chore: continued refactor

flake.nix

@@ -76,11 +76,11 @@
                 ./nixos/modules/nixos
                 ./nixos/hosts/${hostname}
               ]
-            , extraModules ? [ ]
+            , profileModules ? [ ]
             }:
             nixpkgs.lib.nixosSystem {
               inherit system;
-              modules = baseModules ++ hardwareModules ++ extraModules;
+              modules = baseModules ++ hardwareModules ++ profileModules;
               specialArgs = { inherit self inputs nixpkgs; };
             };
         in
@@ -93,6 +93,10 @@
               ./nixos/profiles/hw-thinkpad-e14-amd.nix
               inputs.nixos-hardware.nixosModules.lenovo-thinkpad-e14-amd
             ];
+            profileModules = [
+              ./nixos/profiles/role-worstation.nix
+
+            ];
           };
 
           "citadel" = mkNixosConfig {

nixos/modules/nixos/system/nix.nix

@@ -0,0 +1,81 @@
+{ lib
+, config
+, self
+, ...
+}:
+with lib;
+let
+  cfg = config.mySystem.nix;
+in
+{
+  options.mySystem.nix = {
+    autoOptimiseStore = mkOption
+      {
+        type = lib.types.bool;
+        description = "If we want to auto optimise store";
+        default = true;
+
+      };
+    gc = {
+      enabled = mkEnableOption "automatic garbage collection" // {
+        default = true;
+      };
+      persistent = mkOption
+        {
+          type = lib.types.bool;
+          description = "Persistent timer for gc, runs at startup if timer missed";
+          default = true;
+
+        };
+    };
+
+  };
+
+  nix = {
+    settings = {
+      # Enable flakes
+      experimental-features = [
+        "nix-command"
+        "flakes"
+      ];
+
+      # Substitutions
+      trusted-substituters = [
+        "https://nix-community.cachix.org"
+        "https://numtide.cachix.org"
+      ];
+
+      trusted-public-keys = [
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+        "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
+      ];
+
+      # Fallback quickly if substituters are not available.
+      connect-timeout = 5;
+      # Avoid copying unnecessary stuff over SSH
+      builders-use-substitutes = true;
+
+
+      trusted-users = [ "root" "@wheel" ];
+
+      warn-dirty = false;
+
+      # The default at 10 is rarely enough.
+      log-lines = lib.mkDefault 25;
+
+    };
+
+    optimise.automatic = cfg.autoOptimiseStore;
+
+    # automatically garbage collect nix store
+    gc = mkIf cfg.gc.enabled {
+      # garbage collection
+      automatic = cfg.gc.enabled;
+      options = "--delete-older-than 30d";
+      persistent = cfg.gc.persistent;
+    };
+
+  };
+
+
+}

nixos/profiles/global.nix

@@ -2,10 +2,18 @@
 
 with lib;
 {
+  # NOTE
+  # Some 'global' areas have defaults set in their respective modules.
+  # These will be applied when the modules are loaded
+  # Not the global role.
+  # Not sure at this point a good way to manage globals in one place
+  # without mono-repo config.
+
   # Generated by nixos-config-generate
   imports =
     [
       (modulesPath + "/installer/scan/not-detected.nix")
+      ./global/nix.nix
     ];
 
   mySystem = {
@@ -20,52 +28,6 @@ with lib;
   };
 
   # TODO refactor this shit out wow
-  nix = {
-    settings = {
-      trusted-substituters = [
-        "https://nix-community.cachix.org"
-        "https://numtide.cachix.org"
-      ];
-
-      trusted-public-keys = [
-        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
-        "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
-      ];
-
-      trusted-users = [ "root" "@wheel" ];
-
-      # hardlink duplicates of builds
-      auto-optimise-store = lib.mkDefault true;
-
-
-
-      # Fallback quickly if substituters are not available.
-      connect-timeout = 5;
-
-      # Enable flakes
-      experimental-features = [
-        "nix-command"
-        "flakes"
-      ];
-
-      warn-dirty = false;
-
-      # The default at 10 is rarely enough.
-      log-lines = lib.mkDefault 25;
-
-      # Avoid copying unnecessary stuff over SSH
-      builders-use-substitutes = true;
-    };
-
-    # automatically garbage collect nix store
-    gc = {
-      # garbage collection
-      automatic = true;
-      options = "--delete-older-than 30d";
-      persistent = true;
-    };
-
-  };
 
   # SOPS settings
   # https://github.com/Mic92/sops-nix

nixos/profiles/global/nix.nix

@@ -0,0 +1,84 @@
+{ lib, ... }:
+{
+  nix = {
+    nix = {
+      settings = {
+        # Enable flakes
+        experimental-features = [
+          "nix-command"
+          "flakes"
+        ];
+
+        # Substitutions
+        trusted-substituters = [
+          "https://nix-community.cachix.org"
+          "https://numtide.cachix.org"
+        ];
+
+        trusted-public-keys = [
+          "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+          "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
+        ];
+
+        # Fallback quickly if substituters are not available.
+        connect-timeout = 5;
+        # Avoid copying unnecessary stuff over SSH
+        builders-use-substitutes = true;
+
+
+        trusted-users = [ "root" "@wheel" ];
+
+        warn-dirty = false;
+
+        # The default at 10 is rarely enough.
+        log-lines = lib.mkDefault 25;
+
+      };
+
+    };
+
+    settings = {
+      # Enable flakes
+      experimental-features = [
+        "nix-command"
+        "flakes"
+      ];
+
+      # Substitutions
+      trusted-substituters = [
+        "https://nix-community.cachix.org"
+        "https://numtide.cachix.org"
+      ];
+
+      trusted-public-keys = [
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+        "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
+      ];
+
+      # Fallback quickly if substituters are not available.
+      connect-timeout = 5;
+      # Avoid copying unnecessary stuff over SSH
+      builders-use-substitutes = true;
+
+
+      trusted-users = [ "root" "@wheel" ];
+
+      warn-dirty = false;
+
+      # The default at 10 is rarely enough.
+      log-lines = lib.mkDefault 25;
+
+    };
+
+    optimise.automatic = cfg.autoOptimiseStore;
+
+    # automatically garbage collect nix store
+    gc = mkIf cfg.gc.enabled {
+      # garbage collection
+      automatic = cfg.gc.enabled;
+      options = "--delete-older-than 30d";
+      persistent = cfg.gc.persistent;
+    };
+
+  };
+}

nixos/profiles/hw-thinkpad-e14-amd.nix

@@ -11,10 +11,13 @@ with lib;
     loader = {
       systemd-boot.enable = true;
       efi.canTouchEfiVariables = true;
+      # why not ensure we can memtest workstatons easily?
+      grub.memtest86.enable = true;
+
     };
   };
 
-  # set xserver videodrivers if used
+  # set xserver videodrivers for amp gpu
   services.xserver.videoDrivers = [ "amdgpu" ];
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

nixos/profiles/role-worstation.nix

@@ -18,8 +18,13 @@ with lib;
     min-free = lib.mkDefault (128 * 1000 * 1000);
   };
 
+  # set xserver videodrivers if used
+  services.xserver.enable = true;
 
-
+  # Laptop so ill likely use wireles
+  # very likely to be set by GUI packages but lets
+  # be declarative.
+  networking.networkmanager.enable = true;
 
 
 }