wiiiiips

modules/nixos/system/default.nix

@@ -1,6 +0,0 @@
-{
-  imports = [
-    ./networking
-    ./security
-  ];
-}

modules/nixos/system/networking/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkDefault;
 
-  cfg = config.${namespace}.system.networking;
+  cfg = config.sneeuwvlok.system.networking;
 in 
 {
-  options.${namespace}.system.networking = {};
+  options.sneeuwvlok.system.networking = {};
 
   config = {
     systemd.services.NetworkManager-wait-online.enable = false;

modules/nixos/system/security/boot/default.nix

@@ -1,13 +1,16 @@
-{ config, namespace, inputs, ... }:
-let
-  cfg = config.${namespace}.system.security.boot;
-in
 {
-  options.${namespace}.system.security.boot = {};
+  config,
+  namespace,
+  inputs,
+  ...
+}: let
+  cfg = config.sneeuwvlok.system.security.boot;
+in {
+  options.sneeuwvlok.system.security.boot = {};
 
   config = {
     boot = {
-      kernelModules = [ "tcp_bbr" ];
+      kernelModules = ["tcp_bbr"];
       kernel.sysctl = {
         ## TCP hardening
         # Prevent bogus ICMP errors from filling up logs.
@@ -43,4 +46,4 @@ in
       };
     };
   };
-}
+}

modules/nixos/system/security/default.nix

@@ -1,29 +1,28 @@
-{ config, namespace, inputs, ... }:
-let
-  cfg = config.${namespace}.system.security;
-in
-{
-  imports = [
-    ./boot
-    ./sops
-    ./sudo
-  ];
+{...}: {
+  flake.modules.nixos.sneeuwvlok.system.security = {
+    config,
+    namespace,
+    inputs,
+    ...
+  }: let
+    cfg = config.sneeuwvlok.system.security;
+  in {
+    options.sneeuwvlok.system.security = {};
 
-  options.${namespace}.system.security = {};
+    config = {
+      security = {
+        acme.acceptTerms = true;
+        polkit.enable = true;
 
-  config = {
-    security = {
-      acme.acceptTerms = true;
-      polkit.enable = true;
-
-      pam = {
-        u2f = {
-          enable = true;
-          settings.cue = true;
+        pam = {
+          u2f = {
+            enable = true;
+            settings.cue = true;
+          };
         };
       };
-    };
 
-    programs.gnupg.agent.enable = true;
+      programs.gnupg.agent.enable = true;
+    };
   };
 }

modules/nixos/system/security/sops/default.nix

@@ -1,12 +1,16 @@
-{ pkgs, config, namespace, repoRoot, ... }:
-let
-  cfg = config.${namespace}.system.security.sops;
-in
 {
-  options.${namespace}.system.security.sops = {};
+  pkgs,
+  config,
+  namespace,
+  repoRoot,
+  ...
+}: let
+  cfg = config.sneeuwvlok.system.security.sops;
+in {
+  options.sneeuwvlok.system.security.sops = {};
 
   config = {
-    environment.systemPackages = with pkgs; [ sops ];
+    environment.systemPackages = with pkgs; [sops];
 
     sops = {
       defaultSopsFormat = "yaml";

modules/nixos/system/security/sudo/default.nix

@@ -1,9 +1,9 @@
 { config, namespace, ... }:
 let
-  cfg = config.${namespace}.system.security.sudo;
+  cfg = config.sneeuwvlok.system.security.sudo;
 in
 {
-  options.${namespace}.system.security.sudo = {};
+  options.sneeuwvlok.system.security.sudo = {};
 
   config = {
     security = {