.just/vars.just

@@ -1,8 +1,8 @@
 set unstable := true
 set quiet := true
 
-machine_base_path := justfile_directory() + "/machines"
+machine_base_path := justfile_directory() + "/../machines"
-secret_base_path := justfile_directory() + "/systems/x86_64-linux"
+secret_base_path := justfile_directory() + "/../systems/x86_64-linux"
 
 _default:
     just --list vars

clan.nix

@@ -65,7 +65,7 @@
   };
 
   inventory.instances = {
-    users-chris = {
+    user-chris = {
       module.name = "users";
       module.input = "clan-core";
 
@@ -81,33 +81,13 @@
         share = true;
       };
     };
+  };
 
-    servarr = {
+  # machines = {
-      module.name = "servarr";
+  #   mandos = {};
-      module.input = "self";
+  #   manwe = {};
-
+  #   orome = {};
-      roles.default.machines.ulmo.settings = {};
+  #   tulkas = {};
-      roles.default.settings = {
+  #   ulmo = {};
-        enable = true;
+  # };
-        services = {
-          sonarr = {
-            rootFolders = [
-              "/var/media/series"
-            ];
-          };
-          radarr = {
-            rootFolders = [
-              "/var/media/movies"
-            ];
-          };
-          lidarr = {
-            rootFolders = [
-              "/var/media/music"
-            ];
-          };
-          prowlarr = {};
-        };
-      };
-    };
-  };
 }

clanServices/caddy/default.nix

@@ -1,23 +0,0 @@
-{...}: {
-  _class = "clan.service";
-  manifest = {
-    name = "arda/caddy";
-    description = ''
-      Configuration of reverse proxy.
-    '';
-    categories = [ "Service", "Media" ];
-    readme = builtins.readFile ./README.md
-  };
-
-  roles.default = {
-    description = '''';
-
-    interface = {...}: {
-      options = {};
-    };
-
-    perInstance = {...}: {
-      nixosModule = {...}: {};
-    };
-  };
-}

clanServices/caddy/flake-module.nix

@@ -1,13 +0,0 @@
-{...}: let
-  module = ./default.nix;
-in {
-  clan.modules.caddy = module;
-
-  # perSystem = {...}: {
-  #   clan.nixosTests.caddy = {
-  #     imports = [];
-
-  #     clan.modules."@arda/caddy" = module;
-  #   };
-  # };
-}

clanServices/flake-module.nix

@@ -1,19 +0,0 @@
-{lib, ...}: {
-  imports =
-    ./.
-    |> builtins.readDir
-    |> lib.attrsToList
-    |> builtins.map ({
-      name,
-      value,
-    }: {
-      type = value;
-      path = ./. + "/${name}/flake-module.nix";
-    })
-    |> builtins.filter ({
-      type,
-      path,
-    }:
-      type == "directory" && (builtins.pathExists path))
-    |> builtins.map ({path, ...}: path);
-}

clanServices/peristance/default.nix

@@ -1,24 +0,0 @@
-{...}: {
-  _class = "clan.service";
-  manifest = {
-    name = "arda/persistance";
-    description = ''
-      Configuration of persistance resrouce(s)
-      (for now this means a database. and specifically it means postgres)
-    '';
-    categories = [ "Service", "Peristance" ];
-    readme = builtins.readFile ./README.md
-  };
-
-  roles.default = {
-    description = '''';
-
-    interface = {...}: {
-      options = {};
-    };
-
-    perInstance = {...}: {
-      nixosModule = {...}: {};
-    };
-  };
-}

clanServices/peristance/flake-module.nix

@@ -1,13 +0,0 @@
-{...}: let
-  module = ./default.nix;
-in {
-  clan.modules.peristance = module;
-
-  # perSystem = {...}: {
-  #   clan.nixosTests.peristance = {
-  #     imports = [];
-
-  #     clan.modules."@arda/peristance" = module;
-  #   };
-  # };
-}

clanServices/servarr/default.nix

@@ -1,121 +0,0 @@
-{lib, ...}: {
-  _class = "clan.service";
-  manifest = {
-    name = "arda/servarr";
-    description = '''';
-    categories = ["Service" "Media"];
-    readme = builtins.readFile ./README.md;
-    # exports.out = [];
-  };
-
-  # exports = {};
-
-  roles.default = {
-    description = '''';
-
-    interface = {lib, ...}: let
-      inherit (lib) mkOption mkEnableOption types;
-    in {
-      options = {
-        enable = mkEnableOption "Enable configured *arr services";
-        services = mkOption {
-          type = types.attrsOf (types.submodule ({name, ...}: {
-            options = {
-              enable = mkEnableOption "Enable ${name}";
-              debug = mkEnableOption "Use tofu plan instead of tofu apply for ${name} ";
-
-              rootFolders = mkOption {
-                type = types.listOf types.str;
-                default = [];
-              };
-            };
-          }));
-          default = {};
-          description = ''
-            Settings foreach *arr service
-          '';
-        };
-      };
-    };
-
-    perInstance = {
-      instanceName,
-      settings,
-      machine,
-      roles,
-      ...
-    }: {
-      nixosModule = args @ {
-        config,
-        lib,
-        pkgs,
-        ...
-      }: let
-        servarr = import ./lib.nix (args // {inherit settings;});
-        services = settings.services |> lib.attrNames;
-        service_count = services |> lib.length;
-      in {
-        imports = [
-          (import ./sabnzbd.nix (args
-            // {
-              inherit settings;
-              port = 2000 + service_count + 1;
-            }))
-          (import ./qbittorrent.nix (args
-            // {
-              inherit settings;
-              port = 2000 + service_count + 2;
-            }))
-          (servarr.createModule settings.services)
-        ];
-
-        config = {
-          clan.core.vars.generators.servarr = rec {
-            dependencies =
-              services ++ ["sabnzbd" "qbittorrent"];
-
-            files."config.tfvars" = {
-              owner = "media";
-              group = "media";
-              mode = "0440";
-              restartUnits = services |> lib.map (s: "${s}.service");
-            };
-
-            script = ''
-              cat << EOL > $out/config.tfvars
-              ${
-                services
-                |> lib.map (s: "${s}_api_key = \"$(cat $in/${s}/api_key)\"")
-                |> lib.join "\n"
-              }
-              qbittorrent_api_key = "$(cat $in/qbittorrent/password)"
-              sabnzbd_api_key = "$(cat $in/sabnzbd/api_key)"
-              EOL
-            '';
-          };
-
-          services = {
-            flaresolverr = {
-              enable = true;
-              openFirewall = true;
-              port = 2000 + service_count + 3;
-            };
-
-            postgresql = {
-              ensureDatabases = services;
-              ensureUsers =
-                services
-                |> lib.map (service: {
-                  name = service;
-                  ensureDBOwnership = true;
-                });
-            };
-          };
-        };
-      };
-    };
-  };
-
-  perMachine = {...}: {
-  };
-}

clanServices/servarr/flake-module.nix

@@ -1,13 +0,0 @@
-{...}: let
-  module = ./default.nix;
-in {
-  clan.modules.servarr = module;
-
-  # perSystem = {...}: {
-  #   clan.nixosTests.servarr = {
-  #     imports = [];
-
-  #     clan.modules."@arda/servarr" = module;
-  #   };
-  # };
-}

clanServices/servarr/lib.nix

@@ -1,317 +0,0 @@
-{
-  self,
-  config,
-  lib,
-  pkgs,
-  settings,
-  ...
-}: let
-  inherit (lib) mkIf;
-
-  createGenerator = {
-    service,
-    service_options,
-    ...
-  }: {
-    files = {
-      api_key = {
-        secret = true;
-        deploy = true;
-        owner = service;
-        group = "media";
-        restartUnits = ["${service}.service"];
-      };
-      "config.env" = {
-        secret = true;
-        deploy = true;
-        owner = service;
-        group = "media";
-        restartUnits = ["${service}.service"];
-      };
-    };
-
-    runtimeInputs = with pkgs; [pwgen];
-    script = ''
-      pwgen -s 128 1 > $out/api_key
-      echo ${lib.toUpper service}__AUTH__APIKEY="$(cat $out/api_key)" > $out/config.env
-    '';
-  };
-
-  createService = {
-    service,
-    service_options,
-    ...
-  }:
-    {
-      enable = true;
-      openFirewall = true;
-
-      environmentFiles = [
-        config.clan.core.vars.generators.${service}.files."config.env".path
-      ];
-
-      settings = {
-        auth.authenticationMethod = "External";
-
-        server = {
-          bindaddress = "0.0.0.0";
-          port = service_options.port;
-        };
-
-        postgres = {
-          host = "localhost";
-          port = "5432";
-          user = service;
-          maindb = service;
-          logdb = service;
-        };
-      };
-    }
-    // (lib.optionalAttrs (lib.elem service ["radarr" "sonarr" "lidarr" "whisparr"]) {
-      user = service;
-      group = "media";
-    });
-
-  createSystemdService = {
-    service,
-    service_options,
-    ...
-  }: let
-    tofu = lib.getExe pkgs.opentofu;
-    terraformConfiguration = self.inputs.terranix.lib.terranixConfiguration {
-      system = pkgs.stdenv.hostPlatform.system;
-      modules = [
-        (createInfra {inherit service service_options;})
-      ];
-    };
-  in {
-    description = "${service} apply infra";
-
-    wantedBy = ["multi-user.target"];
-    wants = ["${service}.service"];
-
-    preStart = ''
-      install -d -m 0770 -o ${service} -g media /var/lib/${service}-apply-infra
-      ${
-        service_options.rootFolders
-        |> lib.map (folder: "install -d -m 0770 -o media -g media ${folder}")
-        |> lib.join "\n"
-      }
-    '';
-
-    script = ''
-      # Sleep for a bit to give the service a chance to start up
-      sleep 5s
-
-      if [ "$(systemctl is-active ${lib.escapeShellArg service})" != "active" ]; then
-        echo "${service} is not running"
-        exit 1
-      fi
-
-      # Print the path to the source for easier debugging
-      echo "config location: ${terraformConfiguration}"
-
-      # Copy infra code into workspace
-      cp -f ${terraformConfiguration} config.tf.json
-
-      # Initialize OpenTofu
-      ${tofu} init
-
-      # Run the infrastructure code
-      ${tofu} \
-      ${
-        if service_options.debug
-        then "plan"
-        else "apply -auto-approve"
-      } \
-      -var-file='${config.clan.core.vars.generators.servarr.files."config.tfvars".path}'
-    '';
-
-    serviceConfig = {
-      Type = "oneshot";
-      User = service;
-      Group = "media";
-
-      WorkingDirectory = "/var/lib/${service}-apply-infra";
-
-      EnvironmentFile = [
-        config.clan.core.vars.generators.${service}.files."config.env".path
-      ];
-    };
-  };
-
-  # Returns a module to be used in a modules list of terranix
-  createInfra = {
-    service,
-    service_options,
-    ...
-  }: terra: let
-    inherit (terra.lib) tfRef;
-  in {
-    variable = {
-      "${service}_api_key" = {
-        type = "string";
-        description = "${service} API key";
-      };
-
-      qbittorrent_api_key = {
-        type = "string";
-        description = "qbittorrent api key";
-      };
-
-      sabnzbd_api_key = {
-        type = "string";
-        description = "sabnzbd api key";
-      };
-    };
-
-    terraform.required_providers.${service} = {
-      source = "devopsarr/${service}";
-      version =
-        {
-          radarr = "2.3.5";
-          sonarr = "3.4.2";
-          prowlarr = "3.2.1";
-          lidarr = "1.13.0";
-          readarr = "2.1.0";
-          whisparr = "1.2.0";
-        }.${
-          service
-        };
-    };
-
-    provider.${service} = {
-      url = "http://[::1]:${toString service_options.port}";
-      api_key = tfRef "var.${service}_api_key";
-    };
-
-    resource =
-      {
-        "${service}_root_folder" = mkIf (lib.elem service ["radarr" "sonarr" "whisparr" "readarr"]) (
-          service_options.rootFolders
-          |> lib.imap (i: f: lib.nameValuePair "local${toString i}" {path = f;})
-          |> lib.listToAttrs
-        );
-
-        "${service}_download_client_qbittorrent" = mkIf (lib.elem service ["radarr" "sonarr" "lidarr" "whisparr"]) {
-          "main" = {
-            name = "qBittorrent";
-            enable = true;
-            priority = 1;
-            host = "localhost";
-            username = "admin";
-            password = tfRef "var.qbittorrent_api_key";
-            url_base = "/";
-            port = config.services.qbittorrent.webuiPort;
-          };
-        };
-
-        "${service}_download_client_sabnzbd" = mkIf (lib.elem service ["radarr" "sonarr" "lidarr" "whisparr"]) {
-          "main" = {
-            name = "SABnzbd";
-            enable = true;
-            priority = 1;
-            host = "localhost";
-            api_key = tfRef "var.sabnzbd_api_key";
-            url_base = "/";
-            port = config.services.sabnzbd.settings.misc.port;
-          };
-        };
-      }
-      // (lib.optionalAttrs (service == "prowlarr") (
-        settings.services
-        |> lib.filterAttrs (s: _: lib.elem s ["radarr" "sonarr" "lidarr" "whisparr"])
-        |> lib.mapAttrsToList (s: {port, ...}: {
-          "prowlarr_application_${s}"."main" = let
-            p = config.services.prowlarr.settings.server.port or 9696;
-          in {
-            name = s;
-            sync_level = "addOnly";
-            base_url = "http://localhost:${toString port}";
-            prowlarr_url = "http://localhost:${toString p}";
-            api_key = tfRef "var.${s}_api_key";
-          };
-        })
-        |> lib.concat [
-          {
-            "prowlarr_indexer" = {
-              "nyaa" = {
-                enable = true;
-
-                app_profile_id = 1;
-                priority = 1;
-
-                name = "Nyaa";
-                implementation = "Cardigann";
-                config_contract = "CardigannSettings";
-                protocol = "torrent";
-
-                fields = [
-                  {
-                    name = "definitionFile";
-                    text_value = "nyaasi";
-                  }
-                  {
-                    name = "baseSettings.limitsUnit";
-                    number_value = 0;
-                  }
-                  {
-                    name = "torrentBaseSettings.preferMagnetUrl";
-                    bool_value = false;
-                  }
-                  {
-                    name = "prefer_magnet_links";
-                    bool_value = true;
-                  }
-                  {
-                    name = "sonarr_compatibility";
-                    bool_value = false;
-                  }
-                  {
-                    name = "strip_s01";
-                    bool_value = false;
-                  }
-                  {
-                    name = "radarr_compatibility";
-                    bool_value = false;
-                  }
-                  {
-                    name = "filter-id";
-                    number_value = 0;
-                  }
-                  {
-                    name = "cat-id";
-                    number_value = 0;
-                  }
-                  {
-                    name = "sort";
-                    number_value = 0;
-                  }
-                  {
-                    name = "type";
-                    number_value = 1;
-                  }
-                ];
-              };
-            };
-          }
-        ]
-        |> lib.mkMerge
-      ));
-  };
-in {
-  createModule = services: {...}: {
-    config =
-      services
-      |> lib.attrsToList
-      |> lib.imap1 (i: service: o: let
-        service_options = o // {port = 2000 + i;};
-      in {
-        clan.core.vars.generators.${service} = createGenerator {inherit service service_options;};
-        services.${service} = createService {inherit service service_options;};
-
-        systemd.services."${service}-apply-infra" = lib.mkIf settings.enable (createSystemdService {inherit service service_options;});
-      })
-      |> lib.mkMerge;
-  };
-}

clanServices/servarr/qbittorrent.nix

@@ -1,96 +0,0 @@
-{
-  config,
-  pkgs,
-  lib,
-  settings,
-  port,
-  ...
-}: {
-  clan.core.vars.generators.qbittorrent = let
-    hash_password = pkgs.writers.writePython3 "hashPassword" {} ''
-      import base64
-      import hashlib
-      import sys
-      import uuid
-
-      password = sys.argv[1]
-      salt = uuid.uuid4()
-      salt_bytes = salt.bytes
-
-      password = str.encode(password)
-      hashed_password = hashlib.pbkdf2_hmac(
-          "sha512",
-          password,
-          salt_bytes,
-          100000,
-          dklen=64
-      )
-      b64_salt = base64.b64encode(salt_bytes).decode("utf-8")
-      b64_password = base64.b64encode(hashed_password).decode("utf-8")
-      password_string = "@ByteArray({salt}:{password})".format(
-          salt=b64_salt, password=b64_password
-      )
-      print(password_string)
-    '';
-  in {
-    files = {
-      "password" = {
-        secret = true;
-        deploy = true;
-      };
-      "password_hash" = {
-        secret = true;
-        deploy = true;
-      };
-      "qBittorrent.conf" = {
-        secret = true;
-        deploy = true;
-        owner = "qbittorrent";
-        group = "media";
-        mode = "0660";
-        restartUnits = ["qbittorrent.service"];
-      };
-    };
-
-    runtimeInputs = with pkgs; [pwgen hash_password];
-
-    script = ''
-      pwgen -s 128 1 > $out/password
-
-      ${hash_password} $(cat $out/password) > $out/password_hash
-
-      cat << EOF > $out/qBittorrent.conf
-      [LegalNotice]
-      Accepted=true
-
-      [Preferences]
-      WebUI\AlternativeUIEnabled=true
-      WebUI\RootFolder=${pkgs.vuetorrent}/share/vuetorrent
-      WebUI\Username=admin
-      WebUI\Password_PBKDF2=$(cat $out/password_hash)
-      EOF
-    '';
-  };
-
-  system.activationScripts.qbittorrent-config = {
-    deps = lib.optional (!config.sops.useSystemdActivation) "setupSecrets";
-    # TODO: If sops-nix is switched to systemd activation, add a systemd unit
-    # for this install step that runs after sops-install-secrets.service,
-    # because this activation-script dependency only orders against setupSecrets.
-    text = ''
-      install -Dm0600 -o ${config.services.qbittorrent.user} -g ${config.services.qbittorrent.group} \
-        ${config.clan.core.vars.generators.qbittorrent.files."qBittorrent.conf".path} \
-        ${config.services.qbittorrent.profileDir}/qBittorrent/config/qBittorrent.conf
-    '';
-  };
-
-  services.qbittorrent = {
-    enable = true;
-    openFirewall = true;
-    webuiPort = port;
-    serverConfig = lib.mkForce {};
-
-    user = "qbittorrent";
-    group = "media";
-  };
-}

clanServices/servarr/sabnzbd.nix

@@ -1,95 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  settings,
-  port,
-  ...
-}: {
-  clan.core.vars.generators.sabnzbd = {
-    files = {
-      "api_key" = {
-        secret = true;
-        deploy = true;
-      };
-      "nzb_key" = {
-        secret = true;
-        deploy = true;
-      };
-      "config.ini" = {
-        secret = true;
-        deploy = true;
-        owner = "sabnzbd";
-        group = "media";
-        mode = "0660";
-      };
-    };
-
-    prompts = {
-      username = {
-        description = "usenet username";
-        type = "hidden";
-        persist = true;
-      };
-      password = {
-        description = "usenet password";
-        type = "hidden";
-        persist = true;
-      };
-    };
-
-    runtimeInputs = with pkgs; [pwgen];
-
-    script = ''
-      pwgen -s 128 1 > $out/api_key
-      pwgen -s 128 1 > $out/nzb_key
-
-      cat << EOF > $out/config.ini
-      [misc]
-      api_key = $(cat $out/api_key)
-      nzb_key = $(cat $out/nzb_key)
-
-      [servers]
-      [[news.sunnyusenet.com]]
-      username = $(cat $prompts/username)
-      password = $(cat $prompts/password)
-      EOF
-    '';
-  };
-
-  services.sabnzbd = {
-    enable = true;
-    openFirewall = true;
-
-    allowConfigWrite = false;
-    configFile = lib.mkForce null;
-
-    secretFiles = [
-      config.clan.core.vars.generators.sabnzbd.files."config.ini".path
-    ];
-
-    settings = {
-      misc = {
-        host = "0.0.0.0";
-        port = port;
-        host_whitelist = "${config.networking.hostName}";
-
-        download_dir = "/var/media/downloads/incomplete";
-        complete_dir = "/var/media/downloads/done";
-      };
-
-      servers = {
-        "news.sunnyusenet.com" = {
-          name = "news.sunnyusenet.com";
-          displayname = "news.sunnyusenet.com";
-          host = "news.sunnyusenet.com";
-          port = 563;
-          timeout = 60;
-        };
-      };
-    };
-
-    user = "sabnzbd";
-    group = "media";
-  };
-}

flake.lock

@@ -351,6 +351,27 @@
         "type": "github"
       }
     },
+    "flake-parts_5": {
+      "inputs": {
+        "nixpkgs-lib": [
+          "terranix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1736143030,
+        "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
+        "owner": "hercules-ci",
+        "repo": "flake-parts",
+        "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
+        "type": "github"
+      },
+      "original": {
+        "owner": "hercules-ci",
+        "repo": "flake-parts",
+        "type": "github"
+      }
+    },
     "flux": {
       "inputs": {
         "mcman": "mcman",
@@ -1070,9 +1091,7 @@
     },
     "terranix": {
       "inputs": {
-        "flake-parts": [
+        "flake-parts": "flake-parts_5",
-          "flake-parts"
-        ],
         "nixpkgs": [
           "nixpkgs"
         ],

flake.nix

@@ -27,12 +27,6 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
-    terranix = {
-      url = "github:terranix/terranix";
-      inputs.nixpkgs.follows = "nixpkgs";
-      inputs.flake-parts.follows = "flake-parts";
-    };
-
     clan-core = {
       url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz";
       inputs = {
@@ -89,6 +83,11 @@
       url = "github:vinceliuice/grub2-themes";
     };
 
+    terranix = {
+      url = "github:terranix/terranix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     mydia = {
       url = "github:chris-kruining/mydia";
       # url = "github:getmydia/mydia";
@@ -109,8 +108,8 @@
         flake-parts.flakeModules.modules
         clan-core.flakeModules.default
         home-manager.flakeModules.default
+        terranix.flakeModule
         ./packages/flake-module.nix
-        ./clanServices/flake-module.nix
       ];
 
       perSystem = {system, ...}: {

machines/mandos/configuration.nix

@@ -1,15 +1,8 @@
-{self, ...}: {
+{ ... }:
+{
   imports = [
     ./disks.nix
     ./hardware.nix
-    self.inputs.home-manager.nixosModules.home-manager
-    self.inputs.himmelblau.nixosModules.himmelblau
-    self.inputs.jovian.nixosModules.default
-    self.inputs.mydia.nixosModules.default
-    self.inputs.nix-minecraft.nixosModules.minecraft-servers
-    self.inputs.nvf.nixosModules.default
-    self.inputs.sops-nix.nixosModules.sops
-    (self.inputs.import-tree ../../modules/nixos)
   ];
 
   nixpkgs.hostPlatform = "x86_64-linux";

machines/manwe/configuration.nix

@@ -1,51 +1,16 @@
-{
+{ pkgs, ...}: {
-  self,
-  lib,
-  pkgs,
-  ...
-}: {
-  _module.args = {
-    pkgs = lib.mkForce (import self.inputs.nixpkgs {
-      system = "x86_64-linux";
-
-      overlays = with self.inputs; [
-        fenix.overlays.default
-        nix-minecraft.overlay
-        flux.overlays.default
-      ];
-
-      config = {
-        allowUnfree = true;
-
-        permittedInsecurePackages = [
-          # I think this is because of zen
-          "qtwebengine-5.15.19"
-
-          # For mautrix-signal, the matrix to signal bridge
-          "olm-3.2.16"
-        ];
-      };
-    });
-  };
-
   imports = [
     ./disks.nix
     ./hardware.nix
-    self.inputs.home-manager.nixosModules.home-manager
-    self.inputs.himmelblau.nixosModules.himmelblau
-    self.inputs.jovian.nixosModules.default
-    self.inputs.mydia.nixosModules.default
-    self.inputs.nix-minecraft.nixosModules.minecraft-servers
-    self.inputs.nvf.nixosModules.default
-    self.inputs.sops-nix.nixosModules.sops
-    (self.inputs.import-tree ../../modules/nixos)
   ];
 
+  nixpkgs.hostPlatform = "x86_64-linux";
+
   system.activationScripts.remove-gtkrc.text = "rm -f /home/chris/.gtkrc-2.0";
 
   services.logrotate.checkConfig = false;
 
-  environment.systemPackages = with pkgs; [beyond-all-reason openrct2];
+  environment.systemPackages = with pkgs; [ beyond-all-reason openrct2 ];
 
   sneeuwvlok = {
     hardware.has = {

machines/manwe/hardware.nix

@@ -1,18 +1,18 @@
-{
+{ config, lib, pkgs, modulesPath, ... }:
-  config,
+let
-  lib,
-  ...
-}: let
   inherit (lib.modules) mkDefault;
-in {
+in
+{
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+
   boot = {
-    initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
+    initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
-    initrd.kernelModules = [];
+    initrd.kernelModules = [ ];
-    kernelModules = ["kvm-amd"];
+    kernelModules = [ "kvm-amd" ];
     kernelParams = [];
-    extraModulePackages = [];
+    extraModulePackages = [ ];
   };
 
-  nixpkgs.hostPlatform = "x86_64-linux";
+  nixpkgs.hostPlatform = mkDefault pkgs.stdenv.hostPlatform.system;
   hardware.cpu.amd.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
 }

machines/orome/configuration.nix

@@ -1,19 +1,7 @@
-{
+{pkgs, ...}: {
-  self,
-  pkgs,
-  ...
-}: {
   imports = [
     ./disks.nix
     ./hardware.nix
-    self.inputs.home-manager.nixosModules.home-manager
-    self.inputs.himmelblau.nixosModules.himmelblau
-    self.inputs.jovian.nixosModules.default
-    self.inputs.mydia.nixosModules.default
-    self.inputs.nix-minecraft.nixosModules.minecraft-servers
-    self.inputs.nvf.nixosModules.default
-    self.inputs.sops-nix.nixosModules.sops
-    (self.inputs.import-tree ../../modules/nixos)
   ];
 
   nixpkgs.hostPlatform = "x86_64-linux";

machines/tulkas/configuration.nix

@@ -1,15 +1,8 @@
-{self, ...}: {
+{ ... }:
+{
   imports = [
     ./disks.nix
     ./hardware.nix
-    self.inputs.home-manager.nixosModules.home-manager
-    self.inputs.himmelblau.nixosModules.himmelblau
-    self.inputs.jovian.nixosModules.default
-    self.inputs.mydia.nixosModules.default
-    self.inputs.nix-minecraft.nixosModules.minecraft-servers
-    self.inputs.nvf.nixosModules.default
-    self.inputs.sops-nix.nixosModules.sops
-    (self.inputs.import-tree ../../modules/nixos)
   ];
 
   nixpkgs.hostPlatform = "x86_64-linux";

machines/ulmo/configuration.nix

@@ -223,39 +223,39 @@
       media.mydia.enable = true;
       media.nfs.enable = true;
       media.jellyfin.enable = true;
-      # media.servarr = {
+      media.servarr = {
-      #   radarr = {
+        radarr = {
-      #     enable = true;
+          enable = true;
-      #     port = 2001;
+          port = 2001;
-      #     rootFolders = [
+          rootFolders = [
-      #       "/var/media/movies"
+            "/var/media/movies"
-      #     ];
+          ];
-      #   };
+        };
 
-      #   sonarr = {
+        sonarr = {
-      #     enable = true;
+          enable = true;
-      #     # debug = true;
-      #     port = 2002;
-      #     rootFolders = [
-      #       "/var/media/series"
-      #     ];
-      #   };
-
-      #   lidarr = {
-      #     enable = true;
           # debug = true;
-      #     port = 2003;
+          port = 2002;
-      #     rootFolders = [
+          rootFolders = [
-      #       "/var/media/music"
+            "/var/media/series"
-      #     ];
+          ];
-      #   };
+        };
 
-      #   prowlarr = {
+        lidarr = {
-      #     enable = true;
+          enable = true;
-      #     # debug = true;
+          debug = true;
-      #     port = 2004;
+          port = 2003;
-      #   };
+          rootFolders = [
-      # };
+            "/var/media/music"
+          ];
+        };
+
+        prowlarr = {
+          enable = true;
+          # debug = true;
+          port = 2004;
+        };
+      };
 
       observability = {
         grafana.enable = true;

modules/home/application/default.nix

@@ -0,0 +1,17 @@
+{
+  imports = [
+    ./bitwarden
+    ./chrome
+    ./discord
+    ./ladybird
+    ./matrix
+    ./obs
+    ./onlyoffice
+    ./signal
+    ./steam
+    ./studio
+    ./teamspeak
+    ./thunderbird
+    ./zen
+  ];
+}

modules/home/default.nix

@@ -9,6 +9,18 @@
 
   cfg = config.sneeuwvlok.defaults;
 in {
+  imports = [
+    ./application
+    ./desktop
+    ./development
+    ./editor
+    ./game
+    ./home-manager
+    ./shell
+    ./terminal
+    ./themes
+  ];
+
   options.sneeuwvlok.defaults = {
     editor = mkOption {
       type = enum ["nano" "nvim" "zed"];

modules/home/desktop/default.nix

@@ -0,0 +1,5 @@
+{
+  imports = [
+    ./plasma
+  ];
+}

modules/home/development/default.nix

@@ -0,0 +1,7 @@
+{
+  imports = [
+    ./dotnet
+    ./javascript
+    ./rust
+  ];
+}

modules/home/editor/default.nix

@@ -0,0 +1,7 @@
+{
+  imports = [
+    ./nano
+    ./nvim
+    ./zed
+  ];
+}

modules/home/game/default.nix

@@ -0,0 +1,5 @@
+{
+  imports = [
+    ./minecraft
+  ];
+}

modules/home/shell/default.nix

@@ -8,6 +8,11 @@
 
   cfg = config.sneeuwvlok.shell;
 in {
+  imports = [
+    ./toolset
+    ./zsh
+  ];
+
   options.sneeuwvlok.shell = {
     corePkgs.enable = mkEnableOption "core shell packages";
   };

modules/home/shell/toolset/default.nix

@@ -0,0 +1,16 @@
+{
+  imports = [
+    ./bat
+    ./btop
+    ./eza
+    ./fzf
+    ./git
+    ./gnugpg
+    ./just
+    ./starship
+    ./tmux
+    ./yazi
+    ./zellij
+    ./zoxide
+  ];
+}

modules/home/terminal/default.nix

@@ -0,0 +1,6 @@
+{
+  imports = [
+    ./alacritty
+    ./ghostty
+  ];
+}

modules/nixos/services/media/servarr/lib.nix

@@ -0,0 +1,2 @@
+{lib, ...}: {
+}

modules/nixos/services/networking/wireguard/default.nix

@@ -11,7 +11,7 @@
   hasPeers = (cfg.peer |> attrNames |> length) > 0;
 in {
   options.sneeuwvlok.services.networking.wireguard = {
-    enable = mkEnableOption "enable wireguard" // {default = true;};
+    # enable = mkEnableOption "enable wireguard" // {default = true;};
 
     peer = mkOption {
       type = types.attrsOf (types.submodule {
@@ -32,7 +32,7 @@ in {
     };
   };
 
-  config = mkIf (cfg.enable && hasPeers) {
+  config = mkIf hasPeers {
     # networking.firewall.allowedUDPPorts = cfg.peer |> lib.attrValues |> lib.map (p: p.port);
     # networking.wq-quick = {
     #   # enable = cfg.enable;