refactor: simplify hosts to share a common configuration.nix

2025-02-05 10:22:46 -03:00
parent 4d9d73c1c4
commit ec9175479e
14 changed files with 818 additions and 1718 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,19 +1,7 @@
 keys:
  - &primary age1sseqwwa7fc0ftry8njyuagdg28fkmtdwmj6m7p3etjsj83suee3shfzjyz
 creation_rules:
-  - path_regex: secrets/battleship-secrets.yaml$
+  - path_regex: secrets/secrets.yaml$
    key_groups:
      - age:
        - *primary
  - path_regex: secrets/battleship-secrets.lesser.json$
    key_groups:
      - age:
        - *primary
  - path_regex: secrets/spacestation-secrets.yaml$
    key_groups:
      - age:
        - *primary
  - path_regex: secrets/spacestation-secrets.lesser.json$
    key_groups:
      - age:
        - *primary
--- a/configuration.nix
+++ b/configuration.nix
@@ -0,0 +1,134 @@
 {
  config,
  lib,
  pkgs,
  ...
 }: {
  imports = [
    ./secrets.nix
  ];
  # Users
  users.users."guz" = {
    useDefaultShell = true;
    isNormalUser = true;
    hashedPasswordFile = builtins.toString config.sops.secrets."guz/password".path;
    extraGroups = ["wheel"];
  };
  # GnuPG keyring
  programs.gnupg.agent = {
    enable = true;
    pinentryPackage = pkgs.pinentry-gtk2;
    settings = {default-cache-ttl = 3600 * 24;};
  };
  services.pcscd.enable = true;
  # Desktops
  ## Hyprland
  programs.hyprland.enable = true;
  programs.hyprland.withUWSM = true;
  programs.hyprlock.enable = true;
  services.displayManager = {
    sddm.enable = true;
    sddm.wayland.enable = true;
  };
  ## XFCE (fallback)
  services.xserver.enable = true;
  services.xserver.desktopManager = {
    xfce.enable = true;
  };
  # Yet another nix cli helper
  programs.nh = {
    enable = true;
    clean.enable = true;
    clean.extraArgs = "--keep-since 7d --keep 3";
    flake = "/home/guz/.projects/dot013-nix";
  };
  # Enable Nix-LD for standalone binaries (useful for development)
  programs.nix-ld.enable = true;
  # Bluetooth
  hardware.bluetooth.enable = true;
  hardware.bluetooth.powerOnBoot = true;
  services.blueman.enable = true;
  # Audio
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
    wireplumber.enable = true;
  };
  security.rtkit.enable = true;
  # Networking
  networking = {
    networkmanager.enable = true;
    nameservers = ["192.168.0.1" "9.9.9.9"];
  };
  # Firewall
  networking.firewall.enable = true;
  networking.firewall.allowedTCPPorts = [80 433];
  # SSH
  services.openssh.enable = true;
  services.openssh.settings = {
    PasswordAuthentication = false;
    PermitRootLogin = "forced-commands-only";
  };
  # Mosh
  programs.mosh.enable = true;
  # Tailscale
  services.tailscale.enable = true;
  # Locale
  time.timeZone = "America/Sao_Paulo";
  i18n.defaultLocale = "en_US.UTF-8";
  i18n.extraLocaleSettings = let
    locale = "pt_BR.UTF-8";
  in {
    LC_ADDRESS = locale;
    LC_IDENTIFICATION = locale;
    LC_MEASUREMENT = locale;
    LC_MONETARY = locale;
    LC_NAME = locale;
    LC_NUMERIC = locale;
    LC_PAPER = locale;
    LC_TELEPHONE = locale;
    LC_TIME = locale;
  };
  # Keyboard
  services.xserver.xkb = {
    layout = "br";
  };
  console.keyMap = "br-abnt2";
  # Bootloader
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  # Nix
  nix.settings = {
    experimental-features = ["nix-command" "flakes"];
  };
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It's perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "24.11"; # Did you read the comment?
 }
--- a/flake.lock
+++ b/flake.lock
--- a/flake.nix
+++ b/flake.nix
@@ -1,88 +1,32 @@
 {
  description = "Nixos config flake";
  inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
    home-manager = {
-      url = "github:nix-community/home-manager/release-24.05";
+      url = "github:nix-community/home-manager/release-24.11";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    stylix = {
      url = "github:danth/stylix/release-24.11";
      inputs.nixpkgs.follows = "nixpkgs";
      inputs.home-manager.follows = "home-manager";
    };
    sops-nix = {
      url = "github:Mic92/sops-nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nix-index-database = {
      url = "github:Mic92/nix-index-database";
      inputs.nixpkgs.follows = "nixpkgs";
    };
-    # Declaratively install flatpaks
+    # Dependecy of the Neovim configuration at ./modules/home-manager/devenv.nix
-    flatpaks = {
+    go-grip = {
-      url = "github:gmodena/nix-flatpak"; # Fork is being used until #24 merges
+      url = "github:guz013/go-grip";
    };
    # flatpaks.url = "github:Tomaszal/nix-flatpak/feature/overrides";
    # Used for theming the OS, see modules/home-manager/theme.nix
    nix-colors = {
      url = "github:misterio77/nix-colors";
    };
    firefox-addons = {
      url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # Necessary for modules/home-manager/programs/tmux.nix
    tmux-plugin-manager = {
      url = "github:tmux-plugins/tpm";
      flake = false;
    };
    rec-sh = {
      url = "github:dot013/rec.sh";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    dot013-environment = {
      # url = "git+file:///home/guz/.projects/dot013-environment";
      url = "git+https://forge.capytal.company/dot013/environment";
    };
    dot013-neovim = {
      # url = "git+file:///home/guz/.projects/dot013-nvim";
      url = "git+https://forge.capytal.company/dot013/nvim";
    };
    dot013-shell = {
      # url = "git+file:///home/guz/.projects/dot013-shell";
      url = "git+https://forge.capytal.company/dot013/nvim";
    };
    nix-minecraft = {
      url = "github:Infinidoge/nix-minecraft";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    hyprland = {
      type = "git";
      url = "https://github.com/hyprwm/Hyprland?ref=v0.41.2";
      rev = "918d8340afd652b011b937d29d5eea0be08467f5";
      submodules = true;
    };
    xdg-desktop-portal-hyprland = {
      url = "github:hyprwm/xdg-desktop-portal-hyprland/v1.3.2";
    };
    /*
    Note to self:
    The last commit with working screen share, as the time of writing this, was
    https://github.com/hyprwm/xdg-desktop-portal-hyprland/commit/6a5de92769d5b7038134044053f90e7458f6a197
    https://github.com/hyprwm/Hyprland/commit/3c964a9fdc220250a85b1c498e5b6fad9390272f
    so if needed, you can always roll-back.
    Fuck discord.
    */
  };
  outputs = {
@@ -92,25 +36,45 @@
    nixpkgs-unstable,
    ...
  } @ inputs: let
-    create-host = configs:
+    systems = [
-      builtins.listToAttrs (map
+      "x86_64-linux"
-        (c: {
+      "aarch64-linux"
-          name = c;
+      "x86_64-darwin"
-          value = nixpkgs.lib.nixosSystem {
+      "aarch64-darwin"
            specialArgs = {inherit inputs;};
            modules = [
              inputs.home-manager.nixosModules.default
              (./. + ("/hosts/" + builtins.replaceStrings ["@"] ["/"] c) + /configuration.nix)
            ];
          };
        })
        configs);
  in {
    nixosConfigurations = create-host [
      "battleship"
      "fighter"
      # "cruiser"
      # "spacestation"
    ];
    forAllSystems = f:
      nixpkgs.lib.genAttrs systems (system: let
        pkgs = import nixpkgs {inherit system;};
      in
        f pkgs);
    # Shared NixOS modules
    nixosModules = [
      inputs.stylix.nixosModules.stylix
      home-manager.nixosModules.home-manager
      ./home.nix
    ];
  in {
    nixosConfigurations = {
      "battleship" = nixpkgs.lib.nixosSystem {
        specialArgs = {inherit inputs self;};
        modules =
          nixosModules
          ++ [
            ./hosts/battleship/configuration.nix
            ./hosts/battleship/home.nix
          ];
      };
      "fighter" = nixpkgs.lib.nixosSystem {
        specialArgs = {inherit inputs self;};
        modules =
          nixosModules
          ++ [
            ./hosts/fighter/configuration.nix
            ./hosts/fighter/home.nix
          ];
      };
    };
  };
 }
--- a/hosts/battleship/configuration.nix
+++ b/hosts/battleship/configuration.nix
@@ -1,195 +1,19 @@
-{
+{lib, ...}: {
  config,
  pkgs,
  inputs,
  lib,
  ...
 }: {
  imports = [
    inputs.dot013-environment.nixosModules.default
    ../../modules/nixos
    ./secrets.nix
    ./gpu-configuration.nix
    ./hardware-configuration.nix
    ./gpu-configuration.nix
    ../../configuration.nix
  ];
-  dot013.environment.enable = true;
+  users.users."guz" = {
  dot013.environment.interception-tools.devices = [
    "/dev/input/by-id/usb-BY_Tech_Gaming_Keyboard-event-kbd"
    "/dev/input/by-id/usb-Compx_2.4G_Wireless_Receiver-event-kbd"
  ]; # dot013.environment.interception-tools.device = "/dev/input/by-id/usb-Compx_2.4G_Wireless_Receiver-event-kbd";
  programs.nh.enable = true;
  programs.nh.flake = "/home/guz/nix";
  profiles.locale.enable = true;
  hardware.opentabletdriver.enable = true;
  # services.xserver.digimend.enable = true;
  services.libinput.enable = true;
  services.udev.extraRules = ''
    KERNEL=="hidraw*", SUBSYSTEM=="hidraw", MODE="0660", GROUP="plugdev"
  '';
  virtualisation.docker.enable = true;
  programs.dconf.enable = true;
  programs.hyprland.enable = true;
  /*
  # TEMPFIX: 2024-05-04 https://github.com/NixOS/nixpkgs/issues/308287#issuecomment-2093091892
  # After the flake update in 2024-05-04, the screen blacked out after switch
  programs.hyprland.envVars.enable = lib.mkForce false;
  */
  services.xserver = {
    enable = true;
  };
  services.displayManager = {
    sddm.enable = true;
    sddm.wayland.enable = true;
  };
  services.xserver.videoDrivers = ["amdgpu"];
  boot.kernelModules = ["amdgpu"];
  environment.variables = {
    ROC_ENABLE_PRE_VEGA = "1";
  };
  hardware.opengl = {
    enable = true;
    extraPackages = with pkgs; [
      libvdpau-va-gl
      rocmPackages.clr.icd
      vaapiVdpau
    ];
  };
  programs.steam.enable = true;
  programs.steam.wayland = true;
  programs.gamemode.enable = true;
  programs.gnupg.agent = {
    enable = true;
    pinentryPackage = pkgs.pinentry-gnome3;
    settings = {
      default-cache-ttl = 3600 * 24;
    };
  };
  services.flatpak.enable = true;
  xdg.portal.enable = true;
  xdg.portal.extraPortals = with pkgs; [
    xdg-desktop-portal-gtk
  ];
  services.tailscale = {
    enable = true;
    tailnetName = "${config.battleship-secrets.tailnet-name}";
  };
  fonts.fontconfig.enable = true;
  fonts.packages = with pkgs; [
    fira-code
    (nerdfonts.override {fonts = ["FiraCode"];})
  ];
  home-manager-helper.enable = true;
  home-manager-helper.users."guz" = {
    name = "guz";
    shell = pkgs.zsh;
    hashedPasswordFile = builtins.toString config.sops.secrets."guz/password".path;
    home = import ./home.nix;
    isNormalUser = true;
    extraGroups = ["wheel" "networkmanager" "plugdev"];
    openssh.authorizedKeys.keyFiles = [
      ../../.ssh/guz-battleship.pub
    ];
  };
-  environment.systemPackages = with pkgs;
+  # Network
    [
      git
      libinput
      polkit_gnome
    ]
    ++ (builtins.map (p: pkgs."${p}") config.battleship-secrets.lesser.packages);
  hardware.bluetooth.enable = true;
  hardware.bluetooth.powerOnBoot = true;
  services.blueman.enable = true;
  # hardware.pulseaudio.enable = true;
  nix.settings = {
    experimental-features = ["nix-command" "flakes"];
    substituters = ["https://hyprland.cachix.org"];
    trusted-public-keys = ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="];
  };
  nix.package = pkgs.nixVersions.nix_2_21;
  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 10d";
  };
  programs.nix-ld.enable = true;
  programs.nix-ld.libraries = with pkgs; [];
  programs.kdeconnect.enable = true;
  networking = {
-    networkmanager.enable = true;
+    hostName = lib.mkForce "figther";
-    hostName = "battleship";
+    wireless.enable = lib.mkForce true;
    wireless.enable = false;
    dhcpcd.enable = true;
    defaultGateway = "${config.battleship-secrets.lesser.devices.defaultGateway}";
    interfaces."enp6s0".ipv4.addresses = [
      {
        address = "${config.battleship-secrets.lesser.devices.battleship}";
        prefixLength = 24;
      }
    ];
    nameservers = ["9.9.9.9"];
    firewall = let
      kde-connect = {
        from = 1714;
        to = 1764;
      };
    in {
      enable = true;
      allowedTCPPortRanges = [kde-connect];
      allowedUDPPortRanges = [kde-connect];
    };
  };
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
    wireplumber.enable = true;
    #jack.enable = true;
  };
  # Enable the OpenSSH daemon.
  services.openssh.enable = true;
  services.openssh.settings = {
    PasswordAuthentication = false;
    PermitRootLogin = "forced-commands-only";
  };
  # Bootloader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "23.11"; # Did you read the comment?
 }
--- a/hosts/battleship/gpu-configuration.nix
+++ b/hosts/battleship/gpu-configuration.nix
@@ -4,26 +4,20 @@
  ...
 }: {
  imports = [];
  options.shared.configuration.gpu = {};
  config = {
    boot.initrd.kernelModules = ["amdgpu"];
    services.xserver.videoDrivers = ["amdgpu"];
-    environment = {
+  services.xserver.videoDrivers = ["amdgpu"];
      variables = {
        ROC_ENABLE_PRE_VEGA = "1";
      };
      systemPackages = with pkgs; [
        clinfo
      ];
    };
-    hardware.opengl = {
+  environment.variables = {
-      enable = true;
+    ROC_ENABLE_PRE_VEGA = "1";
      extraPackages = with pkgs; [
        amdvlk
        rocmPackages.clr.icd
      ];
    };
  };
  boot.kernelModules = ["amdgpu"];
  boot.initrd.kernelModules = ["amdgpu"];
  hardware.opengl.enable = true;
  hardware.opengl.extraPackages = with pkgs; [
    amdvlk
    rocmPackages.clr.icd
    vaapiVdpau
  ];
 }
--- a/hosts/battleship/hardware-configuration.nix
+++ b/hosts/battleship/hardware-configuration.nix
@@ -14,7 +14,7 @@
  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
  boot.initrd.kernelModules = [];
-  boot.kernelModules = ["kvm-amd"];
+  boot.kernelModules = [];
  boot.extraModulePackages = [];
  fileSystems."/" = {
--- a/hosts/battleship/home.nix
+++ b/hosts/battleship/home.nix
@@ -1,32 +1,9 @@
-{...}: {
+{lib, ...}: {
-  imports = [
+  # Host specific overrides of the root home
-    ../../modules/home-manager
+  home-manager.users.guz = {
-    ./packages.nix
+    wayland.windowManager.hyprland.settings = {
-    ./desktop
+      "$MONITOR-1" = lib.mkForce "HDMI-A-1";
-    ../../modules/home-manager/programs-old/librewolf
+      "$MONITOR-2" = lib.mkForce "DVI-D-1";
-  ];
+    };
  profiles.vault.enable = true;
  profiles.gfonts.enable = true;
  programs.bash = {
    enable = true;
    initExtra = ''
      export XDG_DATA_DIRS="$XDG_DATA_DIRS:/usr/share:/var/lib/flatpak/exports/share:$HOME/.local/share/flatpak/exports/share"
      export GPG_TTY=$(tty)
    '';
  };
  services.gnome-keyring.enable = true;
  services.kdeconnect.enable = true;
  programs.prismlauncher.enable = true;
  fonts.fontconfig.enable = true;
  home.sessionVariables = {
    EDITOR = "nvim";
  };
 }
--- a/hosts/fighter/configuration.nix
+++ b/hosts/fighter/configuration.nix
@@ -1,183 +1,37 @@
 {
-  config,
+  lib,
  inputs,
  pkgs,
  ...
 }: {
  imports = [
    inputs.dot013-environment.nixosModules.default
    ../../modules/nixos
    ./hardware-configuration.nix
-    ./secrets.nix
+    ../../configuration.nix
  ];
-  dot013.environment.enable = true;
+  users.users."guz" = {
  dot013.environment.interception-tools.devices = [
    "/dev/input/by-path/platform-i8042-serio-0-event-kbd"
    "/dev/input/by-id/usb-BY_Tech_Gaming_Keyboard-event-kbd"
    "/dev/input/by-id/usb-Compx_2.4G_Wireless_Receiver-event-kbd"
  ];
  programs.nh.enable = true;
  programs.nh.flake = "/home/guz/nix";
  profiles.locale.enable = true;
  virtualisation.docker.enable = true;
  programs.dconf.enable = true;
  programs.hyprland.enable = true;
  programs.hyprland.package = inputs.hyprland.packages.${pkgs.system}.hyprland.override {
    legacyRenderer = true;
  };
  programs.gnupg.agent = {
    enable = true;
    pinentryPackage = pkgs.pinentry-gnome3;
    settings = {
      default-cache-ttl = 3600 * 24;
    };
  };
  services.xserver = {
    enable = true;
    desktopManager.xfce.enable = true;
  };
  services.displayManager = {
    sddm.enable = true;
    sddm.wayland.enable = true;
  };
  hardware.opengl = {
    enable = true;
    extraPackages = with pkgs; [
      # vpl-gpu-rt
      onevpl-intel-gpu
    ];
  };
  services.flatpak.enable = true;
  xdg.portal.enable = true;
  xdg.portal.extraPortals = with pkgs; [
    xdg-desktop-portal-gtk
  ];
  services.tailscale = {
    enable = true;
    tailnetName = "kiko-liberty";
  };
  fonts.fontconfig.enable = true;
  fonts.packages = with pkgs; [
    fira-code
    (nerdfonts.override {fonts = ["FiraCode"];})
  ];
  home-manager-helper.enable = true;
  home-manager-helper.users."guz" = {
    name = "guz";
    shell = pkgs.zsh;
    hashedPasswordFile = builtins.toString config.sops.secrets."guz/password".path;
    home = import ./home.nix;
    isNormalUser = true;
    extraGroups = ["wheel" "networkmanager" "plugdev"];
    openssh.authorizedKeys.keyFiles = [
-      ../../.ssh/guz-figther.pub
+      ../../.ssh/guz-fighter.pub
    ];
  };
-  environment.systemPackages = with pkgs; [
+  # Hyprland compatibility
-    git
+  programs.hyprland.package = lib.mkForce (pkgs.hyprland.override {
-    libinput
+    legacyRenderer = true;
-    polkit_gnome
+  });
  # Enable OpenGL
  hardware.opengl.enable = true;
  hardware.opengl.extraPackages = with pkgs; [
    onevpl-intel-gpu
  ];
-  hardware.bluetooth.enable = true;
+  # Laptop features
-  hardware.bluetooth.powerOnBoot = true;
+  services.logind.lidSwitch = "suspend";
-  services.blueman.enable = true;
+  services.logind.lidSwitchExternalPower = "lock";
  # hardware.pulseaudio.enable = true;
  nix.settings = {
    experimental-features = ["nix-command" "flakes"];
    # substituters = ["https://hyprland.cachix.org"];
    # trusted-public-keys = ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="];
  };
  nix.package = pkgs.nixVersions.nix_2_21;
  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 10d";
  };
  services.logind = {
    lidSwitch = "suspend";
    lidSwitchExternalPower = "lock";
  };
  # Network
  networking = {
-    networkmanager.enable = true;
+    hostName = lib.mkForce "fighter";
-    hostName = "fighter";
+    # wireless.enable = lib.mkForce true;
    wireless.enable = false;
    dhcpcd.enable = true;
    defaultGateway = "${config.battleship-secrets.lesser.devices.defaultGateway}";
    interfaces."wlp2s0".ipv4.addresses = [
      {
        address = "${config.battleship-secrets.lesser.devices.figther-wifi}";
        prefixLength = 24;
      }
    ];
    interfaces."enp1s0".ipv4.addresses = [
      {
        address = "${config.battleship-secrets.lesser.devices.figther}";
        prefixLength = 24;
      }
    ];
    nameservers = ["9.9.9.9"];
  };
  # Enable sound with pipewire.
  sound.enable = true;
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
    # If you want to use JACK applications, uncomment this
    #jack.enable = true;
    # use the example session manager (no others are packaged yet so this is enabled by default,
    # no need to redefine it in your config for now)
    #media-session.enable = true;
  };
  # Bootloader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;
  nixpkgs.config.allowUnfreePredicate = _: true;
  # Enable the OpenSSH daemon.
  services.openssh.enable = true;
  services.openssh.settings = {
    PasswordAuthentication = false;
    PermitRootLogin = "forced-commands-only";
  };
  # Open ports in the firewall.
  networking.firewall.allowedTCPPorts = [80 433];
  # networking.firewall.allowedUDPPorts = [ ... ];
  # Or disable the firewall altogether.
  networking.firewall.enable = true;
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "23.11"; # Did you read the comment?
 }
--- a/hosts/fighter/hardware-configuration.nix
+++ b/hosts/fighter/hardware-configuration.nix
@@ -12,31 +12,32 @@
    (modulesPath + "/installer/scan/not-detected.nix")
  ];
-  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
+  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "sd_mod" "rtsx_pci_sdmmc"];
  boot.initrd.kernelModules = [];
  boot.kernelModules = [];
  boot.extraModulePackages = [];
  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/f1f224e7-bed4-4bcb-9f0b-6619ed0378df";
+    device = "/dev/disk/by-uuid/11b2ea0b-e6bd-4cb3-8146-2f39118a023e";
    fsType = "ext4";
  };
  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/2CF0-2EC0";
+    device = "/dev/disk/by-uuid/2019-5416";
    fsType = "vfat";
    options = ["fmask=0022" "dmask=0022"];
  };
-  swapDevices = [
+  swapDevices = [];
    {device = "/dev/disk/by-uuid/5c00b6ca-8238-4813-939f-43c5f2f168c2";}
  ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.docker0.useDHCP = lib.mkDefault true;
  # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
  # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true;
  # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
--- a/hosts/fighter/home.nix
+++ b/hosts/fighter/home.nix
@@ -1,27 +1,8 @@
-{...}: {
+{lib, ...}: {
-  imports = [
+  # Host specific overrides of the root home
-    ../../modules/home-manager
+  home-manager.users.guz = {
-    ../../modules/home-manager/programs-old/librewolf
+    wayland.windowManager.hyprland.settings = {
-    ./packages.nix
+      "$MONITOR-1" = lib.mkForce "eDP-1";
-    ./desktop.nix
+    };
  ];
  profiles.gfonts.enable = true;
  programs.bash = {
    enable = true;
    initExtra = ''
      export XDG_DATA_DIRS="$XDG_DATA_DIRS:/usr/share:/var/lib/flatpak/exports/share:$HOME/.local/share/flatpak/exports/share"
      export GPG_TTY=$(tty)
    '';
  };
  services.gnome-keyring.enable = true;
  fonts.fontconfig.enable = true;
  home.sessionVariables = {
    EDITOR = "nvim";
  };
 }
--- a/secrets.nix
+++ b/secrets.nix
@@ -0,0 +1,22 @@
 {
  config,
  inputs,
  pkgs,
  ...
 }: {
  imports = [
    inputs.sops-nix.nixosModules.sops
  ];
  environment.systemPackages = with pkgs; [
    sops
  ];
  sops.defaultSopsFile = ./secrets.yaml;
  sops.defaultSopsFormat = "yaml";
  sops.age.keyFile = "/sops/keys.txt";
  sops.secrets."guz/password" = {
    owner = config.users.users.guz.name;
  };
 }
--- a/secrets/battleship-secrets.yaml
+++ b/secrets/battleship-secrets.yaml
--- a/secrets/battleship-secrets.lesser.decrypted.json
+++ b/secrets/battleship-secrets.lesser.decrypted.json
@@ -0,0 +1,18 @@
 {
 	"tailnet-name": "kiko-liberty",
 	"device-ip": "100.79.141.99",
 	"devices": {
 		"defaultGateway": "192.168.0.1",
 		"battleship": "192.168.0.113",
 		"spacestation": "192.168.0.110",
 		"figther": "192.168.0.103",
 		"figther-wifi": "192.168.0.104"
 	},
 	"packages": [
 		"protonvpn-cli_2",
 		"protonvpn-gui",
 		"tor",
 		"tor-browser",
 		"monero-gui"
 	]
 }