Refactor.

2025-07-08 22:26:33 +08:00 · 2025-07-08 22:26:33 +08:00 · 667f337363
commit 667f337363
parent 69088478f0
14 changed files with 173 additions and 164 deletions
--- a/flake.nix
+++ b/flake.nix
@ -6,11 +6,12 @@
    lanzaboote.url = "github:nix-community/lanzaboote"; # Secure boot.
    nixos-hardware.url = "github:NixOS/nixos-hardware"; # Hardware specific config.
    sops-nix.url = "github:Mic92/sops-nix"; # Secrets management.
+    # Secrets repo.
    secrets = {
      url = "git+ssh://git@docker.local:222/fern/secrets?ref=main";
      flake = false;
-    }; # Secrets repo.
-
+    };
+    
    # Updated packages.
    fluffychat2.url = "github:NixOS/nixpkgs?ref=pull/419632/head"; # FluffyChat 2.0.0
    feishin0_17.url = "github:NixOS/nixpkgs?ref=pull/414929/head"; # Feishin 0.17.0
@ -27,97 +28,88 @@
      feishin0_17,
      ...
    }:
+    let
+      mkHost =
+        with nixpkgs.lib;
+        {
+          hostname,
+          suite,
+          platform,
+          user ? "fern",
+          extraModules ? [ ],
+        }:
+        nixosSystem rec {
+          system = platform;
+
+          specialArgs = {
+            inherit user;
+            secrets = builtins.toString inputs.secrets;
+            fluffychat2 = import fluffychat2 { inherit system; };
+            feishin0_17 = import feishin0_17 { inherit system; };
+          };
+
+          modules = [
+            ./suites/common.nix
+            ./suites/${suite}.nix
+            ./hosts/${suite}/${hostname}.nix
+            { networking.hostName = hostname; }
+          ] ++ extraModules;
+        };
+    in
    {
-      # ThinkPad T480
-      nixosConfigurations.muskduck = nixpkgs.lib.nixosSystem rec {
-        system = "x86_64-linux";
-
-        specialArgs = {
-          fluffychat2 = import fluffychat2 { inherit system; };
-          feishin0_17 = import feishin0_17 { inherit system; };
+      nixosConfigurations = {
+        # Laptops.
+        muskduck = mkHost {
+          hostname = "muskduck";
+          suite = "laptop";
+          platform = "x86_64-linux";
+          extraModules = [
+            lanzaboote.nixosModules.lanzaboote
+            nixos-hardware.nixosModules.lenovo-thinkpad-t480
+          ];
        };

-        modules = [
-          { networking.hostName = "muskduck"; }
-
-          lanzaboote.nixosModules.lanzaboote
-          nixos-hardware.nixosModules.lenovo-thinkpad-t480
-
-          ./configuration/common.nix
-          ./configuration/desktop.nix
-          
-          ./hosts/muskduck.nix # Include the results of the hardware scan.
-        ];
-      };
-
-      ### Proxmox Guests ###
-
-      nixosConfigurations.vm-minecraft = nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
-
-        modules = [
-          { networking.hostName = "minecraft"; }
-
-          ./configuration/common.nix
-          
-          ./configuration/server/common.nix
-          ./configuration/server/vm.nix
-          ./configuration/server/docker.nix
-          
-          ./hosts/vm-minecraft.nix # Include the results of the hardware scan.
-        ];
-      };
-
-      nixosConfigurations.vm-docker = nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
-
-        modules = [
-          { networking.hostName = "docker"; }
-
-          ./configuration/common.nix
-          
-          ./configuration/server/common.nix
-          ./configuration/server/vm.nix
-          ./configuration/server/docker.nix
-
-          ./hosts/vm-docker.nix # Include the results of the hardware scan.
-        ];
-      };
-
-      nixosConfigurations.lxc-technitium = nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
-
-        modules = [
-          { networking.hostName = "technitium"; }
-          
-          ./configuration/common.nix
-
-          ./configuration/server/common.nix
-          ./configuration/server/containers/common.nix
-
-          ./configuration/server/containers/technitium.nix
-        ];
-      };
-
-      nixosConfigurations.lxc-firefox-syncserver = nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
-        
-        specialArgs = {
-          secrets = builtins.toString inputs.secrets;
+        # Servers.
+        weebill = mkHost {
+          hostname = "weebill";
+          suite = "server";
+          platform = "aarch64-linux";
+          user = "docker";
+          extraModules = [
+            nixos-hardware.nixosModules.raspberry-pi-4
+          ];
        };

-        modules = [
-          sops-nix.nixosModules.sops
-          
-          { networking.hostName = "firefox-syncserver"; }
-          
-          ./configuration/common.nix
+        # Virtual machines.
+        vm-docker = mkHost {
+          hostname = "docker";
+          suite = "vm";
+          user = "docker";
+          platform = "x86_64-linux";
+        };

-          ./configuration/server/common.nix
-          ./configuration/server/containers/common.nix
+        vm-minecraft = mkHost {
+          hostname = "minecraft";
+          suite = "vm";
+          user = "docker";
+          platform = "x86_64-linux";
+        };

-          ./configuration/server/containers/firefox-syncserver.nix
-        ];
+        # LXC containers.
+        lxc-technitium = mkHost {
+          hostname = "technitium";
+          suite = "lxc";
+          platform = "x86_64-linux";
+        };
+
+        lxc-firefox-syncserver = mkHost {
+          hostname = "firefox-syncserver";
+          suite = "lxc";
+          platform = "x86_64-linux";
+          extraModules = [
+            sops-nix.nixosModules.sops
+          ];
+        };
      };
    };
 }