Modularized configuration now kind of works. (still need to do some refactoring)

2019-03-20 02:57:59 +01:00 · 2019-03-20 02:57:59 +01:00 · 14332b2c7b
commit 14332b2c7b
parent a0f361425a
24 changed files with 144 additions and 85 deletions
--- a/config/default.nix
+++ b/config/default.nix
@ -3,10 +3,12 @@
 {
  imports = [
    ./etc.nix
+    ./fonts.nix
    ./locale.nix
    ./networking.nix
    ./nix.nix
+    ./security.nix
    ./users.nix
    ./zsh.nix
-    ] ++ (if (config.machine.hostName != "Ophanim") then [./fonts.nix] else [./security.nix]);
+    ];
 }
--- a/config/etc.nix
+++ b/config/etc.nix
@ -1,7 +1,9 @@
 { config, lib, pkgs, ... }:

+with lib;
+
 {
-  environment.etc = {
+  environment.etc = mkIf (elem "etcfiles" config.machine.conffiles) {
    "i3/config".source = ./etc/i3/config;
    "i3/py3status".source = ./etc/i3/py3status;
    "mpv/input.conf".source = ./etc/mpv/input.conf;
@ -9,7 +11,7 @@
    "youtube-dl.conf".source = ./etc/youtube-dl.conf;
  };

-  environment.variables = {
+  environment.variables = mkIf (elem "etcvars" config.machine.conffiles) {
    EDITOR="emacsclient -ca nano";
    NIXPKGS_ALLOW_UNFREE="1";
    WINEDLLOVERRIDES="winemenubuilder.exe=d";
--- a/config/fonts.nix
+++ b/config/fonts.nix
@ -1,6 +1,8 @@
-{ pkgs, config, ... }:
+{ pkgs, lib, config, ... }:

-{
+with lib;
+
+mkIf (elem "fonts" config.machine.conffiles) {
  fonts = {
    enableFontDir = true;
    enableGhostscriptFonts = true;
--- a/config/networking.nix
+++ b/config/networking.nix
@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:

 let
- firewallcfg = config.machine.networking.firewall;
+ firewallcfg = config.machine.firewall;
 in {
  networking = {
    hostName = config.machine.hostName;
--- a/config/nix.nix
+++ b/config/nix.nix
@ -9,9 +9,9 @@
    extraOptions = ''
      build-timeout = 86400  # 24 hours
    '';
-    sshServe.enable = true;
-    sshServe.keys = ( if config.networking.hostName == "Ophanim" then [ (builtins.replaceStrings ["\n"] [""] (builtins.readFile /secret/nix-ssh.pub)) ] else []);
-    binaryCachePublicKeys = [ (builtins.replaceStrings ["\n"] [""] (builtins.readFile /secret/hydra_cache.pub)) ];
+    sshServe.enable = if config.services.hydra.enable then true else false;
+    sshServe.keys = if config.services.hydra.enable then [ (builtins.readFile /secret/nix-ssh.pub) ] else [];
+    binaryCachePublicKeys = if config.services.hydra.enable then [ (builtins.readFile /secret/hydra_cache.pub) ] else [];
    trustedBinaryCaches = [
      "https://cache.nixos.org"
      "https://cache.ophanim.de"
--- a/config/security.nix
+++ b/config/security.nix
@ -1,6 +1,8 @@
 { config, lib, pkgs, ... }:

-{
+with lib;
+
+mkIf (elem "security" config.machine.conffiles) {
  security = {
    audit.enable = true;
    auditd.enable = true;
--- a/config/zsh.nix
+++ b/config/zsh.nix
@ -1,6 +1,8 @@
 { config, lib, pkgs, ... }:

-{
+with lib;
+
+mkIf (elem "zsh" config.machine.conffiles) {
  programs.zsh = {
    enable = true;
    autosuggestions.enable = true;