configuration/common: split common into seperate files

configuration/common/backup.nix

@@ -0,0 +1,12 @@
+{ ... }:
+
+{
+
+  clerie.backup = {
+    targets = {
+      cyan.serverName = "cyan.backup.clerie.de";
+      magenta.serverName = "magenta.backup.clerie.de";
+    };
+  };
+
+}

configuration/common/default.nix

@@ -4,119 +4,17 @@
   imports = [
     ../../modules
 
+    ./backup.nix
+    ./locale.nix
+    ./nix.nix
+    ./programs.nix
+    ./ssh.nix
+    ./user.nix
     ./web.nix
   ];
 
-  networking.domain = "net.clerie.de";
-
-  networking.firewall.logRefusedConnections = lib.mkDefault false;
-
-  time.timeZone = "Europe/Berlin";
-
-  i18n.defaultLocale = "de_DE.UTF-8";
-  i18n.extraLocaleSettings = {
-    LC_MESSAGES = "en_US.UTF-8";
-  };
-  console = {
-    keyMap = "de-latin1";
-  };
-
-  security.sudo.wheelNeedsPassword = lib.mkDefault false;
-
-  users.groups.guests = {};
-
-  nix.settings = {
-    trusted-users = [ "@wheel" "@guests" ];
-    auto-optimise-store = true;
-    # Keep buildtime dependencies
-    keep-outputs = true;
-    # Build local, when caches are broken
-    fallback = true;
-  };
-
-  environment.systemPackages = with pkgs; [
-    gptfdisk
-    htop
-    parted
-    tmux
-    colmena
-    vim
-    agenix
-  ];
-
-  programs.mtr.enable = true;
-
-  programs.git.enable = true;
-
-  programs.git.config = {
-    user = {
-      name = "clerie";
-      email = "git@clerie.de";
-    };
-  };
-
-  services.openssh.enable = true;
-  services.openssh.settings = {
-    PasswordAuthentication = false;
-    KbdInteractiveAuthentication = false;
-    PermitRootLogin = lib.mkDefault "no";
-  };
-  services.openssh.hostKeys = lib.mkForce [
-    # Only create ed25519 host keys
-    { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
-  ];
-
-  nix.gc = lib.mkDefault {
-    automatic = true;
-    dates = "weekly";
-    options = "--delete-older-than 30d";
-  };
-
-
-  nix.settings = {
-    experimental-features = [
-      "flakes"
-      "nix-command"
-      "repl-flake"
-    ];
-    substituters = [
-      "https://nix-cache.clerie.de"
-    ];
-    trusted-public-keys = [
-      "nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g="
-    ];
-  };
-
-  # Pin current nixpkgs channel and flake registry to the nixpkgs version
-  # the host got build with
-  nix.nixPath = lib.mkForce [ "nixpkgs=${lib.cleanSource pkgs.path}" ];
-  nix.registry = lib.mkForce {
-    "nixpkgs" = {
-       from = {
-         type = "indirect";
-         id = "nixpkgs";
-       };
-       to = {
-         type = "path";
-         path = lib.cleanSource pkgs.path;
-       };
-       exact = true;
-    };
-  };
-
   services.fstrim.enable = true;
 
-  clerie.nixfiles.enable = true;
-
-  clerie.backup = {
-    targets = {
-      cyan.serverName = "cyan.backup.clerie.de";
-      magenta.serverName = "magenta.backup.clerie.de";
-    };
-  };
-
-  documentation.doc.enable = false;
-
   nixpkgs.overlays = [
     (import ../../pkgs/overlay.nix)
   ];

configuration/common/locale.nix

@@ -0,0 +1,15 @@
+{ ... }:
+
+{
+
+  time.timeZone = "Europe/Berlin";
+
+  i18n.defaultLocale = "de_DE.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_MESSAGES = "en_US.UTF-8";
+  };
+  console = {
+    keyMap = "de-latin1";
+  };
+
+}

configuration/common/networking.nix

@@ -0,0 +1,9 @@
+{ ... }:
+
+{
+
+  networking.domain = "net.clerie.de";
+
+  networking.firewall.logRefusedConnections = lib.mkDefault false;
+
+}

configuration/common/nix.nix

@@ -0,0 +1,56 @@
+{ lib, pkgs, ... }:
+
+{
+
+  clerie.nixfiles.enable = true;
+
+  nix.settings = {
+    trusted-users = [ "@wheel" "@guests" ];
+    auto-optimise-store = true;
+    # Keep buildtime dependencies
+    keep-outputs = true;
+    # Build local, when caches are broken
+    fallback = true;
+  };
+
+  nix.gc = lib.mkDefault {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 30d";
+  };
+
+
+  nix.settings = {
+    experimental-features = [
+      "flakes"
+      "nix-command"
+      "repl-flake"
+    ];
+    substituters = [
+      "https://nix-cache.clerie.de"
+    ];
+    trusted-public-keys = [
+      "nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g="
+    ];
+  };
+
+  # Pin current nixpkgs channel and flake registry to the nixpkgs version
+  # the host got build with
+  nix.nixPath = lib.mkForce [ "nixpkgs=${lib.cleanSource pkgs.path}" ];
+  nix.registry = lib.mkForce {
+    "nixpkgs" = {
+       from = {
+         type = "indirect";
+         id = "nixpkgs";
+       };
+       to = {
+         type = "path";
+         path = lib.cleanSource pkgs.path;
+       };
+       exact = true;
+    };
+  };
+
+  documentation.doc.enable = false;
+
+}

configuration/common/programs.nix

@@ -0,0 +1,26 @@
+{ pkgs, ... }:
+
+{
+
+  environment.systemPackages = with pkgs; [
+    gptfdisk
+    htop
+    parted
+    tmux
+    colmena
+    vim
+    agenix
+  ];
+
+  programs.mtr.enable = true;
+
+  programs.git.enable = true;
+
+  programs.git.config = {
+    user = {
+      name = "clerie";
+      email = "git@clerie.de";
+    };
+  };
+
+}

configuration/common/ssh.nix

@@ -0,0 +1,16 @@
+{ lib, ... }:
+
+{
+
+  services.openssh.enable = true;
+  services.openssh.settings = {
+    PasswordAuthentication = false;
+    KbdInteractiveAuthentication = false;
+    PermitRootLogin = lib.mkDefault "no";
+  };
+  services.openssh.hostKeys = lib.mkForce [
+    # Only create ed25519 host keys
+    { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
+  ];
+
+}

configuration/common/user.nix

@@ -0,0 +1,9 @@
+{ lib, ... }:
+
+{
+
+  security.sudo.wheelNeedsPassword = lib.mkDefault false;
+
+  users.groups.guests = {};
+
+}