refactor: simplify host setup

hosts/bootstrap/configuration.nix

@@ -4,12 +4,6 @@
   inputs,
   ...
 }: {
-  # Minimal system without desktop or dev tools
-  fireproof.desktop.enable = false;
-  fireproof.dev.enable = false;
-  fireproof.work.enable = false;
-  fireproof.homelab.enable = false;
-
   # Use the nixos installation ISO as base
   imports = [
     "${inputs.nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"

hosts/bootstrap/default.nix

@@ -0,0 +1,9 @@
+{
+  config.fireproof.hostname = "bootstrap";
+  config.fireproof.username = "nickolaj";
+
+  imports = [
+    ./configuration.nix
+    ./disk-configuration.nix
+  ];
+}

hosts/default.nix

@@ -1,21 +1,10 @@
 {
   inputs,
   withSystem,
-  lib,
   ...
-}:
+}: let
-with lib; let
-  mkSystemImports = hostname: let
-    hostDirectory = ./. + ("/" + hostname);
-    nixFiles = filter (file: hasSuffix ".nix" file) (attrNames (builtins.readDir hostDirectory));
-    imports = map (file: ./. + ("/" + hostname + "/" + file)) nixFiles;
-  in {
-    inherit imports;
-  };
-
   mkSystem = {
-    hostname,
+    host,
-    username,
     modules ? [],
     system ? "x86_64-linux",
   }:
@@ -28,7 +17,7 @@ with lib; let
       in
         inputs.nixpkgs.lib.nixosSystem {
           inherit system;
-          specialArgs = {inherit inputs hostname username pkgsUnstable;};
+          specialArgs = {inherit inputs pkgsUnstable;};
           modules =
             [
               inputs.disko.nixosModules.disko
@@ -46,37 +35,17 @@ with lib; let
               ../modules/programs
               ../modules/desktop
               ../modules/homelab
-              (mkSystemImports hostname)
+              host
-              {nixpkgs.config.allowUnfree = true;}
             ]
-            ++ modules
+            ++ modules;
-            ++ (
-              lib.optional (builtins.pathExists ./${hostname}/facter.json)
-              {config.facter.reportPath = ./${hostname}/facter.json;}
-            );
         }
     );
 in {
   config.flake.nixosConfigurations = {
-    laptop = mkSystem {
+    laptop = mkSystem {host = ./laptop;};
-      hostname = "laptop";
+    desktop = mkSystem {host = ./desktop;};
-      username = "nickolaj";
+    work = mkSystem {host = ./work;};
-    };
+    homelab = mkSystem {host = ./homelab;};
-    desktop = mkSystem {
+    bootstrap = mkSystem {host = ./bootstrap;};
-      hostname = "desktop";
-      username = "nickolaj";
-    };
-    work = mkSystem {
-      hostname = "work";
-      username = "nickolaj";
-    };
-    homelab = mkSystem {
-      hostname = "homelab";
-      username = "nickolaj";
-    };
-    bootstrap = mkSystem {
-      hostname = "bootstrap";
-      username = "nickolaj";
-    };
   };
 }

hosts/desktop/configuration.nix

@@ -1,5 +0,0 @@
-{
-  fireproof.desktop.enable = true;
-  fireproof.work.enable = true;
-  fireproof.dev.enable = true;
-}

hosts/desktop/default.nix

@@ -0,0 +1,22 @@
+{
+  config = {
+    fireproof = {
+      hostname = "desktop";
+      username = "nickolaj";
+      desktop.enable = true;
+      work.enable = true;
+      dev.enable = true;
+    };
+
+    facter.reportPath = ./facter.json;
+  };
+
+  imports = [
+    ./boot.nix
+    ./disk-configuration.nix
+    ./monitors.nix
+    ./networking.nix
+    ./nvidia.nix
+    ./ssh.nix
+  ];
+}

hosts/homelab/configuration.nix

@@ -3,9 +3,6 @@
   lib,
   ...
 }: {
-  fireproof.dev.enable = true;
-  fireproof.homelab.enable = true;
-
   boot = {
     # Use grub as bootloader as it works better with mdadm
     loader.grub.enable = true;

hosts/homelab/default.nix

@@ -0,0 +1,17 @@
+{
+  config = {
+    fireproof = {
+      hostname = "homelab";
+      username = "nickolaj";
+      dev.enable = true;
+      homelab.enable = true;
+    };
+    facter.reportPath = ./facter.json;
+  };
+
+  imports = [
+    ./configuration.nix
+    ./disks.nix
+    ./networking.nix
+  ];
+}

hosts/laptop/configuration.nix

@@ -1,7 +1,4 @@
 {pkgs, ...}: {
-  fireproof.desktop.enable = true;
-  fireproof.work.enable = true;
-  fireproof.dev.enable = true;
   # Enable OpenGL
   hardware.graphics = {
     enable = true;

hosts/laptop/default.nix

@@ -0,0 +1,19 @@
+{
+  config = {
+    fireproof = {
+      desktop.enable = true;
+      work.enable = true;
+      dev.enable = true;
+      hostname = "laptop";
+      username = "nickolaj";
+    };
+    facter.reportPath = ./facter.json;
+  };
+
+  imports = [
+    ./configuration.nix
+    ./disk-configuration.nix
+    ./monitors.nix
+    ./ssh.nix
+  ];
+}

hosts/work/configuration.nix

@@ -1,5 +0,0 @@
-{
-  fireproof.desktop.enable = true;
-  fireproof.work.enable = true;
-  fireproof.dev.enable = true;
-}

hosts/work/default.nix

@@ -0,0 +1,21 @@
+{
+  config = {
+    fireproof = {
+      hostname = "work";
+      username = "nickolaj";
+      desktop.enable = true;
+      work.enable = true;
+      dev.enable = true;
+    };
+    facter.reportPath = ./facter.json;
+  };
+
+  imports = [
+    ./bluetooth.nix
+    ./disk-configuration.nix
+    ./monitors.nix
+    ./networking.nix
+    ./nvidia.nix
+    ./ssh.nix
+  ];
+}

modules/base/default.nix

@@ -2,6 +2,7 @@ _: {
   options.fireproof.base = {};
 
   imports = [
+    ./fireproof.nix
     ./defaults.nix
     ./gc.nix
     ./home-manager.nix

modules/base/fireproof.nix

@@ -0,0 +1,12 @@
+{lib, ...}: {
+  options.fireproof = {
+    hostname = lib.mkOption {
+      type = lib.types.str;
+      description = "The hostname of the machine";
+    };
+    username = lib.mkOption {
+      type = lib.types.str;
+      description = "The primary username for the machine";
+    };
+  };
+}

modules/base/home-manager.nix

@@ -1,10 +1,12 @@
 {
   lib,
+  config,
   options,
-  username,
   ...
 }:
-with lib; {
+with lib; let
+  inherit (config.fireproof) username;
+in {
   options.fireproof = {
     home-manager = lib.mkOption {
       type = options.home-manager.users.type.nestedTypes.elemType;

modules/base/nix.nix

@@ -1,9 +1,11 @@
-{username, ...}: {
+{config, ...}: {
+  nixpkgs.config.allowUnfree = true;
+
   nix.settings = {
     trusted-users = [
       "root"
       "@wheel"
-      username
+      config.fireproof.username
     ];
 
     experimental-features = "nix-command flakes";

modules/base/secrets.nix

@@ -1,4 +1,5 @@
-{hostname, ...}: let
+{config, ...}: let
+  inherit (config.fireproof) hostname;
   hostSecrets = ../../secrets/hosts + ("/" + hostname);
   publicKey = builtins.readFile (hostSecrets + "/id_ed25519.pub");
 in {

modules/desktop/dms/theme.nix

@@ -1,9 +1,10 @@
 {
   config,
   lib,
-  username,
   ...
-}: {
+}: let
+  inherit (config.fireproof) username;
+in {
   config = lib.mkIf config.fireproof.desktop.enable {
     fireproof.home-manager = {
       home.file.".config/DankMaterialShell/colors.json".text = builtins.toJSON {

modules/homelab/arr.nix

@@ -1,10 +1,10 @@
 {
   config,
   lib,
-  username,
   ...
 }:
 lib.mkIf config.fireproof.homelab.enable (let
+  inherit (config.fireproof) username;
   user = "media";
   group = "media";
 

modules/homelab/prometheus.nix

@@ -1,10 +1,10 @@
 {
   config,
-  hostname,
   lib,
   ...
 }:
 lib.mkIf config.fireproof.homelab.enable (let
+  inherit (config.fireproof) hostname;
   mkScrapeConfig = name: {
     job_name = name;
     static_configs = [

modules/programs/docker.nix

@@ -1,10 +1,12 @@
 # Enabled when: always
 {
-  username,
+  config,
   pkgs,
   lib,
   ...
-}: {
+}: let
+  inherit (config.fireproof) username;
+in {
   environment.systemPackages = [
     pkgs.docker
     pkgs.docker-compose

modules/programs/fish/default.nix

@@ -1,8 +1,10 @@
 {
-  username,
+  config,
   pkgs,
   ...
-}: {
+}: let
+  inherit (config.fireproof) username;
+in {
   config = {
     programs.fish.enable = true;
     users.users.${username}.shell = pkgs.fish;

modules/programs/k8s.nix

@@ -3,9 +3,10 @@
   config,
   lib,
   pkgs,
-  username,
   ...
-}: {
+}: let
+  inherit (config.fireproof) username;
+in {
   config = lib.mkIf config.fireproof.dev.enable {
     environment.systemPackages = [
       pkgs.kubectl

modules/programs/llm.nix

@@ -1,10 +1,10 @@
 {
   pkgs,
   config,
-  username,
   pkgsUnstable,
   ...
 }: let
+  inherit (config.fireproof) username;
   llmConfig =
     if pkgs.stdenv.isDarwin
     then "Library/Application Support/io.datasette.llm"

modules/programs/spotify.nix

@@ -2,10 +2,11 @@
 {
   config,
   lib,
-  username,
   pkgs,
   ...
-}: {
+}: let
+  inherit (config.fireproof) username;
+in {
   config = lib.mkIf config.fireproof.desktop.enable {
     environment.systemPackages = with pkgs; [
       spotify

modules/system/networking.nix

@@ -1,5 +1,5 @@
-{hostname, ...}: {
+{config, ...}: {
   networking = {
-    hostName = hostname;
+    hostName = config.fireproof.hostname;
   };
 }

modules/system/ssh.nix

@@ -1,11 +1,11 @@
 {
   config,
   pkgs,
-  username,
-  hostname,
   lib,
   ...
 }: let
+  inherit (config.fireproof) username;
+  inherit (config.fireproof) hostname;
   # Load all public keys from ../../secrets/hosts/*/id_ed25519.pub
   allHosts = lib.attrNames (lib.filterAttrs (_: type: type == "directory") (builtins.readDir ../../secrets/hosts));
   publicKeys = map (x: builtins.readFile (../../secrets/hosts + ("/" + x) + "/id_ed25519.pub")) allHosts;

modules/system/user.nix

@@ -1,8 +1,5 @@
-{
+{config, ...}: let
-  username,
+  inherit (config.fireproof) username;
-  config,
-  ...
-}: let
   inherit (config.age) secrets;
 in {
   config = {