From 8978453ef0492c833d42599c758d25f8ed5afde0 Mon Sep 17 00:00:00 2001
From: ene <ene@sils.li>
Date: Fri, 17 Mar 2023 17:42:23 +0100
Subject: Fix(system): Move services to system

---
 hosts/apzu/configuration.nix         |  2 --
 hosts/lahmu/configuration.nix        |  2 --
 hosts/mammun/configuration.nix       |  2 --
 hosts/spawn/configuration.nix        |  3 ---
 hosts/tiamat/configuration.nix       |  2 --
 services/dconf/default.nix           | 10 --------
 services/default.nix                 |  9 -------
 services/nix/default.nix             | 28 ---------------------
 services/openssh/default.nix         | 19 ---------------
 services/printing/default.nix        | 19 ---------------
 services/snapper/default.nix         | 47 ------------------------------------
 system/default.nix                   |  1 +
 system/services/dconf/default.nix    | 10 ++++++++
 system/services/default.nix          |  9 +++++++
 system/services/nix/default.nix      | 28 +++++++++++++++++++++
 system/services/openssh/default.nix  | 19 +++++++++++++++
 system/services/printing/default.nix | 19 +++++++++++++++
 system/services/snapper/default.nix  | 47 ++++++++++++++++++++++++++++++++++++
 18 files changed, 133 insertions(+), 143 deletions(-)
 delete mode 100644 services/dconf/default.nix
 delete mode 100644 services/default.nix
 delete mode 100644 services/nix/default.nix
 delete mode 100644 services/openssh/default.nix
 delete mode 100644 services/printing/default.nix
 delete mode 100644 services/snapper/default.nix
 create mode 100644 system/services/dconf/default.nix
 create mode 100644 system/services/default.nix
 create mode 100644 system/services/nix/default.nix
 create mode 100644 system/services/openssh/default.nix
 create mode 100644 system/services/printing/default.nix
 create mode 100644 system/services/snapper/default.nix

diff --git a/hosts/apzu/configuration.nix b/hosts/apzu/configuration.nix
index 8e78949b..0e71a7ba 100644
--- a/hosts/apzu/configuration.nix
+++ b/hosts/apzu/configuration.nix
@@ -11,8 +11,6 @@
     ./networking.nix
 
     ../../system
-
-    ../../services
   ];
 
   system.stateVersion = "23.05";
diff --git a/hosts/lahmu/configuration.nix b/hosts/lahmu/configuration.nix
index dbf6327c..a3274958 100644
--- a/hosts/lahmu/configuration.nix
+++ b/hosts/lahmu/configuration.nix
@@ -11,8 +11,6 @@
     ./networking.nix
 
     ../../system
-
-    ../../services
   ];
 
   soispha = {
diff --git a/hosts/mammun/configuration.nix b/hosts/mammun/configuration.nix
index 294fc815..0252e8e8 100644
--- a/hosts/mammun/configuration.nix
+++ b/hosts/mammun/configuration.nix
@@ -12,8 +12,6 @@
     ./networking.nix
 
     ../../system
-
-    ../../services
   ];
   soispha = {
     users = {
diff --git a/hosts/spawn/configuration.nix b/hosts/spawn/configuration.nix
index e7739e3d..ff50f404 100644
--- a/hosts/spawn/configuration.nix
+++ b/hosts/spawn/configuration.nix
@@ -5,9 +5,6 @@
     ./networking.nix
 
     ../../system
-
-    # TODO ?
-    ../../services
   ];
 
   system.stateVersion = "23.05";
diff --git a/hosts/tiamat/configuration.nix b/hosts/tiamat/configuration.nix
index 7f68621c..44a89d70 100644
--- a/hosts/tiamat/configuration.nix
+++ b/hosts/tiamat/configuration.nix
@@ -13,8 +13,6 @@
     ../../secrets
 
     ../../system
-
-    ../../services
   ];
 
   system.stateVersion = "23.05";
diff --git a/services/dconf/default.nix b/services/dconf/default.nix
deleted file mode 100644
index db35208e..00000000
--- a/services/dconf/default.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: {
-  # needed to make home-manager play nice with some apps. See:
-  # https://nix-community.github.io/home-manager/index.html#_why_do_i_get_an_error_message_about_literal_ca_desrt_dconf_literal_or_literal_dconf_service_literal
-  programs.dconf.enable = true;
-}
diff --git a/services/default.nix b/services/default.nix
deleted file mode 100644
index 36cf9763..00000000
--- a/services/default.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{config, ...}: {
-  imports = [
-    ./printing
-    ./nix
-    ./snapper
-    ./dconf
-    ./openssh
-  ];
-}
diff --git a/services/nix/default.nix b/services/nix/default.nix
deleted file mode 100644
index 15c3a026..00000000
--- a/services/nix/default.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  nixpkgs,
-  ...
-}: {
-  nix = {
-    # Flakes settings
-    package = pkgs.nixVersions.stable;
-    # this can't be in nix settings because of some "type error". See:
-    # https://discourse.nixos.org/t/flakes-error-error-attribute-outpath-missing/18044
-    registry.nixpkgs.flake = nixpkgs;
-    gc = {
-      automatic = true;
-      dates = "weekly";
-      options = "--delete-older-than 7d";
-    };
-    settings = {
-      auto-optimise-store = true;
-      experimental-features = ["nix-command" "flakes"];
-      fallback = true;
-
-      keep-failed = true; #keep failed tmp build dirs
-      pure-eval = true; # restrict file system and network access to  hash
-    };
-  };
-}
diff --git a/services/openssh/default.nix b/services/openssh/default.nix
deleted file mode 100644
index 5ee48a0c..00000000
--- a/services/openssh/default.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{
-  config,
-  pkg,
-  ...
-}: {
-  services.openssh = {
-    enable = true;
-    hostKeys = [
-      {
-        path = "/srv/sshd/ssh_host_ed25519_key";
-        rounds = 1000;
-        type = "ed25519";
-      }
-    ];
-    settings = {
-      PasswordAuthentication = false;
-    };
-  };
-}
diff --git a/services/printing/default.nix b/services/printing/default.nix
deleted file mode 100644
index 3b193eab..00000000
--- a/services/printing/default.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-# vim: ts=2
-{
-  config,
-  pkgs,
-  ...
-}: {
-  services.printing = {
-    enable = true;
-    webInterface = false; # don't enable the webinterface
-    drivers = with pkgs; [
-      gutenprint
-    ];
-  };
-  hardware.sane = {
-    # TODO this properly won't work like this
-    enable = true;
-    extraBackends = [pkgs.sane-airscan];
-  };
-}
diff --git a/services/snapper/default.nix b/services/snapper/default.nix
deleted file mode 100644
index 547ee3f5..00000000
--- a/services/snapper/default.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-# vim: ts=2
-{config, ...}: {
-  services.snapper = {
-    configs = {
-      srv = {
-        subvolume = "/srv";
-        fstype = "btrfs";
-        extraConfig = ''
-          # users and groups allowed to work with config
-          ALLOW_GROUPS="wheel"
-
-          # sync users and groups from ALLOW_USERS and ALLOW_GROUPS to .snapshots
-          # directory
-          SYNC_ACL="yes"
-
-
-          # run daily number cleanup
-          NUMBER_CLEANUP="no"
-
-          # limit for number cleanup
-          NUMBER_MIN_AGE="1800"
-          NUMBER_LIMIT="50"
-          NUMBER_LIMIT_IMPORTANT="10"
-
-
-          # create hourly snapshots
-          TIMELINE_CREATE="yes"
-
-          # cleanup hourly snapshots after some time
-          TIMELINE_CLEANUP="yes"
-
-          # limits for timeline cleanup
-          TIMELINE_MIN_AGE="1800"
-          TIMELINE_LIMIT_HOURLY="7"
-          TIMELINE_LIMIT_DAILY="3"
-          TIMELINE_LIMIT_WEEKLY="0"
-          TIMELINE_LIMIT_MONTHLY="0"
-          TIMELINE_LIMIT_YEARLY="0"
-
-
-          # cleanup empty pre-post-pairs
-          EMPTY_PRE_POST_CLEANUP="yes"
-        '';
-      };
-    };
-  };
-}
diff --git a/system/default.nix b/system/default.nix
index 85971ba5..13386a6d 100644
--- a/system/default.nix
+++ b/system/default.nix
@@ -10,6 +10,7 @@
     ./users # the position of this item is fully arbitrary
     ./polkit
     ./graphics
+    ./services
   ];
     # TODO does this really remove all the bloatware, nixos installs by default?
     environment = {
diff --git a/system/services/dconf/default.nix b/system/services/dconf/default.nix
new file mode 100644
index 00000000..db35208e
--- /dev/null
+++ b/system/services/dconf/default.nix
@@ -0,0 +1,10 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  # needed to make home-manager play nice with some apps. See:
+  # https://nix-community.github.io/home-manager/index.html#_why_do_i_get_an_error_message_about_literal_ca_desrt_dconf_literal_or_literal_dconf_service_literal
+  programs.dconf.enable = true;
+}
diff --git a/system/services/default.nix b/system/services/default.nix
new file mode 100644
index 00000000..36cf9763
--- /dev/null
+++ b/system/services/default.nix
@@ -0,0 +1,9 @@
+{config, ...}: {
+  imports = [
+    ./printing
+    ./nix
+    ./snapper
+    ./dconf
+    ./openssh
+  ];
+}
diff --git a/system/services/nix/default.nix b/system/services/nix/default.nix
new file mode 100644
index 00000000..15c3a026
--- /dev/null
+++ b/system/services/nix/default.nix
@@ -0,0 +1,28 @@
+{
+  config,
+  lib,
+  pkgs,
+  nixpkgs,
+  ...
+}: {
+  nix = {
+    # Flakes settings
+    package = pkgs.nixVersions.stable;
+    # this can't be in nix settings because of some "type error". See:
+    # https://discourse.nixos.org/t/flakes-error-error-attribute-outpath-missing/18044
+    registry.nixpkgs.flake = nixpkgs;
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 7d";
+    };
+    settings = {
+      auto-optimise-store = true;
+      experimental-features = ["nix-command" "flakes"];
+      fallback = true;
+
+      keep-failed = true; #keep failed tmp build dirs
+      pure-eval = true; # restrict file system and network access to  hash
+    };
+  };
+}
diff --git a/system/services/openssh/default.nix b/system/services/openssh/default.nix
new file mode 100644
index 00000000..5ee48a0c
--- /dev/null
+++ b/system/services/openssh/default.nix
@@ -0,0 +1,19 @@
+{
+  config,
+  pkg,
+  ...
+}: {
+  services.openssh = {
+    enable = true;
+    hostKeys = [
+      {
+        path = "/srv/sshd/ssh_host_ed25519_key";
+        rounds = 1000;
+        type = "ed25519";
+      }
+    ];
+    settings = {
+      PasswordAuthentication = false;
+    };
+  };
+}
diff --git a/system/services/printing/default.nix b/system/services/printing/default.nix
new file mode 100644
index 00000000..3b193eab
--- /dev/null
+++ b/system/services/printing/default.nix
@@ -0,0 +1,19 @@
+# vim: ts=2
+{
+  config,
+  pkgs,
+  ...
+}: {
+  services.printing = {
+    enable = true;
+    webInterface = false; # don't enable the webinterface
+    drivers = with pkgs; [
+      gutenprint
+    ];
+  };
+  hardware.sane = {
+    # TODO this properly won't work like this
+    enable = true;
+    extraBackends = [pkgs.sane-airscan];
+  };
+}
diff --git a/system/services/snapper/default.nix b/system/services/snapper/default.nix
new file mode 100644
index 00000000..547ee3f5
--- /dev/null
+++ b/system/services/snapper/default.nix
@@ -0,0 +1,47 @@
+# vim: ts=2
+{config, ...}: {
+  services.snapper = {
+    configs = {
+      srv = {
+        subvolume = "/srv";
+        fstype = "btrfs";
+        extraConfig = ''
+          # users and groups allowed to work with config
+          ALLOW_GROUPS="wheel"
+
+          # sync users and groups from ALLOW_USERS and ALLOW_GROUPS to .snapshots
+          # directory
+          SYNC_ACL="yes"
+
+
+          # run daily number cleanup
+          NUMBER_CLEANUP="no"
+
+          # limit for number cleanup
+          NUMBER_MIN_AGE="1800"
+          NUMBER_LIMIT="50"
+          NUMBER_LIMIT_IMPORTANT="10"
+
+
+          # create hourly snapshots
+          TIMELINE_CREATE="yes"
+
+          # cleanup hourly snapshots after some time
+          TIMELINE_CLEANUP="yes"
+
+          # limits for timeline cleanup
+          TIMELINE_MIN_AGE="1800"
+          TIMELINE_LIMIT_HOURLY="7"
+          TIMELINE_LIMIT_DAILY="3"
+          TIMELINE_LIMIT_WEEKLY="0"
+          TIMELINE_LIMIT_MONTHLY="0"
+          TIMELINE_LIMIT_YEARLY="0"
+
+
+          # cleanup empty pre-post-pairs
+          EMPTY_PRE_POST_CLEANUP="yes"
+        '';
+      };
+    };
+  };
+}
-- 
cgit 1.4.1