From 8477ea4533dcd48f65fd4faa016d42781e1153fb Mon Sep 17 00:00:00 2001
From: Andrew Kvalheim <Andrew@Kvalhe.im>
Date: Mon, 24 Oct 2022 16:26:00 -0700
Subject: [PATCH] Extract components from NixOS configuration

---
 common/components/backup.nix   |  18 +++++
 common/components/keyboard.nix |  27 +++++++
 common/components/locale.nix   |  24 +++++++
 common/components/mail.nix     |  21 ++++++
 common/components/printer.nix  |  17 +++++
 common/components/scanner.nix  |  11 +++
 common/nixos.nix               | 128 ++++++---------------------------
 7 files changed, 140 insertions(+), 106 deletions(-)
 create mode 100644 common/components/backup.nix
 create mode 100644 common/components/keyboard.nix
 create mode 100644 common/components/locale.nix
 create mode 100644 common/components/mail.nix
 create mode 100644 common/components/printer.nix
 create mode 100644 common/components/scanner.nix

diff --git a/common/components/backup.nix b/common/components/backup.nix
new file mode 100644
index 0000000..b812dde
--- /dev/null
+++ b/common/components/backup.nix
@@ -0,0 +1,18 @@
+{ config, pkgs, ... }:
+
+{
+  systemd.services.mirror = {
+    description = "Mirror to closet";
+    serviceConfig.Type = "oneshot";
+    serviceConfig.Nice = 10;
+    onFailure = [ "alert@%n.service" ];
+    path = with pkgs; [ netcat openssh rsync ];
+    script = builtins.readFile (config.host.local + "/resources/mirror.sh");
+  };
+
+  systemd.timers.mirror = {
+    timerConfig.OnCalendar = "00,12,17:00 America/Los_Angeles";
+    timerConfig.Persistent = true;
+    wantedBy = [ "timers.target" ];
+  };
+}
diff --git a/common/components/keyboard.nix b/common/components/keyboard.nix
new file mode 100644
index 0000000..d605b39
--- /dev/null
+++ b/common/components/keyboard.nix
@@ -0,0 +1,27 @@
+{ config, ... }:
+
+{
+  imports = [
+    ../../packages/kmonad.nix
+    ../../packages/ydotoold.nix
+  ];
+
+  console.useXkbConfig = true;
+  services.xserver.layout = "halmakish";
+  services.xserver.extraLayouts.halmakish = {
+    description = "Halmakish";
+    languages = [ "eng" ];
+    symbolsFile = ../resources/halmakish.xkb;
+  };
+
+  services.kmonad = {
+    enable = true;
+    keyboards.default = {
+      config = builtins.readFile (config.host.resources + "/halmakish.kbd");
+      fallthrough = true;
+      allowCommands = false;
+    };
+  };
+
+  services.ydotoold.enable = true;
+}
diff --git a/common/components/locale.nix b/common/components/locale.nix
new file mode 100644
index 0000000..07b60f2
--- /dev/null
+++ b/common/components/locale.nix
@@ -0,0 +1,24 @@
+{ config, lib, pkgs, ... }:
+
+let
+  # Duplicated from <nixpkgs/nixos/modules/config/i18n.nix>
+  glibcLocalesDefault = pkgs.glibcLocales.override {
+    allLocales = lib.any (x: x == "all") config.i18n.supportedLocales;
+    locales = config.i18n.supportedLocales;
+  };
+
+  glibcLocales = glibcLocalesDefault.overrideAttrs (glibcLocales: {
+    patchPhase = glibcLocales.patchPhase or "" + ''
+      cp --verbose '${../resources}/en_US@aspirational' 'localedata/locales/'
+      echo 'en_US.UTF-8@aspirational/UTF-8 \' >> 'localedata/SUPPORTED'
+    '';
+  });
+in
+{
+  i18n = {
+    inherit glibcLocales;
+    supportedLocales = [ "en_US.UTF-8/UTF-8" "en_US.UTF-8@aspirational/UTF-8" ];
+
+    extraLocaleSettings.LANG = "en_US.UTF-8@aspirational";
+  };
+}
diff --git a/common/components/mail.nix b/common/components/mail.nix
new file mode 100644
index 0000000..1d3980c
--- /dev/null
+++ b/common/components/mail.nix
@@ -0,0 +1,21 @@
+{ config, ... }:
+
+{
+  services.postfix = {
+    enable = true;
+    destination = [ ]; # Disable local delivery
+
+    mapFiles.smtp_sasl_password_maps = config.host.local + "/resources/smtp-sasl-password-maps";
+
+    origin = "andrew.kvalhe.im";
+    config = {
+      relayhost = "[email-smtp.us-west-2.amazonaws.com]:587";
+      smtp_use_tls = "yes";
+      smtp_tls_security_level = "encrypt";
+      smtp_tls_note_starttls_offer = "yes";
+      smtp_sasl_auth_enable = "yes";
+      smtp_sasl_security_options = "noanonymous";
+      smtp_sasl_password_maps = "hash:/var/lib/postfix/conf/smtp_sasl_password_maps";
+    };
+  };
+}
diff --git a/common/components/printer.nix b/common/components/printer.nix
new file mode 100644
index 0000000..637c6c7
--- /dev/null
+++ b/common/components/printer.nix
@@ -0,0 +1,17 @@
+{ pkgs, ... }:
+
+{
+  allowedUnfree = [ "brgenml1lpr" ];
+
+  services.printing = { enable = true; drivers = with pkgs; [ brgenml1cupswrapper ]; };
+
+  hardware.printers = {
+    ensureDefaultPrinter = "DCP-7065DN";
+    ensurePrinters = [{
+      name = "DCP-7065DN";
+      description = "Brother DCP-7065DN";
+      model = "brother-BrGenML1-cups-en.ppd";
+      deviceUri = "lpd://lumberjack/binary_p1";
+    }];
+  };
+}
diff --git a/common/components/scanner.nix b/common/components/scanner.nix
new file mode 100644
index 0000000..7414b52
--- /dev/null
+++ b/common/components/scanner.nix
@@ -0,0 +1,11 @@
+{
+  imports = [ <nixpkgs/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix> ];
+
+  allowedUnfree = [ "brother-udev-rule-type1" "brscan4" "brscan4-etc-files" ];
+
+  hardware.sane = { enable = true; brscan4.enable = true; };
+
+  hardware.sane.brscan4.netDevices = {
+    DCP-7065DN = { model = "DCP-7065DN"; nodename = "lumberjack"; };
+  };
+}
diff --git a/common/nixos.nix b/common/nixos.nix
index 26ce215..903bdb8 100644
--- a/common/nixos.nix
+++ b/common/nixos.nix
@@ -6,18 +6,15 @@ let
 
   # Resources
   palette = import ./resources/palette.nix;
-
-  # Duplicated from <nixpkgs/nixos/modules/config/i18n.nix>
-  glibcLocalesDefault = pkgs.glibcLocales.override {
-    allLocales = lib.any (x: x == "all") config.i18n.supportedLocales;
-    locales = config.i18n.supportedLocales;
-  };
 in
 {
   imports = [
-    <nixpkgs/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix>
-    ../packages/kmonad.nix
-    ../packages/ydotoold.nix
+    ./components/backup.nix
+    ./components/keyboard.nix
+    ./components/locale.nix
+    ./components/mail.nix
+    ./components/printer.nix
+    ./components/scanner.nix
   ];
 
   # Pending NixOS/nixpkgs#55674
@@ -47,15 +44,8 @@ in
         ${pkgs.nvd}/bin/nvd diff '/run/current-system' "$systemConfig"
     '';
 
-
-    # Unfree packages
-    allowedUnfree = [
-      "brgenml1lpr" # brgenml1cupswrapper
-      "brother-udev-rule-type1" "brscan4" "brscan4-etc-files" # hardware.sane.brscan4
-      "memtest86-efi" # boot.loader.systemd-boot.memtest86
-    ];
-
     # Boot
+    allowedUnfree = [ "memtest86-efi" ];
     boot.loader.systemd-boot.enable = true;
     boot.loader.systemd-boot.memtest86.enable = true;
     boot.loader.efi.canTouchEfiVariables = true;
@@ -79,18 +69,8 @@ in
     services.btrfs.autoScrub.enable = true;
     boot.cleanTmpDir = true;
 
-    # Time and locale
+    # Time
     time.timeZone = "America/Los_Angeles";
-    i18n = {
-      supportedLocales = [ "en_US.UTF-8/UTF-8" "en_US.UTF-8@aspirational/UTF-8" ];
-      glibcLocales = glibcLocalesDefault.overrideAttrs (glibcLocales: {
-        patchPhase = glibcLocales.patchPhase or "" + ''
-          cp --verbose '${./resources}/en_US@aspirational' 'localedata/locales/'
-          echo 'en_US.UTF-8@aspirational/UTF-8 \' >> 'localedata/SUPPORTED'
-        '';
-      });
-      extraLocaleSettings.LANG = "en_US.UTF-8@aspirational";
-    };
 
     # Networking
     networking.hostName = host.name;
@@ -108,24 +88,6 @@ in
       gray red green yellow blue orange purple white
     ]);
 
-    # Keyboard
-    services.xserver.extraLayouts.halmakish = {
-      description = "Halmakish";
-      languages = [ "eng" ];
-      symbolsFile = ./resources/halmakish.xkb;
-    };
-    services.xserver.layout = "halmakish";
-    console.useXkbConfig = true;
-    services.kmonad = {
-      enable = true;
-      keyboards.default = {
-        config = builtins.readFile (host.resources + "/halmakish.kbd");
-        fallthrough = true;
-        allowCommands = false;
-      };
-    };
-    services.ydotoold.enable = true;
-
     # Power
     systemd.ctrlAltDelUnit = "poweroff.target";
     services.irqbalance.enable = true;
@@ -156,28 +118,13 @@ in
     # SSH
     services.openssh = { enable = true; passwordAuthentication = false; };
 
-    # Mail
-    services.postfix = {
-      enable = true;
-      config = {
-        relayhost = "[email-smtp.us-west-2.amazonaws.com]:587";
-        smtp_use_tls = "yes";
-        smtp_tls_security_level = "encrypt";
-        smtp_tls_note_starttls_offer = "yes";
-        smtp_sasl_auth_enable = "yes";
-        smtp_sasl_security_options = "noanonymous";
-        smtp_sasl_password_maps = "hash:/var/lib/postfix/conf/smtp_sasl_password_maps";
-      };
-      origin = "andrew.kvalhe.im";
-      destination = [ ]; # Disable local delivery
-      mapFiles.smtp_sasl_password_maps = host.local + "/resources/smtp-sasl-password-maps";
-    };
+    # Service monitoring
     systemd.services."alert@" = {
       description = "Alert of failed %I";
       serviceConfig.SyslogIdentifier = "%p";
       serviceConfig.Type = "oneshot";
-      serviceConfig.ExecStart = ''
-        ${pkgs.bash}/bin/bash -c "${pkgs.system-sendmail}/bin/sendmail -i root \
+      serviceConfig.ExecStart = with pkgs; ''
+        ${bash}/bin/bash -c "${system-sendmail}/bin/sendmail -i root \
         <<< $'Subject: %I failed\n\n'\"$(systemctl --full status %I)\""
       '';
     };
@@ -202,25 +149,17 @@ in
       pulse.enable = true;
     };
 
-    # Printer
-    services.printing.enable = true;
-    services.printing.drivers = with pkgs; [ brgenml1cupswrapper ];
-    hardware.printers = {
-      ensureDefaultPrinter = "DCP-7065DN";
-      ensurePrinters = [{
-        name = "DCP-7065DN";
-        description = "Brother DCP-7065DN";
-        model = "brother-BrGenML1-cups-en.ppd";
-        deviceUri = "lpd://lumberjack/binary_p1";
-      }];
+    # Virtualization
+    virtualisation = {
+      containers.registries.search = [ "docker.io" ];
+      docker = { enable = true; enableOnBoot = false; autoPrune.enable = true; };
+      podman.enable = true;
+      libvirtd.enable = true;
     };
 
-    # Scanner
-    hardware.sane.enable = true;
-    hardware.sane.brscan4 = {
-      enable = true;
-      netDevices.DCP-7065DN = { model = "DCP-7065DN"; nodename = "lumberjack"; };
-    };
+    # OpenPGP
+    services.pcscd.enable = true;
+    programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
 
     # Graphical environment
     services.xserver.enable = true;
@@ -228,6 +167,8 @@ in
     services.xserver.desktopManager.gnome.enable = true;
 
     # Applications
+    environment.localBinInPath = true;
+    environment.sessionVariables.NIXOS_OZONE_WL = "1";
     environment.gnome.excludePackages = with pkgs; [
       gnome.epiphany
       gnome.geary
@@ -237,17 +178,7 @@ in
       gnome.gnome-weather
       gnome-photos
     ];
-    services.pcscd.enable = true;
-    programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
-    virtualisation = {
-      containers.registries.search = [ "docker.io" ];
-      docker = { enable = true; enableOnBoot = false; autoPrune.enable = true; };
-      podman.enable = true;
-      libvirtd.enable = true;
-    };
     programs.zsh.enable = true;
-    environment.localBinInPath = true;
-    environment.sessionVariables.NIXOS_OZONE_WL = "1";
 
     # Users
     users.mutableUsers = false;
@@ -271,20 +202,5 @@ in
       shell = pkgs.zsh;
       openssh.authorizedKeys.keys = [ (builtins.readFile ./resources/andrew.pub) ];
     };
-
-    # Backup
-    systemd.services.mirror = {
-      description = "Mirror to closet";
-      serviceConfig.Type = "oneshot";
-      serviceConfig.Nice = 10;
-      onFailure = [ "alert@%n.service" ];
-      path = with pkgs; [ netcat openssh rsync ];
-      script = builtins.readFile (host.local + "/resources/mirror.sh");
-    };
-    systemd.timers.mirror = {
-      timerConfig.OnCalendar = "00,12,17:00 America/Los_Angeles";
-      timerConfig.Persistent = true;
-      wantedBy = [ "timers.target" ];
-    };
   };
 }