Lots of refactoring

features/base.nix

@@ -2,44 +2,11 @@
   users.mutableUsers = false;
   nixpkgs.config.allowUnfree = true;
 
-  services.smartd.enable = true;
+  networking.wireless.enable = false; # For some reason this is needed all of the time
 
-  boot.supportedFilesystems = [ "zfs" "ntfs" ];
-
-  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
-
-  nix.settings.experimental-features = [ "nix-command" "flakes" ];
-
-  nix.channel.enable = false;
-
-  # TODO: ????
-  networking.wireless.enable = false;
+  boot.supportedFilesystems = [ "ntfs" ];
 
   # Basic Services
+  services.smartd.enable = true;
   services.uptimed.enable = true;
-
-  services.openssh.enable = true;
-  services.openssh.settings.PermitRootLogin = "no";
-
-  # Basic Utilities
-  environment.systemPackages = with pkgs; [
-    # Basic Utilities
-    bc pv killall unzip unrar-wrapper unar
-
-    # System Monitoring / TUI QoL Tools
-    btop iotop tmux byobu
-
-    # Security / Cryptography
-    ssss gnupg pwgen qrencode diceware
-
-    # Applications
-    vim_configurable
-
-    # asdf
-    git ffmpeg restic rclone nixos-generators
-    # samba libvirt tinc_pre
-
-    # File Systems
-    nfs-utils cifs-utils exfatprogs
-  ];
 }

features/docker.nix

@@ -1,3 +0,0 @@
-{ ... }: {
-  virtualisation.docker.enable = true;
-}

features/embedded.nix

@@ -1,4 +1,4 @@
-{ pkgs, unstable, ... }: {
+{ pkgs, pkgs-unstable, ... }: {
   nixpkgs.config.allowUnfree = true;
   nixpkgs.config.segger-jlink.acceptLicense = true;
 
@@ -6,7 +6,7 @@
   nixpkgs.config.permittedInsecurePackages = [ "segger-jlink-qt4-796s" ];
 
   environment.systemPackages = with pkgs; [
-    unstable.platformio # https://github.com/NixOS/nixpkgs/commit/0ba947ba44fc17c7cc94be2374dbfb939900cecd
+    pkgs-unstable.platformio # https://github.com/NixOS/nixpkgs/commit/0ba947ba44fc17c7cc94be2374dbfb939900cecd
     segger-jlink
 
     arduino-ide

features/factorio.nix

@@ -1,13 +1,13 @@
-{ pkgs, ... }: {
-  environment.systemPackages = with pkgs; [
+{ pkgs, unstable, ... }: {
+  environment.systemPackages = with unstable; [
     (factorio.override {
       username = "";
       token = "";
 
       releaseType = "alpha";
-      version = "1.1.107";
+      version = "2.0.32";
 
-      # nix-prefetch-url "file:///run/media/lauren_lagarde/Lauren%20USB/Applications/factorio/factorio_alpha_x64_1.1.107.tar.xz" --name factorio_alpha_x64-1.1.107.tar.xz
+      # nix-prefetch-url file:///$(pwd | sed 's| |%20|')/factorio_alpha_x64-2.0.32.tar.xz --name factorio_alpha_x64-2.0.32.tar.xz
     })
   ];
 }

features/gui-apps.nix

@@ -0,0 +1,2 @@
+{ pkgs, lib, unstable, ... }: {
+}

features/headless.nix

@@ -1,67 +1,3 @@
 { config, lib, pkgs, callPackage, ... }: {
-
-  ##############################################################################
-  ##############################################################################
-  ##############################################################################
-  # Packages
-
-  environment.systemPackages = with pkgs; [
-    # Basic Utilities
-    bc pv killall unzip unrar-wrapper unar
-
-    # System Monitoring / TUI QoL Tools
-    btop iotop tmux byobu
-
-    # Backup Tools
-    restic rclone
-
-    # Networking Utilities
-    dig tinc_pre traceroute wireguard-tools iperf3
-
-    # Security / Cryptography
-    (pass.withExtensions (ext: with ext; [ pass-otp pass-update ]))
-    ssss gnupg pwgen qrencode diceware
-
-    # NixOS Helpers
-    nixos-generators nix-index nix-search-cli
-
-    # Applications
-    vim_configurable
-
-    # File Systems
-    nfs-utils cifs-utils exfatprogs
-
-    # Multimedia Utilities
-    ffmpeg imagemagick
-
-    # Services
-    podman-compose
-
-    units usbutils pciutils
-  ];
-
-  ##############################################################################
-  ##############################################################################
-  ##############################################################################
-  # Services
-  # TODO: Split this out further
-
   services.uptimed.enable = true;
-
-  services.openssh = {
-    enable = true;
-    settings = {
-      PermitRootLogin = lib.mkForce "no";
-      PasswordAuthentication = false;
-    };
-  };
-
-  # TODO: Attempt to use podman
-  virtualisation.docker.enable = true;
-  virtualisation.containers.enable = true;
-  virtualisation.podman = {
-    enable = true;
-    dockerCompat = false;
-    defaultNetwork.settings.dns_enabled = true;
-  };
 }

features/i3wm.nix

@@ -0,0 +1,18 @@
+{ pkgs, ... }: {
+  services.xserver = {
+    enable = true;
+
+    desktopManager = {
+      xterm.enable = false;
+      gnome.enable = true;
+    };
+
+    windowManager = {
+      i3.enable = true;
+    };
+
+    displayManager.lightdm.enable = true;
+  };
+
+  services.displayManager.defaultSession = "none+i3";
+}

features/initrd-ssh.nix

@@ -0,0 +1,29 @@
+# ssh-keygen -t ed25519 -N "" -f ./ssh_host_ed25519_key
+
+{ ... }: {
+  boot.initrd = {
+    systemd = {
+      enable = true;
+      users.root.shell = "/bin/systemd-tty-ask-password-agent";
+      network = {
+        enable = true;
+        networks."10-enp1s0" = {
+          matchConfig.Name = "enp1s0";
+          networkConfig.DHCP = "yes";
+        };
+      };
+    };
+
+    network = {
+      enable = true;
+      ssh = {
+        enable = true;
+        port = 2222;
+        hostKeys = [ "/root/secrets/initrd/ssh_host_ed25519_key" ];
+        authorizedKeys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCl881A1gvgCx+4ECrmJnO2QCTiqjaOLfAegKAAkvWNFKL0rDfsj8tZULUcyn87HYsRrdmqCOQ62GOjQyK803azq7QTxwY4vjczkJxico4LnIToTobcz+JkgF6Rf/h74bs9dHk4ZU853FRBz3wi/14rI10Iwckt37B1ayJacpELuzFobKYip2FjiL1vNH3tiAFR131z+YBByvNX+uJYEhpsI0xry9zbsSUWUq5/YFpmjezblzYRokfsReYiKJeQBeROSeRC/xFBSnikECSylNI4sw5VIpGXFIxL5xhss+s+3dnb+LFQ+zInOYxkVRydYc/In9Wz6Tu7v07K8bjvE7nQwHenoGtRW590Xu0rJApS+k8Cu16sCO2QFj/aI+gCrhU0ymM0aicr0hFAME6Y7j9HcR6PxYxnXZjI7cfqhO5TG8jot25SPzJcvH3EV5oPKtAkw9XA+8+nAI9czFlUgHnuMJAqw1IGOD3qozwqZ5yn1+kG7FZJRpvaPc5pK2HtqaAKJmnRuVaWcFuNALh86gr7Qn8IEp8Q+YyKmDqrMZ4KLJUMnVqn4y0HVS1eB5nVujaJZUGJWA4q3og0FE/2kH74WEp2ZtuJAoEPcgfZ6Ns7BmmXIZU7qu4kQoQ73b3mn6hCi5xlQ/sClzwHYkRPo4tST64ED/UIRPCYe1byNUWSww== lauren@lagarde.dev"
+        ];
+      };
+    };
+  };
+}

features/openssh-server.nix

@@ -0,0 +1,9 @@
+{ lib, ... }: {
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = lib.mkForce "no";
+      PasswordAuthentication = false;
+    };
+  };
+}

features/systemd-boot.nix

@@ -0,0 +1,4 @@
+{ ... }: {
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+}

features/tui-apps.nix

@@ -0,0 +1,31 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; [
+    # Basic Utilities
+    bc pv killall unzip unrar-wrapper unar units
+
+    # System Monitoring / TUI QoL Tools
+    btop iotop tmux byobu
+
+    # Security / Cryptography
+    (pass.withExtensions (ext: with ext; [ pass-otp pass-update ]))
+    ssss gnupg pwgen qrencode diceware
+
+    # Applications
+    vim_configurable
+
+    # File Management
+    git ffmpeg restic rclone imagemagick
+
+    # File Systems
+    nfs-utils cifs-utils exfatprogs
+
+    # Networking Utilities
+    dig tinc_pre traceroute wireguard-tools iperf3
+
+    # NixOS Helpers
+    nixos-generators nix-index nix-search-cli
+
+    # Hardware Utilities
+    usbutils pciutils
+  ];
+}

features/virtualization/docker.nix

@@ -0,0 +1,11 @@
+{ ... }: {
+  virtualisation.docker.enable = true;
+  virtualisation.containers.enable = true;
+
+  # Enable podman, but don't default to it
+  virtualisation.podman = {
+    enable = true;
+    dockerCompat = false;
+    defaultNetwork.settings.dns_enabled = true;
+  };
+}

features/virtualization/libvirt-guest-uefi.nix

@@ -0,0 +1,6 @@
+{ ... }: {
+  boot.initrd = {
+    kernelModules = [ "virtio_net" "e1000" ];
+    availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+  };
+}