell = pkgs.nushell;
+      description = "Johannes Jöns";
+      hashedPassword = "$2b$05$Uk84TY/RHlH8DIigUlFYjeorjTlCMEY9wN2pAcw5BLaPoc7dKiSsC";
+      extraGroups = [ "wheel" ];
+      uid = 1000;
+      packages = with pkgs; [ ];
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFZDUoC+1lNR2JTY1Q+vhXpuLmKMdVl2OMFLVbQ3cGkw jopejoe1@desktop"
+      ];
+    };
+  };
+  home-manager.users.jopejoe1 = {
+    home = {
+      username = user.name;
+      homeDirectory = user.home;
+      stateVersion = config.system.stateVersion;
+    };
+
+    programs = {
+      nushell = {
+        enable = true;
+      };
+
+      carapace.enable = true;
+      carapace.enableNushellIntegration = true;
+
+      starship = {
+        enable = true;
+        settings = {
+          add_newline = true;
+          character = {
+            success_symbol = "[➜](bold green)";
+            error_symbol = "[➜](bold red)";
+          };
+        };
+      };
+
+      direnv = {
+        enable = true;
+        nix-direnv.enable = true;
+      };
+
+      neovim = {
+        enable = true;
+        defaultEditor = true;
+      };
+
+      git = {
+        enable = true;
+        package = pkgs.git;
+        userEmail = "johannes@joens.email";
+        userName = "jopejoe1";
+        extraConfig = {
+          core = {
+            whitespace = [
+              "blank-at-eol"
+              "blank-at-eof"
+              "space-before-tab"
+            ];
+          };
+        };
+      };
+    };
+
+    xdg = {
+      enable = true;
+      mime.enable = true;
+      cacheHome = "${home.home.homeDirectory}/.cache";
+      configHome = "${home.home.homeDirectory}/.config";
+      dataHome = "${home.home.homeDirectory}/.local/share";
+      stateHome = "${home.home.homeDirectory}/.local/state";
+      userDirs = {
+        enable = true;
+        createDirectories = true;
+        desktop = "${home.home.homeDirectory}/Desktop";
+        documents = "${home.home.homeDirectory}/Documents";
+        download = "${home.home.homeDirectory}/Downloads";
+        music = "${home.home.homeDirectory}/Music";
+        pictures = "${home.home.homeDirectory}/Pictures";
+        publicShare = "${home.home.homeDirectory}/Public";
+        templates = "${home.home.homeDirectory}/Templates";
+        videos = "${home.home.homeDirectory}/Videos";
+      };
+    };
+  };
+}

nix/native.nix

@@ -11,9 +11,16 @@ stdenv.mkDerivation {
 
   src = ../native;
 
-  buildInputs = [ kdePackages.qtbase kdePackages.qtdeclarative kdePackages.qtmultimedia ];
+  buildInputs = [
+    kdePackages.qtbase
+    kdePackages.qtdeclarative
+    kdePackages.qtmultimedia
+  ];
 
-  nativeBuildInputs = [ cmake kdePackages.wrapQtAppsHook ];
+  nativeBuildInputs = [
+    cmake
+    kdePackages.wrapQtAppsHook
+  ];
 
   meta = {
     maintainers = with lib.maintainers; [ jopejoe1 ];

nix/web.nix

@@ -15,12 +15,9 @@ stdenv.mkDerivation (finalAttrs: {
     hash = "sha256-dTXWbUDjmlIlMZ/sIFaInTRmVdWpyzJA4oadJAzUivs=";
   };
 
-  nativeBuildInputs = [
-    pnpm.configHook
-  ];
+  nativeBuildInputs = [ pnpm.configHook ];
 
-  buildInputs = [
-  ];
+  buildInputs = [ ];
 
   dontStrip = true;
 

shell.nix

@@ -1,10 +1,16 @@
 {
   pkgs ? import <nixpkgs>,
   system ? builtins.currentSystem,
-  inputs ? { self = import ./flake.nix; },
+  inputs ? {
+    self = import ./flake.nix;
+  },
 }:
 
 pkgs.mkShell {
-  packages = with pkgs; [];
-  inputsFrom = with inputs.self.outputs.legacyPackages.${system}; [ backend web native ];
+  packages = with pkgs; [ ];
+  inputsFrom = with inputs.self.outputs.legacyPackages.${system}; [
+    backend
+    web
+    native
+  ];
 }